This blog post focuses on how the EU’s Artificial Intelligence Act (“AI Act”) regulates generative AI, which the AI Act refers to as General-Purpose AI (“GPAI”) Models....more
10/3/2024
/ Artificial Intelligence ,
Compliance ,
EU ,
European Commission ,
Innovative Technology ,
Intellectual Property Protection ,
Machine Learning ,
Risk-Based Approaches ,
Software Developers ,
Technology Sector ,
Third-Party Service Provider
In this blog post, we will focus on the identification of “high-risk AI systems” under the Artificial Intelligence Act (“AI Act”) and the requirements applying to such systems. As explained in our previous blog posts, the AI...more
The EU Artificial Intelligence (AI) Act was published in the Official Journal of the European Union on July 12, 2024, as “Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down...more
This blog post focuses on Artificial Intelligence (AI) practices prohibited under the EU AI Act. Article 5 of the AI Act essentially prohibits AI practices that materially distort peoples’ behavior or that raise serious...more
On March 13, 2024, the European Parliament adopted the Artificial Intelligence Act (AI Act). It is considered to be the world’s first comprehensive horizontal legal framework for AI. It provides for EU-wide rules on data...more
3/15/2024
/ Artificial Intelligence ,
EU ,
European Commission ,
European Parliament ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Member State ,
New Legislation ,
OECD ,
Risk Assessment ,
Technology Sector
On December 8, representatives from the European Commission, the European Parliament, and the Council of the European Union (EU) reached political agreement on the shape and contents of the EU’s AI Act (the “Act”), setting...more
On November 9, 2023, the European Parliament adopted the EU Data Act, a new regulation providing harmonized rules on access to data, switching cloud providers and interoperability requirements across the EU. It is widely...more
11/16/2023
/ Cloud Service Providers (CSPs) ,
Connected Entities ,
Corporate Counsel ,
Data-Sharing ,
Digital Single Market ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Parliament ,
General Data Protection Regulation (GDPR) ,
Member State ,
New Legislation ,
Personal Data ,
Transparency
On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the successor to the EU-U.S. Privacy Shield, which the Court of Justice of the European Union...more
7/19/2023
/ Certification Requirements ,
Compliance ,
Compliance Monitoring ,
Department of Transportation (DOT) ,
EU ,
European Commission ,
Federal Trade Commission (FTC) ,
Framework Agreement ,
International Data Transfers ,
Privacy Framework ,
UK
On July 10, 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (“Adequacy Decision”). This ends a three-year journey to set up a successor to the EU-U.S. Privacy...more
7/12/2023
/ Adequacy Requirement ,
Court of Justice of the European Union (CJEU) ,
Department of Justice (DOJ) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Executive Orders ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Member State ,
Norway ,
Personal Data ,
U.S. Commerce Department
On June 14, 2023, the European Parliament adopted its negotiating position regarding the proposal of the European Commission for a regulation laying down harmonized rules on artificial intelligence. This is the most recent...more
6/16/2023
/ Artificial Intelligence ,
Contract Negotiations ,
Distributors ,
EU ,
European Commission ,
European Parliament ,
Importers ,
International Harmonization ,
Machine Learning ,
Proposed Legislation ,
Risk Assessment ,
Risk-Based Approaches
On December 13, 2022, the European Commission initiated the process to adopt an adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). The draft adequacy decision follows President Biden’s October Executive...more
On May 3, 2022, the European Commission published a proposal for a Regulation on the European Health Data Space (EHDS) (“EHDS Regulation”, or “Proposal”). With the Proposal, the European Commission aims to make significant...more
5/26/2022
/ Digital Health ,
Electronic Health Record Incentives ,
Electronic Protected Health Information (ePHI) ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Life Sciences ,
Member State ,
Patient Privacy Rights ,
Popular ,
Proposed Regulation
On March 25, 2022, US President Joe Biden and European Commission President Ursula von der Leyen made the long-awaited announcement that the United States and the European Union have agreed, in principle, to the...more
On June 4th, 2021, the European Commission adopted and published a new set of so-called standard contractual clauses (“SCCs”) providing a legal basis for international transfers of personal data from the EU/EEA to third...more
6/7/2021
/ EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
On February 19, 2020, the European Commission (“EC”) published a series of documents outlining its vision for Europe’s digital future. Amongst these, the EC’s White Paper on Artificial Intelligence: A European approach to...more
On January 23, 2018, the European Commission (“EC”) adopted its adequacy decision on Japan. Japan issued an equivalent decision regarding data transfers from Japan to the European Union on the same day. This means that...more
On January 10, 2017, the European Commission presented its proposal for a Regulation on Privacy and Electronic Communications (the “Proposed Regulation”). The Proposed Regulation would repeal and replace Directive 2002/58/EC...more
The European Commission formally adopted the EU-US Privacy Shield on July 12, 2016, ending months of legal uncertainty with a new framework for governing transatlantic data transfers after the Privacy Safe Harbor framework...more
7/13/2016
/ Data Protection Authority ,
Data Retention ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Privacy Policy ,
Self-Certification ,
Surveillance ,
Third-Party ,
U.S. Commerce Department
On Monday, February 29th, the European Commission and U.S. Department of Commerce released a collection of documents summarizing actions taken on both sides of the Atlantic to implement the new Privacy Shield framework. This...more
3/2/2016
/ Article 29 Working Group ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Self-Certification ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
In a landmark judgment in Schrems v Data Protection Commissioner (C-362/14) (October 6, 2015) (“Safe Harbor judgment”), the European Court of Justice (“ECJ”) found the Safe Harbor Decision of the European Commission...more