Inside Privacy

APRIL 28, 2023

On 29 March 2023, the UK Information Commissioner’s Office (“ICO”) published updated Guidance on AI and data protection (the “Guidance”) following “requests from UK industry to clarify requirements for fairness in AI”. AI has been a strategic priority for the ICO for several years.

Data protection 74

Data protection Compliance Law Law 74

Technology Law Dispatch

OCTOBER 26, 2023

On 3 October 2023, the UK Information Commissioner’s Office organised its annual Data Protection Practioner’s Conference 2023 (DPPC 2023). Here are the takeaways from the DPPC 2023 (the event sessions available here ). Cyber security risks remain significant, the most common of them being phishing attacks.

Data protection 59

Data protection Due diligence Compliance Law 59

Ikigai Law

AUGUST 8, 2023

A detailed clause-wise analysis of the Digital Personal data Protection Bill 2023 On 7 August 2023, the Lok Sabha passed the Digital Personal Data Protection Bill, 2023. It will soon be introduced in the Rajya Sabha and likely become a law in a couple of days. Read the analysis here.

Data protection 52

Data protection Law Law 52

Debevoise Data Blog

SEPTEMBER 27, 2023

The AEPD held that a DPO cannot hold a position that leads them to determine the purposes and means of data processing. The scale and data protection risks associated with such technologies has been further complicated recently by their increasing integration with artificial intelligence systems.

Data protection 52

Data protection Compliance e-filing Court 52

Ikigai Law

AUGUST 4, 2023

India’s Digital Personal Data Protection Bill 2023 was introduced in Parliament on 3 August 2023. Once passed, the law will govern how businesses collect and use individuals’ data. Read on for a quick explainer of what the law means for you. An overview and summary of the law is on our blog.

Data protection 52

Data protection Law Law e-records 52

Technology Law Dispatch

FEBRUARY 7, 2023

We hope you enjoy reading it.

Data protection 52

Data protection Court Law Law 52

Technology Law Dispatch

AUGUST 2, 2023

The Summer 2023 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released: English version German version This edition covers the following topics: New adequacy decision for EU-U.S. We also included an overview over the 2023 annual reports of the German data protection authorities.

Data protection 52

Data protection Court Law Law 52

Ikigai Law

AUGUST 3, 2023

Our summary of the Digital Personal Data Protection Bill, 2023 The Digital Personal Data Protection Bill, 2023 ( 2023 Bill ) was tabled in Parliament on 3 August 2023. It is the fifth – and likely final – iteration of India’s efforts to formulate a personal data protection law.

Data protection 52

Data protection Compliance e-filing Hearing 52

Debevoise Data Blog

APRIL 28, 2023

UK ICO updates guidance to clarify requirements for fairness in AI What happened : The UK ICO has updated its existing Guidance on AI and data protection following requests from industry to clarify requirements for fairness in AI. Norwegian Data Protection Authority fines medical device company c.$240,000

Data protection 52

Data protection Compliance e-filing Software 52

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection 52

Data protection Compliance Failure-to-appear e-records 52

Debevoise Data Blog

MAY 12, 2023

Key takeaways this April include: UK children’s data protection focus continues: Businesses may wish to review policies and procedures for dealing with children’s data in light of recent UK ICO fines and guidance, especially to ensure that terms of use are adequately enforced.

Data protection 52

Data protection Software design Machine learning Software 52

Debevoise Data Blog

OCTOBER 20, 2023

Key takeaways from September include: UK-US data bridge: From 12 October 2023, UK businesses will be able to transfer personal data to certain US organisations certified under a UK-specific extension to the EU-U.S. data bridge from 12 October 2023. data bridge from 12 October 2023.

Data protection 52

Data protection Intellectual Property Compliance Law 52

Debevoise Data Blog

JUNE 8, 2023

As we covered here , last October, the CNIL fined Clearview AI €20 million for various data protection violations, including “intrusive and massive” data processing without consent or a valid legitimate interest. law” and, in particular, did not address issues identified by the CJEU in the Schrems II decision.

