Legal IT Group

JANUARY 10, 2023

Since the entry into force of the General Data Protection Regulation (GDPR), many companies processing the data of Europeans have faced the task of achieving the much desired GDPR-compliance. Why do we need this?

Compliance 130

Compliance Data protection Law Law 130

Legal IT Group

JANUARY 22, 2024

With this regard, it is essential to know about the privacy legislation of this country since, nowadays, most internet businesses process the personal data of their clients, and they should do it in compliance with data protection laws. So, what “agreed in principle” proposals are worth paying attention to?

Data protection 130

Data protection Compliance Litigator Litigation 130

Debevoise Data Blog

SEPTEMBER 23, 2024

Our top-five European data protection developments from August are: Uber fined for personal data transfer: The Dutch Data Protection Authority fined Uber €290 million for the unlawful transfer of European drivers’ personal data to the U.S., without sufficient safeguards. ICO proposes £6.09

Data protection 52

Data protection Court Software Compliance 52

Legal IT Group

NOVEMBER 10, 2023

First of all, the data can be transferred based on the adequacy decision or subject to appropriate safeguards. Among these safeguards, in particular, are binding corporate rules, standard data protection clauses, code of conduct, and certification mechanism. Then, in 2022, the UK also adopted new SCCs.

Data protection 130

Data protection Compliance Law Law 130

Debevoise Data Blog

DECEMBER 13, 2022

Digital Operation Resilience Act is imminent What happened : On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Management will also face new overarching and specific obligations to approve, oversee and manage DORA-related compliance frameworks. These developments are covered below.

Data protection 52

Data protection Compliance Due diligence Hearing 52

Debevoise Data Blog

JUNE 8, 2023

Third country data transfers : Businesses that transfer personal data outside of the EEA may want to review their transfer mechanisms in light of new guidance on the EU and South East Asia SCCs, and the DPC’s record-breaking €1.2 82 (see our May 2021 , August 2021 , and October 2022 blog posts for previous developments).

Data protection 52

Data protection Compliance e-records Dispute resolution 52

Legal IT Group

APRIL 2, 2025

Definition of personal data 1.2. Rights of data subjects 1.4. Privacy concepts and roles Technologies, most impacting on privacy and data protection 2.1. Social media advertising, based on personal data 2.2. PRIVACY PROTECTION IN THE MODERN WORLD 1.1. Such an identifier is personal data.

Data protection 130

Data protection Compliance Software Machine learning 130

Ikigai Law

AUGUST 3, 2023

Our summary of the Digital Personal Data Protection Bill, 2023 The Digital Personal Data Protection Bill, 2023 ( 2023 Bill ) was tabled in Parliament on 3 August 2023. It is the fifth – and likely final – iteration of India’s efforts to formulate a personal data protection law.

Data protection 52

Data protection Compliance e-filing Hearing 52

Debevoise Data Blog

APRIL 28, 2023

UK ICO updates guidance to clarify requirements for fairness in AI What happened : The UK ICO has updated its existing Guidance on AI and data protection following requests from industry to clarify requirements for fairness in AI. Norwegian Data Protection Authority fines medical device company c.$240,000

Data protection 52

Data protection Compliance e-filing Software 52

Legal IT Group

JULY 5, 2023

The role of codes of conduct in protecting personal data and what you need to know about compliance (and the consequences of deciding to comply but not doing so). The data protection issues in each situation with video technologies may differ, as well as the legal analysis when using a particular technology.

Data protection 130

Data protection Compliance Court Software 130

Debevoise Data Blog

DECEMBER 22, 2023

For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space. In particular, the paper recommends the use of internal data access controls, regular auditing of data security measures, and the use of data protection impact assessments.

Data protection 52

Data protection Time-tracking Compliance Machine learning 52

Debevoise Data Blog

MAY 12, 2023

Key takeaways this April include: UK children’s data protection focus continues: Businesses may wish to review policies and procedures for dealing with children’s data in light of recent UK ICO fines and guidance, especially to ensure that terms of use are adequately enforced.

