Debevoise Data Blog

OCTOBER 12, 2021

million fine against Austrian Post for channelling electronic data protection-related inquiries to a web form and not offering an additional email address, irrespective of the data subject option to also use non-electronic postal mail or customer service. Standard Contractual Clauses).

Data protection 52

Data protection Failure-to-appear Compliance e-records 52

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection 52

Data protection Compliance Failure-to-appear e-records 52

Debevoise Data Blog

NOVEMBER 10, 2020

October was a particularly busy month, with headline-grabbing stories such as the long-awaited finalisation of the fines against British Airways and Marriott, which may well be the last penalties the UK Information Commissioner’s Office (the “ICO”) issues as a GDPR Lead Supervisory Authority.

Data protection 52

Data protection Intellectual Property e-records Machine learning 52

Debevoise Data Blog

JUNE 8, 2023

Third country data transfers : Businesses that transfer personal data outside of the EEA may want to review their transfer mechanisms in light of new guidance on the EU and South East Asia SCCs, and the DPC’s record-breaking €1.2 billion fine against Meta. These developments, and more, covered below. (1)

Data protection 52

Data protection Compliance e-records Dispute resolution 52

Debevoise Data Blog

APRIL 26, 2024

Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers, computer scientists and legal experts. These developments, and more, are covered below.

Data protection 52

Data protection e-records Compliance Court 52

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection 52

Data protection Compliance e-records Court 52

Debevoise Data Blog

FEBRUARY 10, 2021

As covered in our Annual Review , 2020 was a blockbuster year for European data protection. The fine is a rare example of a DPA penalising both the data controller and processor for the same failing. Spanish DPA hands CaixaBank record €6m fine. ICO prosecutes employee for stealing data. While Notebooksbilliger.de

Data protection 52

Data protection Time-tracking Defendant Court 52

Legal IT Group

FEBRUARY 22, 2023

According to the Better Regulation Delivery Office, several years ago, the e-commerce market in Ukraine alone was worth about UAH 50 billion a year. It’s not a secret that the tech giant Meta Platforms (Facebook) collects about its users all the information it can. But this is just the tip of the iceberg.

Data protection 130

Data protection Time-tracking e-filing e-records 130

Centerbase

MARCH 31, 2025

Modern legal tech helps centralize information, automate routine tasks, and foster collaboration among attorneys and staff. When there is no clear workflow or unified platform, staff may lose track of deadlines, duplicate efforts, or generate inaccuracies in record-keeping. What Is Law Firm Management?

Law firm 52

Law firm Time-tracking Law Law 52

Debevoise Data Blog

FEBRUARY 20, 2023

On 29 December 2022, the CNIL fined TikTok UK and Ireland as joint controllers €5 million for failing to: offer users the ability to refuse cookies as easily as accepting them (several clicks were required to refuse all cookies, as opposed to just one to accept them); and inform users in a sufficiently precise manner about cookie purposes.

Data protection 52

Data protection Compliance e-records Court 52

Legal IT Group

JUNE 15, 2023

According to the GDPR – General Data Protection Regulation – residents of the European Union (“ EU ”) can send requests regarding their data to all legal and natural persons who process it. Other common types of requests include the right to have information deleted or corrected if it is inaccurate.

e-records 130

e-records Data protection e-filing Compliance 130

Debevoise Data Blog

AUGUST 16, 2023

. : Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S. Data Privacy Framework, assess whether they are eligible to self-certify and, if they are, whether it makes sense to. Data Privacy Framework (the “DPF”). Data Privacy Framework (the “DPF”).

Data protection 40

Data protection Analytics Compliance Time-tracking 40

Debevoise Data Blog

JANUARY 25, 2024

Sensitive personal data: The CJEU has clarified that the processing of special category personal data, such as health data, requires a legal basis under both GDPR Art. 6, meaning that businesses may wish to review their records of processing activities to ensure that both are reflected. 9 and GDPR Art.

Data protection 40

Data protection Court e-records Compliance 40

Debevoise Data Blog

OCTOBER 11, 2021

On August 20, 2021, China’s Standing Committee of the National People’s Congress passed the Personal Information Protection Law (“PIPL”). High-level takeaways: With the PIPL, China is joining, if not leading, the global movement toward more and not less restriction on the processing of personal information.

Law 52

Law Law e-records Compliance 52

Percipient

APRIL 22, 2023

The court-appointed the SBA as a receiver and permitted it to marshal Cardinal’s assets and business records. Much of the costs were charges from an e-discovery vendor to collect and search electronically stored information (ESI) , including e-mails relating to Cardinal. The court denied the reimbursement request.

e-discovery 97

e-discovery Court e-records Litigator 97

Debevoise Data Blog

APRIL 14, 2023

The PRA strongly criticised Wyelands’ lack of record-keeping policies and procedures to manage the use of WhatsApp communications, which the PRA found had prevented the bank’s Board and Risk function from effectively scrutinising transactions, as well as hindering the PRA’s supervision and investigation activities.

e-records 52

e-records Compliance e-filing Data protection 52

Debevoise Data Blog

OCTOBER 10, 2023

A foreign business not directly subject to GDPR may nevertheless be required to comply with GDPR restrictions if they have entered Standard Contractual Clauses or signed-up to the EU-US Data Protection Framework to facilitate the receipt of personal data. Will the Generative AI tool be used to create new personal data?

Data protection 52

Data protection e-records Compliance Law 52

MatterSuite

OCTOBER 27, 2023

E-discovery solutions , a significant part of legal tech, were estimated to be a multi-billion-dollar industry. The global e-discovery market size was projected to reach $17.32 Predictive Analytics: Machine learning algorithms examine historical case data to predict legal outcomes. This enhances trust in legal documentation.

Legal tech 52

Legal tech Legal tech e-discovery Machine learning 52

Debevoise Data Blog

NOVEMBER 29, 2023

The specific detail of these requirements is yet to be agreed but could include heightened data governance standards, monitoring and record-keeping rules, heightened standards for cybersecurity and transparency, as well as human oversight obligations. To subscribe to the Data Blog, please click here. Limited risk systems.

Compliance 52

Compliance Data protection e-records Law 52

Ikigai Law

AUGUST 7, 2023

Main Course : Deep dive stories on card network portability, and impact of the data protection bill on fintechs. Main Course Fintech and the Data Protection Bill No piece of legislation has taken more punches than our elusive data protection law. The data law is nearly here! No, not so fast.

Data protection 52

Data protection Law Law e-records 52

Legal Tech Blog

DECEMBER 8, 2022

– By Nick Rich, Head of Corporate Engagement UK&I at Exterro – Effective data management is no longer an optional extra, but a fundamental part of organisational strategies. Good data analysis allows companies to make informed decisions and create reality-based plans. Typically, more data leads to more risk.

e-discovery 52

e-discovery Machine learning Compliance Due diligence 52

Clio

OCTOBER 8, 2024

With a record 2,500 in-person and 1,500 virtual attendees, Jack highlighted Clio’s growth alongside AI’s transformative role in the legal profession, as outlined in the latest Legal Trends Report. Gavin shared tactical steps to protect sensitive information and emphasized the ethical considerations involved in data protection.

Time-tracking 59

Time-tracking Judge Law firm Data protection 59

Lawmatics

JULY 2, 2024

Client intake software is technology used by businesses and organizations to streamline the client intake process by collecting information from clients. Client intake software in law firms typically replaces traditional paper-based forms or manual data entry processes, offering a more efficient and error-free way to gather information.

Client Intake 40

Client Intake Software Time-tracking Legal software 40

Debevoise Data Blog

JULY 31, 2023

Data Privacy Framework (the “DPF”). The decision enables businesses in Europe to transfer personal data to DPF-certified U.S. businesses without having to implement additional data protection safeguards. Data subjects may lodge complaints through both U.S.- billion fine for Meta in May 2023).

Data protection 52

Data protection Dispute resolution e-filing e-records 52

Berkley Technology Law Journal

NOVEMBER 18, 2022

Legislation empowers the European Commission to designate certain tech companies as gatekeepers and impose obligations on them in relation to data, advertising, e-commerce, interoperability, and the commercial relationships between the service providers customers and end users. One idea is the idea of data portability.

Law 100

Law Law Data protection Court 100

Berkley Technology Law Journal

NOVEMBER 18, 2022

Legislation empowers the European Commission to designate certain tech companies as gatekeepers and impose obligations on them in relation to data, advertising, e-commerce, interoperability, and the commercial relationships between the service providers customers and end users. One idea is the idea of data portability.

Law 100

Law Law Data protection Court 100

Debevoise Data Blog

JANUARY 14, 2022

More recently, on January 4, 2022, the FTC issued an advisory informing companies of their obligation to remediate the Log4j security vulnerability and more generally ensure that security vulnerabilities are appropriately remediated. [13] The FTC is also authorized to obtain consumer redress for rule violations (see below).

Compliance 52

Compliance Court Litigator Litigation 52

Debevoise Data Blog

JANUARY 16, 2025

Department of Justice (DOJ) issued the Final Rule on Preventing Access to Sensitive Data, creating a comprehensive export control regime to restrict the transfer of bulk sensitive personal and government-related data to foreign adversaries deemed threats to U.S. national security. [1] DOJ expects U.S. Additionally, U.S.

Compliance 52

Compliance Due diligence e-records Time-tracking 52