Debevoise Data Blog

SEPTEMBER 27, 2023

The AEPD held that a DPO cannot hold a position that leads them to determine the purposes and means of data processing. The scale and data protection risks associated with such technologies has been further complicated recently by their increasing integration with artificial intelligence systems.

Data protection 52

Data protection Compliance e-filing Court 52

Debevoise Data Blog

JANUARY 25, 2024

Sensitive personal data: The CJEU has clarified that the processing of special category personal data, such as health data, requires a legal basis under both GDPR Art. It remains to be seen whether data protect authorities will provide guidance on how to interpret the “draw strongly” condition. 9 and GDPR Art.

Data protection 40

Data protection Court e-records Compliance 40

Inside Privacy

MARCH 12, 2024

On February 28, the European Data Protection Board (“EDPB”) announced that EU supervisory authorities (“SAs”) will undertake a coordinated enforcement action in 2024 regarding data subjects’ right of access under the GDPR. In 2023, regulators focused upon data protection officers’ designation and role.

Data protection 72

Data protection Compliance 72

Clio

OCTOBER 8, 2024

Held in vibrant Austin, Texas, the 2024 Clio Cloud Conference was nothing short of electrifying. Jack Newton’s opening keynote Jack Newton, Clio’s Founder and CEO, kicked off ClioCon 2024 with his keynote focused on harnessing momentum in the legal industry to drive long-term success. Missed the event?

Time-tracking 59

Time-tracking Judge Law firm Data protection 59

CloudNine

JANUARY 10, 2024

By Rick Clark and Jacob Hesse 2023 was an eventful year in the world of legal technology, with new technology emerging to address both traditional and new challenges legal teams face when collecting, processing, and reviewing data for litigation, investigations, or public access requests.

Compliance 104

Compliance Machine learning Litigation Litigator 104

Inside Privacy

FEBRUARY 27, 2023

On February 22, 2023, the European Data Protection Board (“EDPB”) released its Work Program for 2023-2024 (“the Program”), outlining the key priority areas for the next two years. Covington’s Data Privacy and Cybersecurity Team regularly monitors regulatory guidance, legal and policy developments.

Data protection 52

Data protection Compliance Law Law 52

MatterSuite

SEPTEMBER 4, 2024

In this blog, we will discuss the best eDiscovery training and certification programs of the year 2024 that will enable you to make a wise decision according to your career interests. Why eDiscovery Training and Certification Matter in 2024?

e-discovery 52

e-discovery Machine learning Data protection Compliance 52

Legal IT Group

NOVEMBER 13, 2023

A data protection officer ( DPO ) is a specialist who helps companies ensure compliance with international data protection laws. In a nutshell, the DPO is a key person who helps the company in all business processes to ensure compliance with the data protection law.

Data protection 52

Data protection Compliance International law Law 52

Eric Goldman

FEBRUARY 15, 2024

.] * * * The European Union’s Digital Services Act (“DSA”), a significant legislative act of 93 articles and 156 recitals, will become fully effective from this Saturday, February 17, 2024. The post The European Union’s Digital Services Act: In Force from This Saturday, February 17, 2024, Including for U.S.

Due diligence 103

Due diligence Data protection Compliance Court 103

Inside Privacy

MARCH 8, 2024

On 6 March 2024, the ICO issued a call for views on so-called “Consent or pay” models, where a user of a service has the option to consent to processing of their data for one or more purposes (typically targeted advertising), or pay a (higher) fee to access the service without their data being processed for those purposes.

Data protection 61

Data protection Law Law 61

Clio

JANUARY 30, 2024

Here, we’ll outline the fundamentals of law firm data security in 2024. Law Firm Data Security 101 Let’s start with the basics. These are the essential things you need to know about law firm data security in 2024. What is a law firm’s data security risk?

Law firm 96

Law firm Law Law Due diligence 96

Inside Privacy

JANUARY 24, 2024

On 15 January 2024, the UK’s Information Commissioner’s Office (“ICO”) announced the launch of a consultation series (“Consultation”) on how elements of data protection law apply to the development and use of generative AI (“GenAI”). Interested stakeholders are invited to provide feedback to the ICO by 1 March 2024.

