On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more
5/12/2025
/ CNIL ,
Consent ,
Cookies ,
Data Collection ,
Data Privacy ,
Data Protection ,
France ,
Mobile Apps ,
New Regulations ,
Privacy Laws ,
Regulatory Requirements ,
Technology Sector ,
Tracking Systems
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
4/1/2025
/ AI Act ,
Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Enforcement ,
EU ,
European Commission ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector
The integration of AI in the workplace is revolutionising HR. From recruitment to performance analysis, AI use cases can streamline HR processes and enhance productivity. However, the deployment of AI by employers also brings...more
3/18/2025
/ AI Act ,
Artificial Intelligence ,
Bias ,
Employees ,
Employer Liability Issues ,
Employment Policies ,
EU ,
Human Resources Professionals ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
UK
What are we really talking about and what are the legal implications under the EU AI Act?
The rapid evolution of artificial intelligence (AI) has led to significant opportunities and challenges, especially in the realm of...more
On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA).
A TIA must be undertaken by organisations relying on one of the ‘appropriate...more
2/17/2025
/ CNIL ,
Data Privacy ,
Data Protection ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management
Companies deploying high-risk artificial intelligence (AI) systems must prepare to conduct Fundamental Rights Impact Assessment (FRIA) by 2 August 2026. In this edition of our “Zooming in on AI” series we explain what this...more
When the AI Act was first proposed by the European Commission in 2021, the concept of “general purpose AI” was nowhere to be found. These rules were introduced during the legislative process to align the AI Act to the...more
The EU Artificial Intelligence Act (“AI Act”) exemplifies a highly advanced risk-based approach to European regulation. One of its distinguishing features is the detailed classification of various risk levels associated with...more
11/12/2024
/ Artificial Intelligence ,
Digital Services ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
Transparency
AI-driven technology has emerged as a cornerstone of our present and future daily lives, revolutionising the way transactions and interactions are organised.
With the increased use of AI systems, there is also an...more
10/22/2024
/ Artificial Intelligence ,
Corporate Governance ,
Data Protection ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Stakeholder Engagement ,
Technology Sector
This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more
10/21/2024
/ Artificial Intelligence ,
Consumer Protection Laws ,
Data Protection ,
Enforcement Actions ,
EU ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Legislative Agendas ,
Liability ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
UK ,
United States
Rapid and accelerating developments in artificial intelligence have prompted governments around the world to consider how AI should be regulated and used responsibly by businesses, without stifling innovation.
This is...more
10/17/2024
/ Artificial Intelligence ,
Capital Markets ,
Data Protection ,
EU ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Intellectual Property Protection ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Technology Sector ,
UK ,
White Collar Crimes
Many governments are grappling with the question of how to regulate artificial intelligence to ensure it is adopted safely and used responsibly without hampering innovation. Governments have generally indicated similar...more
10/8/2024
/ Artificial Intelligence ,
Bank of England ,
Bergdorf Goodman ,
Data Collection ,
Data Processors ,
Data Selling ,
Documentation ,
EU ,
European Banking Authority (EBA) ,
European Securities and Markets Authority (ESMA) ,
Financial Conduct Authority (FCA) ,
Financial Industry Regulatory Authority (FINRA) ,
Financial Institutions ,
Financial Services Industry ,
Information Governance ,
Machine Learning ,
MiFID II ,
Personal Data ,
Popular ,
Privacy Laws ,
Prudential Regulation Authority (PRA) ,
Regulatory Agenda ,
Regulatory Standards ,
Risk Management ,
Third-Party ,
Training ,
Transparency ,
UK
One of the key aspects of the EU AI Act (“AI Act”)[1] is linked to the qualification of providers and deployers and the nuances which help distinguish between the two categories of stakeholders. What would this mean in...more
The Artificial Intelligence Act (AI Act) entered into force on 1 August 2024 and is the world's first comprehensive legal framework for AI regulation. As companies start incorporating AI tools into their business, products...more
EU Regulation 2024/1689, also known as the Artificial Intelligence Act (AI Act), enters into force as of 1 August 2024. But when will it become applicable?
The AI Act sets out a harmonized legal framework for the...more
8/5/2024
/ Artificial Intelligence ,
Compliance ,
Corporate Governance ,
Data Protection ,
EU ,
Innovative Technology ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
With Parliamentary elections and a series of national votes in 2024, the EU is entering a pivotal period in its history. In this study, ‘Global business in a changing Europe’, we speak to corporate leaders across the world to...more
3/22/2024
/ Acquisitions ,
Artificial Intelligence ,
Asset Management ,
Capital Markets ,
Competition ,
Corporate Governance ,
Energy Sector ,
Environmental Social & Governance (ESG) ,
EU ,
European Commission ,
Global Market ,
Greenhouse Gas Emissions ,
Investment ,
Investment Management ,
Investors ,
Merger Controls ,
Mergers ,
Net Zero ,
Regulatory Agenda ,
Risk Management ,
Sustainability
The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more
9/15/2023
/ CNIL ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
France ,
General Data Protection Regulation (GDPR) ,
Risk Management
On 10 July 2023, the European Commission adopted the adequacy decision for the EU-U.S. Data Privacy Framework (DPF). This decision enables the free flow of personal data from the EU and three EEA countries (Iceland,...more
Paying a cyber ransom will, allegedly, secure your data and give you back control of your systems. But there are legal, operational and ethical risks to consider....more
In the five years since the European Union’s General Data Protection Regulation came into force, what have been the main learnings for business, and what will the future hold?...more
Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more
4/25/2023
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
NIST ,
Popular ,
UK
On 25 January 2023, France’s Orientation and Programming Law of the Ministry of the Interior (LOPMI) was published in the Official Journal. LOPMI amends various legislative acts, including the French Insurance Code....more
On 10 February 2022, the French supervisory data protection authority (CNIL) announced that it issued a formal notice to a website operator to bring its data processing in relation to audience measurement and analysis in...more
What’s behind the new “European Green Digital Coalition”? -
On 19 March 2021, two initiatives emerged as part of the Digital Day hosted by the EU Commission. The online event saw commitments made by European States in a...more
On 12 March 2021, the Conseil d’Etat, the highest administrative court of France, issued a decision that might have significant impact on personal data transfers to third countries in the aftermath of the Schrems II decision...more