Data protection 52

Data protection Software design Machine learning Software 52

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection 52

Data protection Compliance e-records Court 52

LawSites

DECEMBER 1, 2021

Sixty percent of general counsel are concerned that their risk landscape is expanding or becoming more difficult to navigate in areas spanning compliance, regulatory enforcement, data privacy, information security, emerging data sources and ongoing impacts of the pandemic.

e-discovery 98

e-discovery Compliance e-filing Data protection 98

Debevoise Data Blog

SEPTEMBER 12, 2022

The Amendments became effective on September 1, 2022, save for certain provisions that will become effective on March 1, 2023. The penalties for non-compliance are relatively modest in comparison to those in the European Union and the United Kingdom. 164) to RUB 300,000 (approx.

Data protection 52

Data protection Compliance Time-tracking Litigator 52

Debevoise Data Blog

AUGUST 16, 2023

. : Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S. Data Privacy Framework, assess whether they are eligible to self-certify and, if they are, whether it makes sense to. Data Privacy Framework (the “DPF”). Data Privacy Framework (the “DPF”).

Data protection 40

Data protection Analytics Compliance Time-tracking 40

Legal IT Group

APRIL 28, 2023

Contract as a legal basis for data processing It is worth recalling that during the consideration of the dispute by the EDPB in 2022, which imposed a fine of about $390 million on Meta Platforms, its position was that Facebook publicly positions itself not just as a social network but as a provider of personalized advertising services.

Data protection 130

Data protection Time-tracking Court Lawsuit 130

Debevoise Data Blog

JANUARY 30, 2023

Last year, yet again, saw significant GDPR enforcement actions, important regulatory guidance, and an abundance of European legislative activity touching on cyber, data protection and AI-regulatory issues. The UK’s approach reflects a broader concern to ensure that AI regulation does not inadvertently stymie digital innovation.

Data protection 52

Data protection Compliance Analytics Law 52

Debevoise Data Blog

JANUARY 25, 2024

They are also reminded of their obligation to maintain appropriate technical and organisational measures in relation to their data processing, and may wish to review their compliance with these measures. It remains to be seen whether data protect authorities will provide guidance on how to interpret the “draw strongly” condition.

Data protection 40

Data protection Court e-records Compliance 40

new tech law blog

DECEMBER 2, 2022

Entities transferring personal data outside the European Economic Area on the basis of standard contractual clauses that are no longer in force (where the transfer began before 27 September 2021) should conclude agreements based on new clauses by 27 December 2022.

Data protection 52

Data protection Compliance Court 52

CaseFox

FEBRUARY 27, 2023

In 2022, a Gartner report quoted, “By 2024, legal departments will replace 20% of generalist lawyers with nonlawyer staff”. Compliance Finally, legal tech can help firms ensure compliance with legal and regulatory requirements. Change management is a prism. Legal tech is an essential part of the modern legal industry.

Legal tech 97

Legal tech Legal tech Law firm Document automation 97

Technology Law Dispatch

APRIL 18, 2023

White paper In July 2022 the AI Regulation Policy Paper set out plans for a risk-based, adaptable regulatory framework. Safety, security and robustness – regulators may need to consider technical standards, for example addressing testing and data quality.

Data protection 59

Data protection Compliance 59

Inside Privacy

MAY 2, 2023

The Global CBPR Forum was established in 2022 via the Global CBPR Declaration , and derives from the Asia-Pacific Economic Cooperation (“APEC”) CBPR System. For businesses with global operations, it can be a challenge to ensure compliance with the increasing number of data protection laws in jurisdictions around the world.

Data protection 65

Data protection Compliance Law Law 65

Richmond Journal of Law and Technology

MAY 2, 2023

8] Among the mentioned countries, Egypt, Nigeria, South Africa, Ghana, and Morocco seem to be suitable markets for entry, as they have established specific laws or regulations to protect consumers, especially in online transactions. [9] companies to take proactive measures to protect their data and adhere to foreign laws.

Data protection 52

Data protection Compliance Due diligence Law 52

Technology Law Dispatch

FEBRUARY 27, 2023

2022 was another busy year in privacy and data protection. Regulations surrounding privacy and data continue to develop at a rapid pace. Emerging technologies have changed the manner in which personal data is collected and used. As a result, 2023 could be an exciting and a busy year for privacy and data.

