Debevoise Data Blog

MAY 12, 2023

Key takeaways this April include: UK children’s data protection focus continues: Businesses may wish to review policies and procedures for dealing with children’s data in light of recent UK ICO fines and guidance, especially to ensure that terms of use are adequately enforced.

Data protection 52

Data protection Software design Machine learning Software 52

Inside Privacy

MARCH 9, 2023

On March 7, 2023, the Irish Data Protection Commission (“DPC”) published its annual report for 2022. The report reflects the DPC’s reputation as both an active enforcer of the General Data Protection Regulation (“GDPR”) and a contributor to policy development at national and EU levels.

Data protection 74

Data protection Litigator Litigation 74

Debevoise Data Blog

APRIL 28, 2023

UK ICO updates guidance to clarify requirements for fairness in AI What happened : The UK ICO has updated its existing Guidance on AI and data protection following requests from industry to clarify requirements for fairness in AI. Norwegian Data Protection Authority fines medical device company c.$240,000

Data protection 52

Data protection Compliance e-filing Software 52

Debevoise Data Blog

AUGUST 16, 2023

. : Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S. Data Privacy Framework, assess whether they are eligible to self-certify and, if they are, whether it makes sense to. Data Privacy Framework (the “DPF”). Data Privacy Framework (the “DPF”).

Data protection 40

Data protection Analytics Compliance Time-tracking 40

LawSites

DECEMBER 27, 2022

Notably, the post that captured the most eyes was about New York becoming the first state to mandate CLE in cybersecurity, privacy and data protection. First, I list the 20 most popular posts of 2022, listing only posts first published during 2022. Top 20 LawSites Posts of 2022 (Posts First Published in 2022).

Data protection 77

Data protection Analytics Legal tech Legal tech 77

Debevoise Data Blog

AUGUST 25, 2022

On 18 July 2022, the UK government published the Data Protection and Digital Information Bill (the “Bill”), which proposes reforms to the UK’s data protection and e-privacy landscape in-line with the National Data Strategy.

Data protection 52

Data protection e-records 52

Debevoise Data Blog

SEPTEMBER 12, 2022

Russia has enacted amendments to its Personal Data Law (the “ Amendments ”) that may have a significant impact on companies operating in Russia. The Amendments became effective on September 1, 2022, save for certain provisions that will become effective on March 1, 2023.

Data protection 52

Data protection Compliance Time-tracking Litigator 52

Debevoise Data Blog

JANUARY 30, 2023

Last year, yet again, saw significant GDPR enforcement actions, important regulatory guidance, and an abundance of European legislative activity touching on cyber, data protection and AI-regulatory issues. officials in April 2022 finally struck a deal to enable a GDPR Article 45 adequacy decision for the U.S. covered here ).

Data protection 52

Data protection Compliance Analytics Law 52

new tech law blog

DECEMBER 2, 2022

Entities transferring personal data outside the European Economic Area on the basis of standard contractual clauses that are no longer in force (where the transfer began before 27 September 2021) should conclude agreements based on new clauses by 27 December 2022.

Data protection 52

Data protection Compliance Court 52

Technology Law Dispatch

NOVEMBER 8, 2023

There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required. This is more likely be compliant with data protection law, as firms will be better placed to demonstrate that the user has a genuine free choice.“

Data protection 59

Data protection Compliance Court Law 59

Technology Law Dispatch

FEBRUARY 27, 2023

2022 was another busy year in privacy and data protection. Regulations surrounding privacy and data continue to develop at a rapid pace. Emerging technologies have changed the manner in which personal data is collected and used. As a result, 2023 could be an exciting and a busy year for privacy and data.

Data protection 59

Data protection Analytics Compliance Court 59

Debevoise Data Blog

DECEMBER 1, 2021

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to the laws and regulations that govern how companies collect, use, store and transfer the personal information of their consumers and employees.

Law 52

Law Law Data protection Litigator 52

Technology Law Dispatch

APRIL 18, 2023

White paper In July 2022 the AI Regulation Policy Paper set out plans for a risk-based, adaptable regulatory framework. ICO’s updated guidance on AI and Data Protection The ICO issued updated its guidance on AI and Data Protection following requests to clarify requirements for fairness in AI.

Data protection 59

Data protection Compliance 59

Inside Privacy

OCTOBER 17, 2023

On 3 October 2023, the UK Information Commissioner’s Office (“ ICO ”) finalized its Employment practices and data protection − Monitoring workers guidance (“ Guidance ”) to account for new types of work, including work from home, and the use of more sophisticated technologies for monitoring.

Data protection 65

Data protection Time-tracking Case management Compliance 65

Technology Law Dispatch

FEBRUARY 20, 2024

The national data protection authorities of EU Member States expressly welcomed the LIBE’s proposal to exempt end-to-end encrypted communications from detection orders under the Proposed CSAM Regulation (cf. European Data Protection Board (EDPB), Statement 1/2024 of 13 February 2024 ).

Data protection 52

Data protection Compliance Law Law 52

Richmond Journal of Law and Technology

MAY 2, 2023

The African Union (AU) member states and Economic Community of West African States (ECOWAS) member states are obligated to respect, protect, and promote the right to privacy and personal data protection, as stated in their declarations and conventions. [12] 12] To ensure compliance and mitigate risks, U.S. 15] Ultimately, U.S.

Data protection 52

Data protection Compliance Due diligence Law 52

Vogel IT Law

APRIL 4, 2023

The article entitled “Facebook Opposes Irish Data Watchdog’s 265-Million-Euro Fine” ( [link] ) included these comments about Facebook challenge in Irish Court: A High Court justice granted Facebook permission to pursue litigation over the fine from the Irish Data Protection Commission, reported The Irish Times on Monday.

Data protection 52

Data protection Court Litigator Litigation 52

Technology Law Dispatch

NOVEMBER 28, 2023

The Tribunal found that, although the data processing activities carried out by Clearview constituted the monitoring of the behaviour of UK data subjects (and therefore fell within the territorial scope of Article 2 UK General Data Protection Regulation (UK GDPR).),

Data protection 52

Data protection Law Law Court 52

Ikigai Law

APRIL 30, 2023

This post explores if Generative AI tools such as ChatGPT can collect our data from the Internet without our consent on the ground that the data is in the public domain. It also explores if ChatGPT’s recent ban in Italy over data protection norms has any lessons for India. One that’s similar to the EU approach.

Data protection 52

Data protection Law Law Court 52

Technology Law Dispatch

MAY 3, 2023

Background At the end of 2022, the European Commission published its draft adequacy decision on EU-US transfers of personal data. The DPF would allow free and safe data transfers between the EU and the US for US companies self-certified under DPF, bringing many commercial benefits to businesses on both sides. What’s next?

Data protection 52

Data protection Court Compliance Law 52

Technology Law Dispatch

DECEMBER 1, 2022

On 24 November 2022, the Data Protection (Adequacy) (Republic of Korea) Regulations were laid before the UK parliament for approval. The Regulations are due to come into force on 19 December 2022.

Data protection 52

Data protection Law Law 52

Legal IT Group

JANUARY 22, 2024

With this regard, it is essential to know about the privacy legislation of this country since, nowadays, most internet businesses process the personal data of their clients, and they should do it in compliance with data protection laws. ” Thus, the Australian Privacy Act also aims to have a GDPR level of data protection.

Data protection 52

Data protection Compliance Litigator Litigation 52

Inside Privacy

MAY 2, 2023

The Global CBPR Forum was established in 2022 via the Global CBPR Declaration , and derives from the Asia-Pacific Economic Cooperation (“APEC”) CBPR System. For businesses with global operations, it can be a challenge to ensure compliance with the increasing number of data protection laws in jurisdictions around the world.

Data protection 65

Data protection Compliance Law Law 65

Inside Privacy

JUNE 28, 2023

Late yesterday, the EU institutions reached political agreement on the European Data Act (see the European Commission’s press release here and the Council’s press release here ). The Data Act will sit alongside the EU’s General Data Protection Regulation (“GDPR”), Data Governance Act, Digital Services Act, and the Digital Markets Act.

Data protection 72

Data protection 72

Legal IT Group

NOVEMBER 13, 2023

A data protection officer ( DPO ) is a specialist who helps companies ensure compliance with international data protection laws. In a nutshell, the DPO is a key person who helps the company in all business processes to ensure compliance with the data protection law.

Data protection 52

Data protection Compliance International law Law 52

Inside Privacy

FEBRUARY 27, 2023

The EU Representative Actions Directive (“RAD”) was meant to have been transposed by all EU member states by December 25, 2022. Since the RAD takes the form of a directive, all EU member states had a period of 2 years ― until December 25, 2022 ― to transpose it into their national legislation.

Data protection 52

Data protection Court Litigator Litigation 52

Inside Privacy

APRIL 24, 2023

The White Paper elaborates on the approach to AI set out by the Government in its 2022 AI Governance and Regulation Policy Statement (“Policy Statement” – covered in our blog post here ). On 29 March 2023, the UK Government published a White Paper entitled “A pro-innovation approach to AI regulation” (“White Paper”).

Intellectual Property 69

Intellectual Property Data protection Machine learning Compliance 69

Inside Privacy

MARCH 23, 2023

The recently adopted Digital Services Act (“DSA”) also contains rules on protecting children online – including by not serving them targeted advertising based on profiling. The eID proposal would also enable minors to use their digital identity wallet to prove their age without disclosing other personal data.

Data protection 79

Data protection Law Law 79

Debevoise Data Blog

SEPTEMBER 21, 2022

The SCCs and IDTA will be the transfer tool of choice for most companies sending or receiving data from the EEA or UK. Businesses may want to consider carefully what existing agreements need updating and how they will update their data protection compliance procedures to ensure all new agreements use the correct clauses.

Data protection 52

Data protection Compliance Court 52

LawSites

DECEMBER 1, 2021

The remaining two installments will be release early in 2022. The report, The General Counsel Report 2022: Leading with Endurance Through Risk, Culture and Technology Challenges , was conducted by FTI Consulting’s Technology Segment , in partnership with legal and compliance technology company Relativity.

e-discovery 96

e-discovery Compliance e-filing Data protection 96

Debevoise Data Blog

DECEMBER 18, 2023

European Data Protection Roundup Throughout 2023, we published our European Data Protection Roundup that includes key takeaways on privacy protection laws. Entities covered by MHMDA must comply with the law’s obligations and prohibitions by March 31, 2024, and small businesses must comply by June 30, 2024.

Data protection 52

Data protection Compliance Hearing Attorney 52

Inside Privacy

APRIL 12, 2023

Metaverse Prospects This rapidly increasing regulatory attention is unsurprising as the metaverse is estimated to generate up to $5 trillion in global market impact by 2030 and already in 2022, investments into the metaverse doubled compared to the previous year, reaching over $120 billion.

Data protection 78

Data protection Time-tracking Law Law 78

Inside Privacy

JULY 5, 2023

The proposed Regulation also grants complainants the right to be heard at various stages of the investigative process, including if the lead supervisory authority or European Data Protection Board intends to reject their complaint in full or in part. Roles of various supervisory authorities.

Dispute resolution 61

Dispute resolution Data protection 61

Debevoise Data Blog

JANUARY 25, 2024

They are also reminded of their obligation to maintain appropriate technical and organisational measures in relation to their data processing, and may wish to review their compliance with these measures. It remains to be seen whether data protect authorities will provide guidance on how to interpret the “draw strongly” condition.

Data protection 40

Data protection Court e-records Compliance 40

Legal Tech Innovation Wales

FEBRUARY 15, 2023

Allen & Overy recently announced that they are integrating innovative AI programme, Harvey, into everyday practice at the firm after testing it in beta since November 2022. Various pieces of legislation apply to AI, for example, UK data protection laws refer specifically to automated decision-making and the processing of personal data.

Machine learning 59

Machine learning Data protection Legal research Lawyer 59

CaseFox

FEBRUARY 27, 2023

In 2022, a Gartner report quoted, “By 2024, legal departments will replace 20% of generalist lawyers with nonlawyer staff”. For example, tools for managing data privacy and security can help firms to comply with data protection laws. Change management is a prism.

Legal tech 97

Legal tech Legal tech Law firm Document automation 97

Legal IT Group

JANUARY 10, 2023

Since the entry into force of the General Data Protection Regulation (GDPR), many companies processing the data of Europeans have faced the task of achieving the much desired GDPR-compliance. Why do we need this?

Compliance 52

Compliance Data protection Law Law 52