The UK government has recently announced that it plans to introduce a Cyber Security and Resilience Bill (Bill). The Bill seeks to update the 2018 Network and Information Security Regulations, which implemented the European...more
10/18/2024
/ Cybersecurity ,
EU ,
Financial Institutions ,
Financial Services Industry ,
Legislative Agendas ,
Life Sciences ,
New Legislation ,
New Regulations ,
Pharmaceutical Industry ,
Privacy Laws ,
Regulatory Agenda ,
UK
A week before the EU’s AI Act comes into force on August 1, the White House announced that U.S. agencies have completed all actions required by President Biden’s AI Executive Order to date. Meanwhile, the Republican Party...more
In May of this year, the UK Government passed the Digital Markets, Competition and Consumers Act (DMCC) into law. The DMCC is wide-ranging and covers three key areas: consumer law, digital markets, and merger and antitrust...more
7/24/2024
/ Antitrust Division ,
Consumer Protection Laws ,
Corporate Counsel ,
Digital Markets Strategy ,
Enforcement ,
EU ,
Fake Reviews ,
Mergers ,
Prepayments ,
Privacy Laws ,
Subscription Services ,
UK ,
UK Competition and Markets Authority (CMA)
The European Union Artificial Intelligence Act (the AI Act) was published on 12 July 2024 in the European Union Official Journal and will enter into force on August 1, 2024. The AI Act is one of the most keenly anticipated...more
The United Nations unanimously adopts a landmark resolution mapping a path for international cooperation on AI, and the Financial Stability Oversight Council announces a two-day conference exploring the benefits and risks of...more
The long-awaited proposed AI Act, once enacted, will be a comprehensive cross-sectoral regulatory framework for artificial intelligence (AI). Its aim is to regulate the development and use of AI by providing a framework of...more
While the focus of attention in the world of AI has been the EU AI Act: EU AI Act Agreed – Discerning Data in recent weeks, there have also been some other noteworthy legislative developments. On 22 November 2023, the...more
12/18/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Management ,
EU ,
Intellectual Property Protection ,
New Legislation ,
New Regulations ,
Regulatory Agenda ,
Regulatory Requirements ,
Technology Sector ,
UK
Late on Friday (December 8th), the European Union Commission, Parliament and Council concluded its “trilogue” negotiations for the EU Artificial Intelligence Act. The summary below is based on the information available to...more
Day 1: The Bletchley Declaration -
On the first day of the summit, 28 countries and the EU signed the Bletchley Declaration (“Declaration”). The Declaration establishes an internationally shared understanding of the risks...more
11/10/2023
/ Artificial Intelligence ,
China ,
EU ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Safety Standards ,
Technology Sector ,
Testing Requirements ,
UK ,
United Nations ,
United States
On 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (the DPF). With immediate effect, the adequacy decision provides a new lawful basis for transfers from...more
7/14/2023
/ Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
SCC ,
Standard Contractual Clauses ,
US-EU Safe Harbor Framework
On 22 May 2023, the Irish Data Protection Commission (DPC) issued Meta Platforms Ireland Limited (Meta Ireland) with a EUR 1.2 billion (approximately 1.3 billion U.S. dollar) fine for breaches of the GDPR with respect to...more
On 29 March 2023, the UK Government published its latest proposals on regulating Artificial Intelligence (“AI”). The White Paper follows on from an initial policy paper published in July 2022 (the “2022 Policy Paper”), which...more
The UK government recently introduced a new Data Protection and Digital Information (No. 2) Bill (the “New Bill”). The reforms are intended to update and simplify the UK’s data protection framework and reduce burdens on...more
4/3/2023
/ Artificial Intelligence ,
Cookies ,
Data Controller ,
Data Privacy ,
Data Protection ,
International Data Transfers ,
Marketing ,
New Legislation ,
Recordkeeping Requirements ,
Regulatory Requirements ,
UK ,
Web Tracking
In a recent judgment, the Court of Justice of the European Union (the CJEU) has confirmed that Data Protection Officers (DPOs) can maintain other tasks and duties within their role, provided they do not result in a conflict...more
Meta Ireland (Meta) has recently been issued with two fines by the Irish Data Protection Commission (DPC) for breaches of the EU General Data Protection Regulation (GDPR) relating to advertisements run on its Facebook and...more
1/18/2023
/ Advertising ,
Corporate Counsel ,
Cybersecurity ,
Data Controller ,
Data Protection ,
Data Protection Commissioner ,
EU ,
European Data Protection Board (EDPB) ,
Facebook ,
Fines ,
General Data Protection Regulation (GDPR) ,
Instagram ,
Metaverse ,
Privacy Laws
In October 2022, the U.K. Medicines and Health products Regulatory Agency (MHRA) published its Guidance, Software and AI as a Medical Device Change Programme – Roadmap, setting out how it will regulate software and AI medical...more
On July 18, 2022, the U.K. Government published a paper on its proposals for AI regulation “Establishing a pro-innovation approach to regulating AI” (the AI Paper). This was published alongside the Government’s AI Action...more
The UK government has recently published proposals to amend UK data protection legislation with moves towards divergence from EU rules and regulation following the UK’s decision to leave the EU (“Brexit”). The Data Protection...more
8/4/2022
/ Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Proposed Legislation ,
Suspicious Activity Reports (SARs) ,
UK ,
UK Brexit ,
UK Data Protection Act ,
UK GDPR
In early June 2021, the European Commission adopted a new set of Standard Contractual Clauses for organizations to use to ensure compliance with the EU General Data Protection Regulation (GDPR) requirements for transfers of...more
On 30 October 2020, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO) issued a final penalty notice (Penalty Notice) to fine the hotel chain Marriott International, Inc. (Marriott) for a GDPR data...more
11/10/2020
/ Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marriott ,
Popular ,
UK
At £20 million, the fine imposed on British Airways (BA) for its infringement of the General Data Protection Regulation is the biggest fine of its kind in the history of the U.K.’s Information Commissioner’s Office (ICO)....more
The European Data Protection Board (EDPB) recently launched a consultation into new guidelines on the roles of data controllers, joint controllers and processors under the EU General Data Protection Regulation (GDPR).
The...more
The U.K. government recently launched a consultation process for regulating consumer Internet of Things (IOT) security. This could have significant implications for U.S. manufacturers, given that the U.K. will remain a key...more
Negotiations between the United Kingdom (U.K.) Government and the European Union (EU) on their post-Brexit relationship will continue into their fourth round on 1 June, following three negotiating rounds that have so far been...more
Between April 20 and 24, the European Union (EU) and the United Kingdom (U.K.) conducted the second round of negotiations on their future trading relationship. Due to the coronavirus pandemic, the EU's chief negotiator,...more