Data protection 59

Data protection Analytics Compliance Court 59

Inside Privacy

OCTOBER 17, 2023

On 3 October 2023, the UK Information Commissioner’s Office (“ ICO ”) finalized its Employment practices and data protection − Monitoring workers guidance (“ Guidance ”) to account for new types of work, including work from home, and the use of more sophisticated technologies for monitoring.

Data protection 65

Data protection Time-tracking Case management Compliance 65

Debevoise Data Blog

DECEMBER 1, 2021

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to the laws and regulations that govern how companies collect, use, store and transfer the personal information of their consumers and employees.

Law 52

Law Law Data protection Litigator 52

Technology Law Dispatch

NOVEMBER 8, 2023

There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required. This is more likely be compliant with data protection law, as firms will be better placed to demonstrate that the user has a genuine free choice.“

Data protection 59

Data protection Compliance Court Law 59

new tech law blog

MARCH 14, 2022

This interest was generated among other sources by numerous complaints filed by NOYB—European Center for Digital Rights in the last year with data protection authorities, and has resulted in guidance and several decisions issued by regulators in recent months (e.g. in Austria, Belgium and France).

Data protection 52

Data protection Analytics e-filing Compliance 52

Eric Goldman

FEBRUARY 15, 2024

The application of some DSA provisions will likely be tested with respect to their compliance with the EU Charter of Fundamental Rights , such as the “crisis response mechanism” under DSA Article 36. The DSA promises to change the internet inside the EU, and likely create spillover effects outside the EU.

Due diligence 105

Due diligence Data protection Compliance Court 105

Technology Law Dispatch

APRIL 27, 2023

Digital Markets Act: Developments since its proposal Following the European Commission’s initial proposal of the Digital Markets Act (DMA) in December 2020, its adoption by the European Parliament in March 2022 and the entry into force on November 1, 2022, the DMA will finally apply from May 2, 2023.

Compliance 52

Compliance Data protection 52

new tech law blog

MARCH 10, 2023

“Dark patterns” used by online platform providers have been controversial for some time, but recently there has been a growing buzz about them, in particular due to actions undertaken by EU and national data protection and consumer protection authorities. was adopted on 14 March 2022.)

Data protection 52

Data protection Compliance Law Law 52

Inside Privacy

APRIL 24, 2023

The White Paper elaborates on the approach to AI set out by the Government in its 2022 AI Governance and Regulation Policy Statement (“Policy Statement” – covered in our blog post here ). On 29 March 2023, the UK Government published a White Paper entitled “A pro-innovation approach to AI regulation” (“White Paper”).

Intellectual Property 69

Intellectual Property Data protection Machine learning Compliance 69

LawSites

DECEMBER 1, 2021

Sixty percent of general counsel are concerned that their risk landscape is expanding or becoming more difficult to navigate in areas spanning compliance, regulatory enforcement, data privacy, information security, emerging data sources and ongoing impacts of the pandemic.

e-discovery 52

e-discovery Compliance e-filing Data protection 52

Law Technology Today

APRIL 11, 2023

The Prevalence of Identity Theft Identity theft is a growing concern for global businesses, and the statistics for 2022 are alarming. According to the 2022 Identity Theft Resource Center’s Data Breach Report , there were 1,802 data compromises in the United States. Even small businesses are not spared.

Data protection 80

Data protection Failure-to-appear Software Lawsuit 80

Debevoise Data Blog

SEPTEMBER 21, 2022

The SCCs and IDTA will be the transfer tool of choice for most companies sending or receiving data from the EEA or UK. Businesses may want to consider carefully what existing agreements need updating and how they will update their data protection compliance procedures to ensure all new agreements use the correct clauses.

Data protection 52

Data protection Compliance Court 52

Debevoise Data Blog

DECEMBER 18, 2023

This post highlights key aspects of the MHMDA with a focus on net-new provisions that organizations should consider as they build out their privacy compliance programs. European Data Protection Roundup Throughout 2023, we published our European Data Protection Roundup that includes key takeaways on privacy protection laws.

Data protection 52

Data protection Compliance Hearing Attorney 52