Data protection 61

Data protection Intellectual Property Compliance Law 61

Debevoise Data Blog

JUNE 17, 2024

Luke Dembosky, Avi Gesser, Erez Liebermann, Jim Pastore, Matt Kelly, and Johanna Skrzypczyk were all recognized by The Legal 500 US in the category Cyber Law (Including Data Privacy and Data Protection) with Luke Dembosky and Avi Gesser ranked as Leading Lawyers. Extremely good experience in the field.”

Attorney 52

Attorney Data protection Law Law 52

Inside Privacy

FEBRUARY 20, 2024

On February 13, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on the notion of “main establishment” of a controller in the context of Article 4(16)(a) of GDPR. This blog post was drafted with the contribution of Diane Valat.)

Data protection 81

Data protection Law Law 81

Technology Law Dispatch

FEBRUARY 20, 2024

The Draft Bill (status 7 February 2024), which does not have any basis in EU law, is available here (German content). The national data protection authorities of EU Member States expressly welcomed the LIBE’s proposal to exempt end-to-end encrypted communications from detection orders under the Proposed CSAM Regulation (cf.

Data protection 52

Data protection Compliance Law Law 52

Inside Privacy

NOVEMBER 20, 2023

On October 11, 2023, the French data protection authority (“CNIL”) issued a set of “how-to” sheets on artificial intelligence (“AI”) training databases. There are eight sheets in total, each covering a data protection issue AI providers should consider when designing their systems. What are the next steps?

Data protection 57

Data protection Machine learning Compliance Law 57

Technology Law Dispatch

OCTOBER 12, 2023

The pilot is expected to launch in the first half of 2024, for a 12-month period, with the DRCF to provide details of how to apply to the hub later this year. Those who don’t directly benefit from the pilot will have recourse to the DRCF’s case study archive, and anonymised examples of advice provided.

Data protection 52

Data protection 52

Inside Privacy

JUNE 15, 2023

Most provisions related to minors’ data would take effect on October 1, 2024. However, requirements that social media platforms “unpublish” or delete certain minors’ accounts would come into effect on July 1, 2024. As mentioned above, these requirements would come into effect in July 2024. Design Features.

Data protection 119

Data protection 119

Vogel IT Law

FEBRUARY 6, 2024

Computerworld reported that “Apple is planning its first AI acquisition for 2024, a German firm called brighter AI, according to an online news report.” The February 5, 2024 article entitled “Apple has eye on building bigger genAI data sets” ( [link] ) and included these comments: Apple is beginning to act on its generative AI (genAI) plans.

Data protection 52

Data protection Law Law 52

Inside Privacy

JANUARY 14, 2024

Several EU data protection supervisory authorities (“SAs”) have recently issued guidance on cookies. On January 11, 2024, the Spanish SA published guidance on cookies used for audience measurement (often referred to as analytics cookies) (available in Spanish only).

Data protection 72

Data protection Analytics Time-tracking Law 72

new tech law blog

MARCH 10, 2023

“Dark patterns” used by online platform providers have been controversial for some time, but recently there has been a growing buzz about them, in particular due to actions undertaken by EU and national data protection and consumer protection authorities. What are “dark patterns”?

Data protection 52

Data protection Compliance Law Law 52

Inside Privacy

MAY 30, 2023

On May 28, 2023, the Texas legislature passed the Texas Data Privacy and Security Act , making it the sixth state to pass a comprehensive data privacy law this year. If signed into law, the Act would take effect on July 1, 2024. The Act shares many similarities with Virginia, although there are some distinctions.

Data protection 74

Data protection Attorney Law Law 74

Technology Law Dispatch

FEBRUARY 7, 2024

With cybersecurity becoming a board-level issue, compliance officers, lawyers, board members, and business drivers are looking for official guidance or recommendations on cybersecurity measures to protect business, customers, and the wider economy. Whose guidance to use? In the US, NIST has a resource page for Critical Infrastructure: [link].

Data protection 64

Data protection Compliance Court Lawyer 64

Eric Goldman

APRIL 28, 2023

If passed, the bill goes into effect July 1, 2024 with the first round of DPIAs due July 1, 2025. Among their targets were the Data Protection Impact Assessment requirements, which NetChoice argued amounted to prior restraint and compelled speech. The bill is currently pending approval by both chambers.

Data protection 133

Data protection Court Hearing Judge 133

Inside Privacy

MARCH 23, 2023

To this end, the Commission proposes to: develop a EU code for age-appropriate design by 2024, building on the framework of the DSA; and establish a European standard on online age verification in the context of the European Digital Identity (“eID”) proposal.

Data protection 79

Data protection Law Law 79

Inside Privacy

DECEMBER 15, 2023

As we’ve previously noted , dark patterns are an area of increasing focus of regulators, and the joint paper reflects the growing interplay between privacy and competition laws – a trend we expect to see continue in 2024.

Data protection 65

Data protection Law Law 65

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection 52

Data protection Compliance Court e-records 52

Debevoise Data Blog

DECEMBER 18, 2023

Entities covered by MHMDA must comply with the law’s obligations and prohibitions by March 31, 2024, and small businesses must comply by June 30, 2024. European Data Protection Roundup Throughout 2023, we published our European Data Protection Roundup that includes key takeaways on privacy protection laws.

Data protection 52

Data protection Compliance Hearing Attorney 52

Legal IT Group

NOVEMBER 10, 2023

First of all, the data can be transferred based on the adequacy decision or subject to appropriate safeguards. Among these safeguards, in particular, are binding corporate rules, standard data protection clauses, code of conduct, and certification mechanism. In such cases, appropriate safeguards are used.

Data protection 52

Data protection Compliance Law Law 52

Debevoise Data Blog

NOVEMBER 29, 2023

Despite recent challenges in the EU “trilogue negotiations”, proponents still hope to reach a compromise on the key terms of the draft EU AI Act by 6 th December, with a view to passing to the Act in 2024 and most of the provisions becoming effective sometime in 2026. To subscribe to the Data Blog, please click here.

Compliance 52

Compliance Data protection e-records Law 52

Inside Privacy

FEBRUARY 16, 2024

Both introduce limitations and obligations on online platforms that process personal data for digital advertising. Ahead of the DSA and DMA’s implementation deadlines in February and March 2024 respectively, we will discuss below the key requirements they introduce specifically in relation to online targeted advertising.

Data protection 103

Data protection 103

Debevoise Data Blog

SEPTEMBER 19, 2022

Governor Newsom stated that he is “thankful to Assemblymembers Wicks and Cunningham and the tech industry for pushing these protections and putting the wellbeing of our kids first.” Notable affirmative obligations include: Data Protection Impact Assessments (“DPIAs”).

Data protection 52

Data protection Compliance Time-tracking Attorney 52

CaseFox

FEBRUARY 27, 2023

In 2022, a Gartner report quoted, “By 2024, legal departments will replace 20% of generalist lawyers with nonlawyer staff”. For example, tools for managing data privacy and security can help firms to comply with data protection laws. Change management is a prism.

Legal tech 97

Legal tech Legal tech Law firm Document automation 97

Legal IT Group

JANUARY 22, 2024

With this regard, it is essential to know about the privacy legislation of this country since, nowadays, most internet businesses process the personal data of their clients, and they should do it in compliance with data protection laws. ” Thus, the Australian Privacy Act also aims to have a GDPR level of data protection.

Data protection 52

Data protection Compliance Litigation Litigator 52

Inside Privacy

JULY 17, 2023

The Commission provides greater clarity on the process by which EU data subjects can submit complaints through the two-tier redress mechanism established under EO 14086 “concerning an alleged violation of U.S. The decision specifies that an EU data subject must submit a complaint to a Data Protection Authority (“DPA”) in an EU Member State.

Data protection 52

Data protection Compliance Court Law 52

Debevoise Data Blog

SEPTEMBER 21, 2022

For UK data transfers: all new agreements executed on or after 21 September 2022 should incorporate the UK Addendum or IDTA; and all existing agreements incorporating the old SCCs must be updated by 21 March 2024 (or sooner if the processing operations change before then).

Data protection 52

Data protection Compliance Court 52

Inside Privacy

AUGUST 31, 2023

Quantum-Readiness Roadmap The Factsheet urges organizations to establish a “quantum readiness roadmap” that will prepare the organizations for the migration to PQC standards, which the Factsheet notes are currently under development by NIST and slated for release in 2024.

Data protection 72

Data protection 72