Data protection 52

Data protection Compliance e-records Dispute resolution 52

Debevoise Data Blog

DECEMBER 22, 2023

This guidance, which draws on the GDPR as well as national and EU case law, contains relevant advice for using AI in the healthcare space more broadly. For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space.

Data protection 52

Data protection Time-tracking Compliance Machine learning 52

Ikigai Law

AUGUST 9, 2023

This article discusses the first step for fintechs to get ready for the new data law. It originally appeared in the July 2023 Edition of FinTales, our monthly fintech newsletter. No piece of legislation has taken more punches than our elusive data protection law. The data law is nearly here!

Data protection 52

Data protection Analytics Compliance Law 52

Debevoise Data Blog

FEBRUARY 20, 2023

EDPB’s cookie banner task force report highlights user-friendly design choices What happened : In January 2023, the EDPB adopted a final report on the Cookie Banner Task Force’s work. These developments, and more, covered below.

Data protection 52

Data protection Compliance e-records Court 52

Debevoise Data Blog

MAY 28, 2024

EDPB “Consent or pay” models: Businesses operating large online platforms should consider the European Data Protection Board’s recent opinion indicating that “consent or pay” models are unlikely to be GDPR-compliant. These developments, and more, are covered below.

Data protection 52

Data protection Compliance Law Law 52

Inside Privacy

JULY 3, 2023

On 21 June 2023, at the close of a roundtable meeting of the G7 Data Protection and Privacy Authorities, regulators from the United States, France, Germany, Italy, United Kingdom, Canada and Japan published a joint “Statement on Generative AI” (“Statement”) (available here ).

Data protection 108

Data protection Compliance Law Law 108

Debevoise Data Blog

JULY 30, 2024

Our top five European data protection developments from June are: Non-material damage under GDPR: The CJEU clarified the scope of compensation for non-material damage in the context of identity theft and data subjects’ fear that their personal data had been exposed. To subscribe to the Data Blog, please click here.

Data protection 52

Data protection Time-tracking Mediator Analytics 52

Debevoise Data Blog

SEPTEMBER 23, 2024

Our top-five European data protection developments from August are: Uber fined for personal data transfer: The Dutch Data Protection Authority fined Uber €290 million for the unlawful transfer of European drivers’ personal data to the U.S., without sufficient safeguards.

Data protection 52

Data protection Court Software Compliance 52

Rocket Matter

DECEMBER 17, 2024

While they will continue to serve lawyers and law firms, modern clients demand innovation. Law firm innovation must become a foundational part of your business strategy if you want to thrive in the legal environment of tomorrow. Staying Ahead: Why Innovation Is Crucial for Law Firms There were over 1.33

Law firm 52

Law firm Law Law Legal CRM 52

Ikigai Law

AUGUST 11, 2023

“If you don’t see me in half a decade, just wait a little longer” – India’s data protection bill ( circa 2018 ) On 9 th August, the Digital Personal Data Protection Bill, 2023 was finally passed in the Parliament. The finish line – the new data bill What stood out? Whose competition is it but?

Data protection 52

Data protection Law Law 52

Debevoise Data Blog

MARCH 26, 2023

UK tribunal limits ICO enforcement order but partially upholds lawful basis objection What happened : A tribunal rejected certain aspects of the UK ICO’s October 2020 enforcement notice against Experian, a credit reference agency that holds and processes data relating to essentially the whole of the UK’s adult population.

Data protection 52

Data protection Compliance Court Law 52

Technology Law Dispatch

JUNE 23, 2023

On 19 June 2023, the Information Commissioner’s Office (ICO) has released new Guidance on Privacy-Enhancing Technologies (PETs) for Data Protection Compliance. Understanding PETs PETs are software and hardware systems that can help minimize use of personal data use while maximizing information security.

Data protection 52

Data protection Compliance Software Law 52

Technology Law Dispatch

FEBRUARY 27, 2023

2022 was another busy year in privacy and data protection. Regulations surrounding privacy and data continue to develop at a rapid pace. As a result, 2023 could be an exciting and a busy year for privacy and data. Andreas Splittgerber , Munich – “2023 will be a landmark year for AI regulations in Europe.

