2025, Compliance and Data protection

European Data Protection Roundup – February 2025

Debevoise Data Blog

MARCH 31, 2025

Our top-five European data protection developments from February are: European Commission publishes guidelines on prohibited AI practices : The EU Commission has published non-binding guidance on the EU AI Acts prohibited use cases. The ban entered into force on 2 February 2025. Spanish Telecomm Provider Fined 1.2

Data protection

Data protection e-records Compliance Court

European Data Protection Roundup – January 2025

Debevoise Data Blog

FEBRUARY 28, 2025

Our top five European data protection developments from January are: UK ransomware reporting proposals. DeepSeek investigated by Italian DPA over AI chatbot data collection practices. DeepSeek investigated by Italian DPA over AI chatbot data collection practices. UK ICO acts on cookie compliance.

Data protection

Data protection Compliance Due diligence Time-tracking

AI Gets Personal: CCPA vs. GDPR on Automated Decision-Making

Berkley Technology Law Journal

APRIL 25, 2025

2025 Automated decision-making technologies ( ADMTs ) are systems that analyze personal data to predict or decide outcomes about individuals, often without human input. privacy legislation, is now addressing these technologies with a new set of proposed rules by the California Privacy Protection Agency (CPPA). By Ilke Okan LL.M.,

Data protection

Data protection Compliance Court Litigator

Webinars

Prep with Purpose: How to Build Better Trial Binders

MORE WEBINARS

Privacy Law: Status of Legal Practice Area in 2025

Martindale-Avvo

APRIL 30, 2025

A wave of state legislation with data protection requirements places new obligations on businesses and public institutions. For lawyers, this is an opportunity to provide more complex legal services in 2025. Heading into 2025, eight states will see their new privacy laws go into effect. Note the dates.

Law

Law Law Federal law Data protection

Regulatory Compliance and Data Protection: Navigating the Legal Landscape

Relativity

MARCH 13, 2025

Ensuring compliance with data privacy regulations is not only a legal obligation; it’s a critical component of maintaining customer trust and safeguarding sensitive information. In 2025, several new regulations are expected to be enacted.

Data protection

Data protection Compliance

European Data Protection Roundup – January 2024

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection

Data protection Compliance e-records Court

The Top eDiscovery Training and Certification Programs in 2025

MatterSuite

SEPTEMBER 4, 2024

In this blog, we will discuss the best eDiscovery training and certification programs of the year 2025 that will enable you to make a wise decision according to your career interests. Why eDiscovery Training and Certification Matter in 2025?

e-discovery

e-discovery Machine learning Data protection Compliance

European Data Protection Roundup – December 2023

Debevoise Data Blog

JANUARY 25, 2024

They are also reminded of their obligation to maintain appropriate technical and organisational measures in relation to their data processing, and may wish to review their compliance with these measures. It remains to be seen whether data protect authorities will provide guidance on how to interpret the “draw strongly” condition.

Data protection

Data protection Court e-records Compliance

How Contract Review Automation Can Make Your Workflow Simple

Percipient

JANUARY 23, 2025

By 2025, its expected that nearly half of all contract-related tasks will be handled by technology. Manually checking for errors, ensuring compliance, and fixing issues can slow things down and use up valuable resources. But theres a better way. How Can Automation Benefit The Contract Review Process?

Time-tracking

Time-tracking Software Compliance Contract management

ENISA Releases Comprehensive Framework for Ensuring Cybersecurity in the Lifecycle of AI Systems

Technology Law Dispatch

JUNE 30, 2023

ENISA emphasises that this has to be done in line with all relevant EU legislation, including the General Data Protection Regulation, Network and Information Security Directive (NIS2), and Cybersecurity Resilience Act (CSA). Once published, there will be a period of 24 months before it becomes effective (estimated Q3/4 2025).

Data protection

Data protection Compliance

Digital Transformation for Law Firms: A Guide to Modernizing Your Practice

Rocket Matter

FEBRUARY 25, 2025

Strict Cybersecurity Compliance With more sophisticated cyber threats looming on the horizon and targeting law firms specifically, security has become a must that cannot be sidelined. Digital transformation in law firms allows for better cybersecurity measures, compliance, and data protection.

Law firm

Law firm Law Law Legal CRM

The 2024 Clio Cloud Conference in Review

Clio

OCTOBER 8, 2024

Jack also announced exciting new Clio features for 2025, including automated workflows, custom reporting, and new payment methods. To cap off his exhilarating keynote, Jack revealed that ClioCon 2025 will take place in Boston, Massachusetts. Secure your tickets for ClioCon 2025 today!

Time-tracking

Time-tracking Judge Law firm Data protection

How Enhanced Reporting Can Improve’s Legal Operations

MatterSuite

SEPTEMBER 4, 2023

Gartner experts expect legal departments to increase their spending on legal technology threefold by 2025. Organizations’ legal departments continually grapple with managing intricate matters, regulatory compliance, contracts, and numerous legal responsibilities. However, investing in data integration solutions is crucial.

Time-tracking

Time-tracking Compliance Case management Analytics

EU Rules Restricting the International Transfers of Non-Personal Data

Inside Privacy

FEBRUARY 1, 2024

Note that the data localization prohibition in this Regulation applies to individual EU Member States’ laws; it does not preclude the EU from implementing data localization requirements. The restrictions on transfers of non-personal data appear to serve two main purposes.

