News & Analysis as of

European Union General Data Protection Regulation (GDPR) Data Protection

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of... more +
The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -
American Conference Institute (ACI)

How Can Companies Tackle Europe’s AI and Data Protection Rules?

Life science companies will have to grapple with unique questions in complying with the European Artificial Intelligence Act, including the scope of the law’s research exemption and the use of AI in personalized medicine and...more

A&O Shearman

Zooming in on AI – #10: EU AI Act – What are the obligations for “high-risk AI systems”?

A&O Shearman on

Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more

EDRM - Electronic Discovery Reference Model

Implications of the €310 Million LinkedIn Fine for GDPR Compliance

ComplexDiscovery’s Editor’s Note: This recent €310 million fine imposed on LinkedIn by Ireland’s Data Protection Commission (DPC) marks a powerful moment in GDPR enforcement, underlining the regulatory rigor facing global...more

Morgan Lewis

EU High Court Allows GDPR Claims in Business Litigation, Expands Scope of ‘Health Data’ Impacting Life Sciences and Consumer...

Morgan Lewis on

The Court of Justice of the European Union (CJEU), the EU’s highest court, recently announced its significant Lindenapotheke decision, permitting companies to use the General Data Protection Regulation in business-to-business...more

A&O Shearman

The European Data Protection Board publishes draft Guidelines on legitimate interest under GDPR for consultation

A&O Shearman on

On 9 October 2024, the European Data Protection Board (EDPB) published its draft Guidelines on the processing of personal data based on legitimate interest for public consultation. The draft Guidelines, adopted on 8 October...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on international data transfers

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more

A&O Shearman

Zooming in on AI - #7: AI under financial regulations in the U.S., EU and U.K. - a comparative assessment of the current state of...

A&O Shearman on

This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more

A&O Shearman

Zooming in on AI - #5: AI under financial regulations in the U.S., EU and U.K. – a comparative assessment of the current state of...

A&O Shearman on

Rapid and accelerating developments in artificial intelligence have prompted governments around the world to consider how AI should be regulated and used responsibly by businesses, without stifling innovation. This is...more

Hogan Lovells

New rigorous but practical EDPB guidelines on "legitimate interest" open for consultation

Hogan Lovells on

On 8 October 2024, the European Data Protection Board (“EDPB”) issued draft Guidelines 1/2024 concerning the processing of personal data based on legitimate interests under Article 6(1)(f) of the GDPR (“Guidance”), which...more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

Alston & Bird

EDPB Adopts Opinion on the Use of Processors and Sub-processors

Alston & Bird on

On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised...more

Akin Gump Strauss Hauer & Feld LLP

Cybersecurity & Data Privacy Issues in Fund Finance

During the course of any lending transaction, lenders will conduct a due diligence review of the borrower, including reviewing any relevant “know-your-customer” information. In the context of a fund finance transaction, this...more

A&O Shearman

CJEU Commercial interests of controller can serve as a legitimate interest

A&O Shearman on

The CJEU considered: (a) whether a legitimate interest of the controller or third party must be determined by law, and (b) whether provision of personal data of the members of a sports federation to third parties in return...more

Fisher Phillips

Netherlands Imposes Record-Breaking Data Privacy Fine on Uber: 4 Key Steps Companies Can Take to Ensure Compliance

Fisher Phillips on

Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more

Wilson Sonsini Goodrich & Rosati

Cybersecurity: A Critical Element in Your 2025 Business Forecast

As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation,...more

DLA Piper

Data Act Frequently Asked Questions Answered by the EU Commission

DLA Piper on

The EU Data Act is one of the cornerstones of the EU's Data Strategy and introduces a new and horizontal set of rules on data access and use to boost the EU's data economy. Most of the provisions of the Data Act will become...more

Epiq

The Sedona Conference Commentary on Proportionality in Cross-Border Discovery: A Brief Overview | Epiq

Epiq on

The Sedona Conference (TSC) and its Working Group 6 on International Electronic Information Management, Discovery, and Disclosure recently published their Commentary on Proportionality in Cross-Border Discovery (Commentary)...more

Mayer Brown

Personal Data Sharing: What Information About Recipients Do We Need to Provide to Individuals Under the GDPR?

Mayer Brown on

Sharing personal data is necessary for most organisations, but it also entails certain data protection risks. Controllers who share personal data with others must, among other obligations, ensure that they comply with the...more

WilmerHale

WilmerHale’s Guide to the EU Data Act - September 2024

WilmerHale on

Exactly one year from now, on September 12, 2025, the EU Data Act will enter into application. This new regulation provides harmonized rules on data access, switching cloud providers, and interoperability requirements across...more

Latham & Watkins LLP

UK US Data Bridge Practical Tips for Implementation and Compliance

Latham & Watkins LLP on

Latham & Watkins and Privacy Laws & Business recently co-hosted a webinar looking back on the first eight months since the UK-US Data Bridge entered into force. Speakers from the UK Information Commissioner’s Office (ICO) and...more

DLA Piper

Europe/Germany: Right to Bring Collective Action for Violations of Information Obligations Under GDPR

DLA Piper on

Summary - In its judgement of 11 July 2024 (C-757/22), the European Court of Justice (‘ECJ’) ruled that the violation of a controller’s information obligations under Art. 12 and 13 GDPR, can be subject to a representative...more

Fox Rothschild LLP

Uber’s 290 Million Euro Fine: What You Need to Know

Fox Rothschild LLP on

What can U.S.-based and multi-national companies learn from the 290 million euro fine Autoriteit Persoonsgegevens, the Dutch Data Protection Authority, issued against Uber in connection with the processing of Dutch driver...more

Ius Laboris

Massive fine for Uber of EUR 290 million

Ius Laboris on

On 26 August the Dutch Data Protection Authority (DPA) fined Uber EUR 290 million for a breach of the General Data Protection Regulation (GDPR). Following a number of complaints from French Uber drivers, the DPA found that...more

DLA Piper

Ireland: Increased Regulatory Convergence of AI and Data Protection: X Suspends Training of AI Chatbot With EU User Data After...

DLA Piper on

The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension...more

A&O Shearman

European Commission publishes second report on application of GDPR

A&O Shearman on

On 25 July 2024, the EU Commission published its second report on the application of the GDPR (the ‘Second Report’), following its first report published in 2020....more

1,390 Results
 / 
View per page
Page: of 56

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide