Debevoise Data Blog

JANUARY 25, 2024

Sensitive personal data: The CJEU has clarified that the processing of special category personal data, such as health data, requires a legal basis under both GDPR Art. It remains to be seen whether data protect authorities will provide guidance on how to interpret the “draw strongly” condition. 9 and GDPR Art.

Data protection 40

Data protection Court e-records Compliance 40

Debevoise Data Blog

NOVEMBER 2, 2022

Digital Services Act to apply from 2024 or four months from designation as a very large online platform or search engine What happened : On 4 October 2022, the EU adopted the much-anticipated Digital Services Act (“DSA”).

Data protection 52

Data protection Compliance Machine learning Court 52

Global LegalTech Hub

MAY 7, 2024

In March 2024, a study titled " Implementing Generative AI in Legal Firms and Legal Departments " was published by the AI Laboratory (UBA IALAB) at the University of Buenos Aires. Countries like Italy initially blocked ChatGPT's use, later reinstating it with promises of increased transparency and data protection.

Data protection 130

Data protection Compliance Law Law 130

Legal IT Group

NOVEMBER 13, 2023

A data protection officer ( DPO ) is a specialist who helps companies ensure compliance with international data protection laws. In a nutshell, the DPO is a key person who helps the company in all business processes to ensure compliance with the data protection law.

Data protection 52

Data protection Compliance International law Law 52

Inside Privacy

FEBRUARY 27, 2023

On February 22, 2023, the European Data Protection Board (“EDPB”) released its Work Program for 2023-2024 (“the Program”), outlining the key priority areas for the next two years. Covington’s Data Privacy and Cybersecurity Team regularly monitors regulatory guidance, legal and policy developments.

Data protection 52

Data protection Compliance Law Law 52

Eric Goldman

FEBRUARY 15, 2024

.] * * * The European Union’s Digital Services Act (“DSA”), a significant legislative act of 93 articles and 156 recitals, will become fully effective from this Saturday, February 17, 2024. The post The European Union’s Digital Services Act: In Force from This Saturday, February 17, 2024, Including for U.S.

Due diligence 90

Due diligence Data protection Compliance Court 90

Clio

JANUARY 30, 2024

Here, we’ll outline the fundamentals of law firm data security in 2024. Law Firm Data Security 101 Let’s start with the basics. These are the essential things you need to know about law firm data security in 2024. What is a law firm’s data security risk? Are they compliant?

Law firm 98

Law firm Law Law Due diligence 98

Inside Privacy

JANUARY 24, 2024

On 15 January 2024, the UK’s Information Commissioner’s Office (“ICO”) announced the launch of a consultation series (“Consultation”) on how elements of data protection law apply to the development and use of generative AI (“GenAI”). Interested stakeholders are invited to provide feedback to the ICO by 1 March 2024.

Intellectual Property 61

Intellectual Property Data protection Compliance Law 61

Technology Law Dispatch

FEBRUARY 20, 2024

The Draft Bill (status 7 February 2024), which does not have any basis in EU law, is available here (German content). Non-compliance with the transparency obligation to inform users shall constitute an administrative offence and result in an administrative fine.

Data protection 52

Data protection Compliance Law Law 52

Inside Privacy

NOVEMBER 20, 2023

On October 11, 2023, the French data protection authority (“CNIL”) issued a set of “how-to” sheets on artificial intelligence (“AI”) training databases. There are eight sheets in total, each covering a data protection issue AI providers should consider when designing their systems. What are the next steps?

Data protection 57

Data protection Machine learning Compliance Law 57

Debevoise Data Blog

DECEMBER 18, 2023

This post highlights key aspects of the MHMDA with a focus on net-new provisions that organizations should consider as they build out their privacy compliance programs. Entities covered by MHMDA must comply with the law’s obligations and prohibitions by March 31, 2024, and small businesses must comply by June 30, 2024.

Data protection 52

Data protection Compliance Hearing Attorney 52

Technology Law Dispatch

FEBRUARY 7, 2024

With cybersecurity becoming a board-level issue, compliance officers, lawyers, board members, and business drivers are looking for official guidance or recommendations on cybersecurity measures to protect business, customers, and the wider economy. Whose guidance to use?

Data protection 64

Data protection Compliance Court Lawyer 64

Debevoise Data Blog

NOVEMBER 29, 2023

Despite recent challenges in the EU “trilogue negotiations”, proponents still hope to reach a compromise on the key terms of the draft EU AI Act by 6 th December, with a view to passing to the Act in 2024 and most of the provisions becoming effective sometime in 2026. Where are we in the legislative process?

Compliance 52

Compliance Data protection e-records Law 52

CaseFox

FEBRUARY 27, 2023

In 2022, a Gartner report quoted, “By 2024, legal departments will replace 20% of generalist lawyers with nonlawyer staff”. Compliance Finally, legal tech can help firms ensure compliance with legal and regulatory requirements. Change management is a prism. Legal tech is an essential part of the modern legal industry.

Legal tech 97

Legal tech Legal tech Law firm Document automation 97

Legal IT Group

JANUARY 22, 2024

With this regard, it is essential to know about the privacy legislation of this country since, nowadays, most internet businesses process the personal data of their clients, and they should do it in compliance with data protection laws. What to expect in 2024? The “personal information” definition is amended.

Data protection 52

Data protection Compliance Litigator Litigation 52

new tech law blog

MARCH 10, 2023

“Dark patterns” used by online platform providers have been controversial for some time, but recently there has been a growing buzz about them, in particular due to actions undertaken by EU and national data protection and consumer protection authorities. What are “dark patterns”?

Data protection 52

Data protection Compliance Law Law 52

Legal IT Group

NOVEMBER 10, 2023

First of all, the data can be transferred based on the adequacy decision or subject to appropriate safeguards. Among these safeguards, in particular, are binding corporate rules, standard data protection clauses, code of conduct, and certification mechanism. In such cases, appropriate safeguards are used.

Data protection 52

Data protection Compliance Law Law 52

Debevoise Data Blog

SEPTEMBER 19, 2022

Governor Newsom stated that he is “thankful to Assemblymembers Wicks and Cunningham and the tech industry for pushing these protections and putting the wellbeing of our kids first.” Notable affirmative obligations include: Data Protection Impact Assessments (“DPIAs”).

Data protection 52

Data protection Compliance Time-tracking Attorney 52

Debevoise Data Blog

DECEMBER 17, 2023

This development, which came amid mounting speculation that disagreements between the Council and Parliament could lead to the legislation being derailed altogether, means that the EU AI Act is back on track to come into force in early 2024. How to prepare. Conduct a preliminary review of current AI systems.

Data protection 64

Data protection Compliance Time-tracking Law 64

Debevoise Data Blog

SEPTEMBER 21, 2022

For UK data transfers: all new agreements executed on or after 21 September 2022 should incorporate the UK Addendum or IDTA; and all existing agreements incorporating the old SCCs must be updated by 21 March 2024 (or sooner if the processing operations change before then).

Data protection 52

Data protection Compliance Court 52

Inside Privacy

MAY 23, 2023

European lawmakers hope to adopt the final AI Act before the end of 2023, ahead of the European Parliament elections in 2024. These include making publicly available “a sufficiently detailed summary of the use of training data protected under copyright law” (Article 28b(4)(c)).

Data protection 57

Data protection Compliance Law Law 57

Inside Privacy

JULY 17, 2023

The Commission provides greater clarity on the process by which EU data subjects can submit complaints through the two-tier redress mechanism established under EO 14086 “concerning an alleged violation of U.S. The decision specifies that an EU data subject must submit a complaint to a Data Protection Authority (“DPA”) in an EU Member State.