Intellectual Property

Intellectual Property State law Court Compliance

The UK Online Safety Act – Keeping you informed here

Technology Law Dispatch

NOVEMBER 22, 2023

Category 1 service providers must keep records of compliance with their obligations, publish them, enable functionality within the services to empower users to control the content they are exposed to, and, if children are likely to access their services, comply with specific child safety duties.

Compliance

Compliance Data protection

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

Debevoise Data Blog

OCTOBER 31, 2023

This could impact financial firms who are considering using the EU AI Act as their ‘high watermark’ for AI regulatory and governance compliance, who will have to accommodate any UK-specific requirements in their compliance programmes. The UK Financial Authorities could look to such existing resources when developing future guidance.

Compliance

Compliance Due diligence Machine learning Data protection

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

The UCPA is set to be reviewed by the attorney general who must submit a report to the legislature by July 1, 2025. No Requirement to Conduct Risk Assessments or Data Protection Impact Assessments Under the UCPA, businesses are not required to conduct risk assessments related to their processing or control of personal data.

Law

Law Law Data protection Attorney

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Here, we highlight key aspects of the CTPA with a focus on the provisions that companies should consider in their compliance preparations. This contrasts with the VCDPA’s and the UCPA’s definition of “sale,” which is limited to an exchange of personal data for only monetary consideration. CTPA § 6(e)(1)(A)(ii). CTPA § 4(b).

Law

Law Law Compliance Attorney

Overview of Global AI Regulatory Developments and Some Tips to Reduce Risk

Debevoise Data Blog

MAY 2, 2023

While the latest draft EU AI Act is not yet publicly available, early reports indicate it will feature new rules concerning compliance obligations specific to generative AI and foundation models, including several unique components such as required disclosures of copyrighted works included in the models’ training data.

Compliance

Compliance Time-tracking Data protection Law

The EU AI Act: Political Agreement Secured, We Await the Final Text

Debevoise Data Blog

DECEMBER 17, 2023

If this timeline is met, the first provisions of the Act to come into force (the prohibition on “unacceptable risk” AI systems) will take effect in late 2024, followed by the requirements related to “high risk” systems in early 2025, and the remaining provisions in 2026. How to prepare. Conduct a preliminary review of current AI systems.

Data protection

Data protection Compliance Time-tracking Law

The UK’s Emerging Approach to AI Regulation

Debevoise Data Blog

FEBRUARY 22, 2024

The UK’s approach is therefore an important reminder that while there is often significant public attention on new AI laws, such as the EU AI Act, the use of AI is already subject to a wide variety of existing legal requirements under other technology-neutral laws, including data protection and equalities legislation.

Data protection

Data protection Law Law Compliance

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. These changes add rights for consumers, and compliance obligations for businesses, that take the U.S. Businesses would also need to obtain consumer consent prior to collecting any sensitive data.

Data protection

Data protection Compliance Attorney State law

Building a Digital Future: Is America Ready for a Federal Digital Bill of Rights?

Richmond Journal of Law and Technology

MARCH 7, 2025

In short, the FDBR’s applicability provision prioritizes curtailing consumer data collection from large technology companies at the expense of making the statute inapplicable to smaller corporations. [14] 15] Data collection is an important tool essential to driving technological and global competition. 1149, 1193–94 (2021). [17]

Compliance

Compliance Data protection Federal law Court

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Debevoise Data Blog

JANUARY 16, 2025

Third-Party Contractual and Compliance Obligations The rule prohibits data brokerage with any foreign person who is not a covered person unless the U.S. person ensures contractually that the foreign person will not engage in subsequent covered data transactions with a country of concern or covered person. DOJ expects U.S.

Compliance

Compliance Due diligence e-records Time-tracking

Legal Tech Connection

European Data Protection Roundup – February 2025

European Data Protection Roundup – January 2025

Webinars

Trending Sources

AI Gets Personal: CCPA vs. GDPR on Automated Decision-Making

Webinars

Privacy Law: Status of Legal Practice Area in 2025

Regulatory Compliance and Data Protection: Navigating the Legal Landscape

European Data Protection Roundup – January 2024

The Top eDiscovery Training and Certification Programs in 2025

European Data Protection Roundup – December 2023

How Contract Review Automation Can Make Your Workflow Simple

ENISA Releases Comprehensive Framework for Ensuring Cybersecurity in the Lifecycle of AI Systems

Digital Transformation for Law Firms: A Guide to Modernizing Your Practice

The 2024 Clio Cloud Conference in Review

How Enhanced Reporting Can Improve’s Legal Operations

EU Rules Restricting the International Transfers of Non-Personal Data

The UK Online Safety Act – Keeping you informed here

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

Utah Joins the Comprehensive State Privacy Law Club

Connecticut’s Next Generation Data Privacy Law

Overview of Global AI Regulatory Developments and Some Tips to Reduce Risk

The EU AI Act: Political Agreement Secured, We Await the Final Text

The UK’s Emerging Approach to AI Regulation

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Building a Digital Future: Is America Ready for a Federal Digital Bill of Rights?

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Stay Connected