Technology Law Dispatch

JUNE 30, 2023

ENISA emphasises that this has to be done in line with all relevant EU legislation, including the General Data Protection Regulation, Network and Information Security Directive (NIS2), and Cybersecurity Resilience Act (CSA). Once published, there will be a period of 24 months before it becomes effective (estimated Q3/4 2025).

Data protection 88

Data protection Compliance 88

Rocket Matter

FEBRUARY 25, 2025

Strict Cybersecurity Compliance With more sophisticated cyber threats looming on the horizon and targeting law firms specifically, security has become a must that cannot be sidelined. Digital transformation in law firms allows for better cybersecurity measures, compliance, and data protection.

Law firm 52

Law firm Law Law Legal CRM 52

Clio

OCTOBER 8, 2024

Jack also announced exciting new Clio features for 2025, including automated workflows, custom reporting, and new payment methods. To cap off his exhilarating keynote, Jack revealed that ClioCon 2025 will take place in Boston, Massachusetts. Secure your tickets for ClioCon 2025 today!

Time-tracking 59

Time-tracking Judge Law firm Data protection 59

MatterSuite

SEPTEMBER 4, 2023

Gartner experts expect legal departments to increase their spending on legal technology threefold by 2025. Organizations’ legal departments continually grapple with managing intricate matters, regulatory compliance, contracts, and numerous legal responsibilities. However, investing in data integration solutions is crucial.

Time-tracking 52

Time-tracking Compliance Case management Analytics 52

Inside Privacy

FEBRUARY 1, 2024

Note that the data localization prohibition in this Regulation applies to individual EU Member States’ laws; it does not preclude the EU from implementing data localization requirements. The restrictions on transfers of non-personal data appear to serve two main purposes.

Intellectual Property 72

Intellectual Property State law Court Compliance 72

Technology Law Dispatch

NOVEMBER 22, 2023

Category 1 service providers must keep records of compliance with their obligations, publish them, enable functionality within the services to empower users to control the content they are exposed to, and, if children are likely to access their services, comply with specific child safety duties.

Compliance 52

Compliance Data protection 52

Debevoise Data Blog

OCTOBER 31, 2023

This could impact financial firms who are considering using the EU AI Act as their ‘high watermark’ for AI regulatory and governance compliance, who will have to accommodate any UK-specific requirements in their compliance programmes. The UK Financial Authorities could look to such existing resources when developing future guidance.

Compliance 52

Compliance Due diligence Machine learning Data protection 52

Debevoise Data Blog

APRIL 29, 2022

The UCPA is set to be reviewed by the attorney general who must submit a report to the legislature by July 1, 2025. No Requirement to Conduct Risk Assessments or Data Protection Impact Assessments Under the UCPA, businesses are not required to conduct risk assessments related to their processing or control of personal data.

Law 52

Law Law Data protection Attorney 52

Debevoise Data Blog

MAY 23, 2022

Here, we highlight key aspects of the CTPA with a focus on the provisions that companies should consider in their compliance preparations. This contrasts with the VCDPA’s and the UCPA’s definition of “sale,” which is limited to an exchange of personal data for only monetary consideration. CTPA § 6(e)(1)(A)(ii). CTPA § 4(b).

Law 40

Law Law Compliance Attorney 40

Debevoise Data Blog

MAY 2, 2023

While the latest draft EU AI Act is not yet publicly available, early reports indicate it will feature new rules concerning compliance obligations specific to generative AI and foundation models, including several unique components such as required disclosures of copyrighted works included in the models’ training data.

Compliance 52

Compliance Time-tracking Data protection Law 52

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. These changes add rights for consumers, and compliance obligations for businesses, that take the U.S. Businesses would also need to obtain consumer consent prior to collecting any sensitive data.

Data protection 40

Data protection Attorney Compliance State law 40

Debevoise Data Blog

FEBRUARY 22, 2024

The UK’s approach is therefore an important reminder that while there is often significant public attention on new AI laws, such as the EU AI Act, the use of AI is already subject to a wide variety of existing legal requirements under other technology-neutral laws, including data protection and equalities legislation.

Data protection 52

Data protection Law Law Compliance 52

Debevoise Data Blog

DECEMBER 17, 2023

If this timeline is met, the first provisions of the Act to come into force (the prohibition on “unacceptable risk” AI systems) will take effect in late 2024, followed by the requirements related to “high risk” systems in early 2025, and the remaining provisions in 2026. How to prepare. Conduct a preliminary review of current AI systems.

Data protection 64

Data protection Compliance Time-tracking Law 64

Debevoise Data Blog

JANUARY 16, 2025

Third-Party Contractual and Compliance Obligations The rule prohibits data brokerage with any foreign person who is not a covered person unless the U.S. person ensures contractually that the foreign person will not engage in subsequent covered data transactions with a country of concern or covered person. DOJ expects U.S.

Compliance 52

Compliance Due diligence e-records Time-tracking 52