Data protection 52

Data protection Compliance Court Law 52

CloudNine

MAY 1, 2024

By Rick Clark The Masters Conference in Washington, DC, on April 17th, 2024, was a bustling event with crowded sessions throughout the day. The agenda featured a diverse range of topics, such as Modern Data, Link Files, eDiscovery Case Law, and Artificial Intelligence, making it an exceptional experience for attendees.

e-discovery 59

e-discovery e-filing Litigator Litigation 59

Technology Law Dispatch

NOVEMBER 22, 2023

Category 1 service providers must keep records of compliance with their obligations, publish them, enable functionality within the services to empower users to control the content they are exposed to, and, if children are likely to access their services, comply with specific child safety duties.

Compliance 52

Compliance Data protection 52

Debevoise Data Blog

FEBRUARY 6, 2023

Companies subject to ColoPA should review their practices to ensure compliance before ColoPA’s July 1, 2023 effective date. When a consumer submits an opt-out request in conjunction with other data rights requests, controllers must prioritize compliance with the opt-out request. (2) No Default Settings. Dark Patterns Forbidden.

Data protection 52

Data protection Hearing Law Law 52

new tech law blog

JUNE 22, 2023

The DMA will also impact other regulations applicable to the delivery of services on digital markets, particularly involving data protection (the General Data Protection Regulation and the ePrivacy Directive), competition law, consumer protection, and copyright (e.g. 5–7 DMA, i.e. by March 2024 at the latest (Art.

Compliance 52

Compliance Data protection Court Software 52

Debevoise Data Blog

OCTOBER 31, 2023

This could impact financial firms who are considering using the EU AI Act as their ‘high watermark’ for AI regulatory and governance compliance, who will have to accommodate any UK-specific requirements in their compliance programmes. The UK Financial Authorities could look to such existing resources when developing future guidance.

Compliance 52

Compliance Due diligence Machine learning Data protection 52

Clio

NOVEMBER 16, 2023

However, always be certain to check with your particular state bar association to ensure you are remaining in compliance with your jurisdiction’s requirements. Important changes to Florida CLE requirements are taking effect in January 2024. New York CLE requirements New York is unique among the U.S.

Attorney 52

Attorney Legal education Data protection Court 52

Inside Privacy

FEBRUARY 1, 2024

The final draft’s provisions on international transfers of non-personal data may differ from what is shown in the table. This regulation is directly applicable in all EU Member States since May 28, 2019. The EU institutions are negotiating a final draft.

Intellectual Property 72

Intellectual Property State law Court Compliance 72

Debevoise Data Blog

FEBRUARY 22, 2024

The UK’s approach is therefore an important reminder that while there is often significant public attention on new AI laws, such as the EU AI Act, the use of AI is already subject to a wide variety of existing legal requirements under other technology-neutral laws, including data protection and equalities legislation.

Data protection 52

Data protection Law Law Compliance 52

Debevoise Data Blog

MAY 23, 2022

Here, we highlight key aspects of the CTPA with a focus on the provisions that companies should consider in their compliance preparations. Under ColoPA, controllers will also have to recognize global opt-out signals as of July 1, 2024—six months before this requirement is operative in Connecticut. CTPA § 6(e)(1)(A)(ii). CTPA § 4(b).

Law 40

Law Law Compliance Attorney 40

Debevoise Data Blog

AUGUST 15, 2023

The Cybersecurity Infrastructure Security Agency (“CISA”) recently published its detailed Cybersecurity Strategic Plan for the fiscal years 2024 to 2026, which is intended to align with the National Cybersecurity Strategy. To subscribe to our Data Blog, please click here. IaaS Providers Must Defend American Cyberspace.

Defendant 52

Defendant Compliance Data protection Law 52

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. These changes add rights for consumers, and compliance obligations for businesses, that take the U.S. SB 21-190 further requires businesses to provide a universal opt-out mechanism by July 1, 2024.

Data protection 40

Data protection Compliance Attorney State law 40

Clio

MARCH 14, 2024

Regulatory changes and compliance requirements The legal industry tends to be traditional, holding onto established processes and procedures. Innovation at your law firm If you’re looking to adopt legal technology at your firm, there are some best practices to follow: Prioritize security and data privacy first.

Machine learning 52

Machine learning Law firm Due diligence e-discovery 52