Data protection 59

Data protection Analytics Compliance Court 59

Legal IT Group

MAY 3, 2023

In 2023 the real technological “boom” happened — products based on artificial intelligence flooded the market. Regardless of the proven practical benefits of AI in different fields, its use has some risks for users’ privacy and data protection. 6 GDPR (lawfulness of processing) Violation of Art. Violation of Art.

Data protection 130

Data protection Compliance Law Law 130

Technology Law Dispatch

MARCH 24, 2023

On 8 March 2023, the UK government presented a new version of the UK Data Protection and Digital Information Bill No.2. As with the previous bill, the new bill aims to alleviate the burden of compliance with the UK GDPR and its implementing UK Data Protection Act (2018) for organisations in the UK.

Data protection 52

Data protection Failure-to-appear Compliance Software 52

Inside Privacy

NOVEMBER 28, 2023

They raise various questions under regulatory and data protection and data security laws. The DiGA Regulation imposes specific data protection and data security requirements on health apps (in addition to safety, functionality, quality and interoperability requirements). 26 of the GDPR.

Data protection 57

Data protection Time-tracking Software Law 57

Debevoise Data Blog

DECEMBER 13, 2022

The UK ICO’s position is that all international data transfers to jurisdictions without an adequacy decision require a risk assessment, including where businesses are relying on the approved standard contractual clauses.

Data protection 52

Data protection Compliance Due diligence Hearing 52

Debevoise Data Blog

AUGUST 16, 2023

. : Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S. Data Privacy Framework, assess whether they are eligible to self-certify and, if they are, whether it makes sense to. Data Privacy Framework (the “DPF”). These developments, and more, covered below.

Data protection 40

Data protection Analytics Compliance Time-tracking 40

Legal IT Group

FEBRUARY 23, 2023

Introduction In our previous articles , we have already drawn your attention to the Brazilian data protection legislation which is quite similar to the General Data Protection Regulation (GDPR). Also, the ANPD has shared a new form which should be used for sending security incident reports by a data controller.

Data protection 130

Data protection Compliance e-filing Law 130

Debevoise Data Blog

JANUARY 25, 2024

The CJEU has also recently reaffirmed that GDPR precludes national law makers from imposing a de minimis threshold for non-material damage. This judgment arose from a 2019 cyberattack against the Bulgarian National Revenue Agency which resulted in a threat actor publishing more than 6 million people’s personal data on the internet.

Data protection 40

Data protection Court e-records Compliance 40

Debevoise Data Blog

APRIL 26, 2024

Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers, computer scientists and legal experts. These developments, and more, are covered below.

Data protection 52

Data protection e-records Compliance Court 52

Legal IT Group

NOVEMBER 10, 2023

Companies often need to transfer personal data to other countries while conducting their business operations. Since personal data is not everywhere reliably protected by law, there are plenty of requirements for its legal transfer. On 12 October 2023, the UK adequacy regulations for the US entered into force.

Data protection 130

Data protection Compliance Law Law 130

CaseFox

FEBRUARY 27, 2023

Law tech helps improve and streamline legal processes, ranging from document automation to artificial intelligence (AI) tools for legal research. The economic deception has introduced new challenges as big law clients got shifted to law firms, charging less, giving mid-size firms an open hand approaching potential clients.

Legal tech 97

Legal tech Legal tech Law firm Document automation 97

Inside Privacy

FEBRUARY 27, 2023

On February 22, 2023, the European Data Protection Board (“EDPB”) released its Work Program for 2023-2024 (“the Program”), outlining the key priority areas for the next two years. The Program is divided into four pillars, which largely reflect the priorities already set out in its Strategy 2021-2023.

Data protection 52

Data protection Compliance Law Law 52

Debevoise Data Blog

SEPTEMBER 12, 2022

Russia has enacted amendments to its Personal Data Law (the “ Amendments ”) that may have a significant impact on companies operating in Russia. The Amendments became effective on September 1, 2022, save for certain provisions that will become effective on March 1, 2023.

Data protection 52

Data protection Compliance Time-tracking Litigator 52