2025, Due diligence and Law - Legal Tech Connection

2025

Due diligence

Law

EU cyber regulation wave quietly rolls on – Commission set to finalize new cyber standards

Inside Privacy

DECEMBER 5, 2023

Although voluntary, the draft standards will also have consequences for European cybersecurity laws more broadly, including: NIS 2, Europe’s cybersecurity directive for essential infrastructure, which provides that member states may require entities to use products that are certified under the ECCS. of global turnover.

Due diligence

Due diligence Compliance Law Law

FTC’s Consent Order Against Marriott: Expectations for Reasonable Security

Debevoise Data Blog

JANUARY 30, 2025

Whereas the Consent Order has a 180-day implementation deadline, the AG Settlement requires full implementation within one year: by October 9, 2025. Likewise, state regulators in the AG Settlement cited their general consumer protection and data breach notification laws. The AG Settlement also featured a 20-year term.

Due diligence

Due diligence Compliance Software Attorney

Join 5,000+

professionals

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

The New Way of Conducting Patent Research: Proven Strategies For Efficient Due Diligence

AI for Paralegals: Everything You Need to Know (and How to Use It Safely)

The Tech-Savvy Paralegals Playbook: How To Leverage AI

Uncovering The Hidden Connections: A Patent Family Survival Guide

MORE WEBINARS

Trending Sources

Managing Cybersecurity Risks Arising from AI – New Guidance from the NYDFS

Debevoise Data Blog

OCTOBER 20, 2024

The Guidance applies to entities that are covered by Part 500 ( i.e., entities with a license under the New York Banking Law, Insurance Law or Financial Services Law), but it provides valuable direction to all companies for managing the new cybersecurity risks associated with AI.

Intellectual Property

Intellectual Property Due diligence Machine learning Defendant

Webinars

The New Way of Conducting Patent Research: Proven Strategies For Efficient Due Diligence

AI for Paralegals: Everything You Need to Know (and How to Use It Safely)

The Tech-Savvy Paralegals Playbook: How To Leverage AI

Uncovering The Hidden Connections: A Patent Family Survival Guide

MORE WEBINARS

Part 2 – Helpful Guidance on Managing (Non-Cybersecurity) AI Risks from Hong Kong’s SFC

Debevoise Data Blog

NOVEMBER 21, 2024

For some firms, compliance with the Circular will require a significant increase in their compliance budgets and the securing of additional resources for 2025 and beyond. The authors would like to thank Debevoise Law Clerks Adam Shankman and Diane Bernabei for their contribution to this blog post.

Compliance

Compliance Due diligence Law Law

The EU Digital Operational Resilience Act (DORA): What you need to know and how to prepare

Debevoise Data Blog

NOVEMBER 21, 2022

Covered entities must come into compliance with the provisions within 24 months after its entry into force, which depending on the date of publication will likely be December 2024 or January 2025. What are the key requirements for financial entities? DORA requires covered financial entities to comply with new rules in four key areas: 1.

Compliance

Compliance Due diligence Analytics Software

European Data Protection Roundup – January 2025

Debevoise Data Blog

FEBRUARY 28, 2025

The EU Digital Operational Resilience Act came into force on 17 January 2025. The UK ICO announced plans to assess the top 1,000 websites for compliance of with UK data protection laws, with a particular focus on whether companies are providing users meaningful choice on how their personal information is used. DORA becomes applicable.

Data protection

Data protection Compliance Due diligence Time-tracking

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

Debevoise Data Blog

DECEMBER 10, 2024

In this post, we discuss how companies can comply with NYDFSs current approach by establishing internal governance committees, conducting a gap assessment against existing controls and standardizing due diligence processes, among other practical tips.

Compliance

Compliance Due diligence Law Law

The EU’s Cyber Resilience Act Has Now Been Agreed

Inside Privacy

DECEMBER 1, 2023

In terms of timing, the CRA will come into force over a phased transition period starting in late 2025. Conducting due diligence on imported PDEs. Covington’s Privacy and Cybersecurity Practice regularly advises on cybersecurity laws in Europe and elsewhere.

Due diligence

Due diligence Software Compliance Law

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

Debevoise Data Blog

OCTOBER 31, 2023

The UK’s Approach to AI Regulation As set out in the government’s white paper on AI , the UK, unlike the EU, does not intend to implement AI-specific laws or regulations. One possibility is for the UK Financial Regulators to introduce standardized AI due diligence requirements that firms must satisfy before they can adopt third-party tools.

Compliance

Compliance Due diligence Machine learning Data protection

Summarizing Success with Summize’s Tom Dunlop and Laura Proctor

Legal Tech Monitor

JANUARY 6, 2025

Tom Dunlop shares the frustrations that sparked the idea for Summize, recounting his days as an in-house lawyer overwhelmed by the manual review of locked PDF contracts during due diligence. So this was mostly law firm, maybe some in-house folks that were looking at the product. Laura Proctor (00:34) Indeed.

Time-tracking

Time-tracking Due diligence Lawyer Analytics

FinTales Issue 30: In Memoriam of the 2000-rupee note

Ikigai Law

JUNE 1, 2023

And prescribes enhanced ongoing due-diligence measures for them. But even if KYC norms are simplified and ambiguities are clarified – compliance with the letter of the law is not enough.REs’ internal KYC practices must be tailored to the unique levels of risk exposure that they face.

e-records

e-records Compliance Due diligence Law

Helpful Guidance on Managing AI-Related Cybersecurity Risks from Hong Kong’s SFC

Debevoise Data Blog

NOVEMBER 18, 2024

There is also some overlap with the requirements in the EU AI Act and the Colorado AI Law , although the Circular is narrower (applying only to language models) and more prescriptive. Some companies may want to address this now as 2025 budgets are being finalized. To subscribe to the Data Blog, please click here.

Intellectual Property

Intellectual Property Due diligence Compliance Machine learning

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Debevoise Data Blog

JANUARY 16, 2025

Existing laws, such as the Protecting Americans Data from Foreign Adversaries Act of 2024 (PADFAA), CFIUS authorities and earlier executive orders, [5] focus on transaction-specific reviews or sector-specific controls but lack broad restrictions on data transactions. DOJ expects U.S.

Compliance

Compliance Due diligence e-records Time-tracking

EU cyber regulation wave quietly rolls on – Commission set to finalize new cyber standards

FTC’s Consent Order Against Marriott: Expectations for Reasonable Security

Webinars

Trending Sources

Managing Cybersecurity Risks Arising from AI – New Guidance from the NYDFS

Webinars

Part 2 – Helpful Guidance on Managing (Non-Cybersecurity) AI Risks from Hong Kong’s SFC

The EU Digital Operational Resilience Act (DORA): What you need to know and how to prepare

European Data Protection Roundup – January 2025

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

The EU’s Cyber Resilience Act Has Now Been Agreed

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

Summarizing Success with Summize’s Tom Dunlop and Laura Proctor

FinTales Issue 30: In Memoriam of the 2000-rupee note

Helpful Guidance on Managing AI-Related Cybersecurity Risks from Hong Kong’s SFC

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Stay Connected