The UK prioritizes a flexible framework over comprehensive regulation and emphasizes sector-specific laws.
Laws/Regulations directly regulating AI (the “AI Regulations”) The UK government's AI Regulation White Paper of...more
7/29/2024
/ Artificial Intelligence ,
Enforcement Actions ,
EU ,
Financial Conduct Authority (FCA) ,
Innovative Technology ,
Machine Learning ,
National Security ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
UK
On 12 July 2024, the European Union's Artificial Intelligence Act, Regulation (EU) 2024/1689 ("EU AI Act") was published in the EU Official Journal, making it the first comprehensive horizontal legal framework for the...more
The OECD's AI recommendations encourage Member States to uphold principles of trustworthy AI.
Laws/Regulations directly regulating AI (the “AI Regulations”)
The OECD's Recommendation of the Council on Artificial...more
6/18/2024
/ Artificial Intelligence ,
Enforcement ,
EU ,
Machine Learning ,
New Legislation ,
OECD ,
Personal Data ,
Regulatory Agenda ,
Research and Development ,
Risk Assessment ,
Risk Management ,
Technology Sector ,
Transparency
The EU introduces the pioneering EU AI Act, aiming to become a global hub for human-centric, trustworthy AI.
Laws/Regulations directly regulating AI (the “AI Regulations”)
The primary legislative proposal for regulating...more
Artificial intelligence (AI) has made enormous strides in recent years and has increasingly moved into the public consciousness. Increases in computational power, coupled with advances in machine learning, have fueled the...more
On January 22, 2024, the pre-final text of the European Union's Artificial Intelligence Act ("EU AI Act") – the world's first comprehensive horizontal legal framework for the regulation of AI systems across the EU – leaked...more
On November 27, 2023, the European Union ("EU") adopted the final text of the Data Act, marking an effort to create a harmonized, cross-sectoral data sharing framework with the stated goal of ensuring fair access to and use...more
11/30/2023
/ B2B Organizations ,
Corporate Counsel ,
DATA Act ,
Data Protection ,
Digital Data ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Commission ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Personal Data ,
Small and Medium-Sized Enterprises (SMEs) ,
Technology Sector
The UK-US Data Bridge (the "Data Bridge") has now come into effect, potentially simplifying transfers of personal data from the UK to the US.
On 12 October 2023, the Data Bridge took effect. The Data Bridge allows UK...more
The United States ("U.S.") and the European Union ("EU") have settled on a framework for transfers of personal data for the first time since the European Court of Justice ("CJEU") effectively invalidate the EU-U.S. Privacy...more
8/2/2023
/ Court of Justice of the European Union (CJEU) ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
International Data Transfers ,
National Security ,
Personal Data ,
U.S. Commerce Department
The Court of Justice of the EU (CJEU)1 has held that the General Data Protection Regulation (GDPR) requires controllers to provide data subjects a "faithful reproduction" of their personal data, which takes into account the...more
The Court of Justice of the European Union (CJEU) ruled out automatic damages awards for civil litigants establishing infringements of the General Data Protection Regulation (GDPR). At the same time, the CJEU suggested that...more
The GDPR allows individuals to request information about the “recipients or categories of recipients” to whom their personal data has been disclosed. In a recent ruling, the EU’s Court of Justice said data subjects get to...more
The Advocate General of the Court of Justice of the EU has issued an Opinion stating that mere "upset" is not sufficient to give rise to a claim for compensation under Article 82 of the GDPR....more
On January 18, 2022, the European Data Protection Board (the "EDPB") issued the Guidelines 01/2022 on data subject rights - Right of access (the "Draft Guidelines"), laying out its interpretation of Article 15 GDPR on the...more
In recent weeks, there has been a series of important developments affecting cross-border data transfers. First, on 21 June 2021, the European Data Protection Board ("EDPB") published its final, much-anticipated...more
The European Commission recently published an updated version of the standard contractual clauses for the transfer of personal data to third countries ('SCCs'). Companies can use such SCCs to provide the appropriate...more
6/21/2021
/ Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
On 14 April 2021, the European Data Protection Board ("EDPB") announced that it had adopted two Opinions on the draft UK adequacy decisions issued by the European Commission on 19 February 2021. The EDPB’s take on the draft...more
4/16/2021
/ Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Standard Contractual Clauses ,
UK ,
UK Brexit
In a positive development for multinational businesses, the Brexit Trade and Cooperation Agreement provides a temporary solution to allow the continued transfer of personal data from the EEA to the UK without the need for...more
Enterprises around the world are rapidly incorporating artificial intelligence (AI) into existing and new products and processes. This effort is not just to improve such offerings and services, but to achieve a qualitatively...more
8/25/2020
/ Artificial Intelligence ,
Board of Directors ,
Compliance ,
Emerging Technologies ,
EU ,
European Commission ,
Innovative Technology ,
Japan ,
Machine Learning ,
METI ,
Popular ,
Regulatory Oversight ,
Robotics ,
White Papers
The Court of Justice of the EU has declared that the European Commission's adequacy decision in respect of the EU-U.S. Privacy Shield is invalid. The Court's ruling effectively removes a key mechanism that had been widely...more
7/19/2020
/ Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Standard Contractual Clauses
Following the outbreak of COVID-19 and its development into a global pandemic, organisations have been implementing exceptional measures to safeguard employees, customers and others against the health threat that is being...more
3/28/2020
/ Coronavirus/COVID-19 ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data Security ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Information ,
Personally Identifiable Information ,
Privacy Notice Rule ,
Public Health Emergency ,
Sick Employees ,
UK ,
UK Data Protection Act ,
Virus Testing
The White Paper on Artificial Intelligence (the "AI White Paper"), recently released by the European Commission, provides the clearest indication yet that the EU is seriously considering regulating the development and...more
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
1/23/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Malta ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
1/21/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Netherlands ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
1/18/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Norway ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions