Legal IT Group

JANUARY 17, 2023

Therefore, individual states took matters into their own hands and passed local laws to protect the privacy of their residents. In this article, we will review who needs to know the new rules of the US legislation, when exactly they will come into force and what obligations these laws provide.

Data protection 130

Data protection Law Law Attorney 130

LawSites

AUGUST 4, 2022

state to mandate that attorneys take continuing legal education courses in cybersecurity, privacy and data protection. New York has become the first U.S. The order creates two types of cybersecurity training, one focused on ethics and the other on practice.

Data protection 111

Data protection Law Office Attorney Law firm 111

Rocket Matter

OCTOBER 22, 2024

Not only are law firms storing more data, but since the pandemic has forced us all to become increasingly mobile, keeping clients’ sensitive information safe is even more challenging. 11 Tips for Effective Law Firm Data Protection As a law firm, protecting your clients' sensitive information should be at the top of your priority list.

Law firm 98

Law firm Law Law Data protection 98

Inside Privacy

APRIL 28, 2023

On 29 March 2023, the UK Information Commissioner’s Office (“ICO”) published updated Guidance on AI and data protection (the “Guidance”) following “requests from UK industry to clarify requirements for fairness in AI”. AI has been a strategic priority for the ICO for several years.

Data protection 74

Data protection Compliance Law Law 74

Technology Law Dispatch

OCTOBER 26, 2023

On 3 October 2023, the UK Information Commissioner’s Office organised its annual Data Protection Practioner’s Conference 2023 (DPPC 2023). This year its focus was on Cybersecurity – a topic that concerns organisations across the board. Here are the takeaways from the DPPC 2023 (the event sessions available here ).

Data protection 59

Data protection Due diligence Compliance Law 59

Inside Privacy

MARCH 14, 2023

On March 13, 2023, the CNIL published a statement announcing that it reminded these two organizations of their legal obligations under the French data protection framework. Another requirement is that patients participating in the research must receive all the information mandated by Art.

Data protection 65

Data protection Compliance 65

Berkley Technology Law Journal

JANUARY 24, 2025

Candidate, 2025 No one wants to be left holding the bag after a break-in, but for chief information security officers (CISOs), the risk of liability is ever-present. Tasked with overseeing a firms cybersecurity posture, CISOs stand on the front lines of a corporations digital defense.

Failure-to-appear 130

Failure-to-appear Court Judge Data protection 130

Global LegalTech Hub

NOVEMBER 17, 2024

But in Latin America, no, perhaps there are, in some jurisdictions, regulations related to data protection, but that's not necessarily what we are referring to. All that technology offers to the new generations, they have access to information. If I'm not wrong, the latest was Peru. Nowadays, it is much easier.”

Due diligence 130

Due diligence Data protection Law firm Legal tech 130

Debevoise Data Blog

AUGUST 27, 2024

Representative actions: In light of the CJEU ruling that a violation of the controller’s information obligations can be subject to a representative action, businesses should consider the potentially increased risk of litigation following GDPR breach allegations and how to respond.

Data protection 52

Data protection Compliance Litigation Litigator 52

Debevoise Data Blog

MAY 28, 2024

EDPB “Consent or pay” models: Businesses operating large online platforms should consider the European Data Protection Board’s recent opinion indicating that “consent or pay” models are unlikely to be GDPR-compliant.

Data protection 52

Data protection Compliance Law Law 52

Ikigai Law

AUGUST 4, 2023

India’s Digital Personal Data Protection Bill 2023 was introduced in Parliament on 3 August 2023. Once passed, the law will govern how businesses collect and use individuals’ data. What data is covered? Personal data, i.e., data about an individual that can identify them. What else should fiduciaries do? (a)

Data protection 52

Data protection Law Law e-records 52

Debevoise Data Blog

SEPTEMBER 23, 2024

Our top-five European data protection developments from August are: Uber fined for personal data transfer: The Dutch Data Protection Authority fined Uber €290 million for the unlawful transfer of European drivers’ personal data to the U.S., without sufficient safeguards. ICO proposes £6.09

Data protection 52

Data protection Court Software Compliance 52

Debevoise Data Blog

JUNE 27, 2024

Our top five European data protection developments from May are: UK guidance on ransom payments: The UK NCSC and various insurance industry bodies co-published guidance on key considerations for ransomware payments. 22, then there must be sufficient human-involvement in that processing for it to be GDPR-compliant.

Data protection 52

Data protection Software e-records Compliance 52

Debevoise Data Blog

JULY 30, 2024

Our top five European data protection developments from June are: Non-material damage under GDPR: The CJEU clarified the scope of compensation for non-material damage in the context of identity theft and data subjects’ fear that their personal data had been exposed. These developments, and more, are covered below.

Data protection 52

Data protection Time-tracking Mediator Analytics 52

Legal IT Group

APRIL 2, 2025

Definition of personal data 1.2. Rights of data subjects 1.4. Privacy concepts and roles Technologies, most impacting on privacy and data protection 2.1. Social media advertising, based on personal data 2.2. PRIVACY PROTECTION IN THE MODERN WORLD 1.1. Such an identifier is personal data.

Data protection 130

Data protection Compliance Software Machine learning 130

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection 52

Data protection Compliance Failure-to-appear e-records 52

Debevoise Data Blog

SEPTEMBER 27, 2023

The controller was also fined €9,000 for not having the proper contact information for the DPO in its privacy policy, and for using cookies without user consent. These developments, and more, covered below.

Data protection 52

Data protection Compliance e-filing Court 52

Debevoise Data Blog

APRIL 26, 2024

Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers, computer scientists and legal experts. These developments, and more, are covered below.

Data protection 52

Data protection e-records Compliance Court 52

Ikigai Law

AUGUST 8, 2023

A detailed clause-wise analysis of the Digital Personal data Protection Bill 2023 On 7 August 2023, the Lok Sabha passed the Digital Personal Data Protection Bill, 2023. It will soon be introduced in the Rajya Sabha and likely become a law in a couple of days. Read the analysis here.

Data protection 52

Data protection Law Law 52

Debevoise Data Blog

MAY 12, 2023

Key takeaways this April include: UK children’s data protection focus continues: Businesses may wish to review policies and procedures for dealing with children’s data in light of recent UK ICO fines and guidance, especially to ensure that terms of use are adequately enforced.

Data protection 52

Data protection Software design Machine learning Software 52

Technology Law Dispatch

JUNE 23, 2023

On 19 June 2023, the Information Commissioner’s Office (ICO) has released new Guidance on Privacy-Enhancing Technologies (PETs) for Data Protection Compliance. Understanding PETs PETs are software and hardware systems that can help minimize use of personal data use while maximizing information security.

Data protection 52

Data protection Compliance Software Law 52

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection 52

Data protection Compliance e-records Court 52

Legal IT Group

FEBRUARY 23, 2023

Introduction In our previous articles , we have already drawn your attention to the Brazilian data protection legislation which is quite similar to the General Data Protection Regulation (GDPR). Also, the ANPD has shared a new form which should be used for sending security incident reports by a data controller.

Data protection 130

Data protection Compliance e-filing Law 130

Debevoise Data Blog

DECEMBER 22, 2023

For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space. In particular, the paper recommends the use of internal data access controls, regular auditing of data security measures, and the use of data protection impact assessments.

Data protection 52

Data protection Time-tracking Compliance Machine learning 52

Legal IT Group

NOVEMBER 13, 2023

A data protection officer ( DPO ) is a specialist who helps companies ensure compliance with international data protection laws. In a nutshell, the DPO is a key person who helps the company in all business processes to ensure compliance with the data protection law.

Data protection 130

Data protection Compliance International law Law 130

Inside Privacy

NOVEMBER 28, 2023

They raise various questions under regulatory and data protection and data security laws. The DiGA Regulation imposes specific data protection and data security requirements on health apps (in addition to safety, functionality, quality and interoperability requirements). 26 of the GDPR.

Data protection 57

Data protection Time-tracking Software Law 57

Legal IT Group

APRIL 2, 2025

Even though the lack of privacy measures will have the same data leakage, IoT developers still shall take all appropriate actions to protect the personal data of its users. Internet of Things and General Data Protection Regulation. Is it applicable? For sure, yes. Lets look separately at each of the major aspect.

Data protection 100

Data protection Compliance Lawyer Law 100

Debevoise Data Blog

JUNE 8, 2023

As we covered here , last October, the CNIL fined Clearview AI €20 million for various data protection violations, including “intrusive and massive” data processing without consent or a valid legitimate interest. Nonetheless, businesses that transfer personal data to the U.S. These developments, and more, covered below.

Data protection 52

Data protection Compliance e-records Dispute resolution 52

Inside Privacy

JULY 3, 2023

On 21 June 2023, at the close of a roundtable meeting of the G7 Data Protection and Privacy Authorities, regulators from the United States, France, Germany, Italy, United Kingdom, Canada and Japan published a joint “Statement on Generative AI” (“Statement”) (available here ).

Data protection 108

Data protection Compliance Law Law 108

Inside Privacy

APRIL 28, 2023

Following a number of complaints, the European Data Protection Supervisor (‘EDPS’) decided that the SRB shared pseudonymized personal data with the consulting firm without informing the affected individuals of this sharing. Before sharing the responses, SRB replaced the name of each respondent with a code.

Court 137

Court Data protection 137

Debevoise Data Blog

APRIL 28, 2023

UK ICO updates guidance to clarify requirements for fairness in AI What happened : The UK ICO has updated its existing Guidance on AI and data protection following requests from industry to clarify requirements for fairness in AI. Norwegian Data Protection Authority fines medical device company c.$240,000

Data protection 52

Data protection Compliance e-filing Software 52

Technology Law Dispatch

AUGUST 2, 2023

The Summer 2023 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released: English version German version This edition covers the following topics: New adequacy decision for EU-U.S. data transfers CJEU: Requirements for GDPR damage claims CJEU: Lawfulness of processing in case of Art.

Data protection 52

Data protection Court Law Law 52

Inside Privacy

OCTOBER 17, 2023

On 3 October 2023, the UK Information Commissioner’s Office (“ ICO ”) finalized its Employment practices and data protection − Monitoring workers guidance (“ Guidance ”) to account for new types of work, including work from home, and the use of more sophisticated technologies for monitoring.

Data protection 65

Data protection Time-tracking Case management Compliance 65

Legal IT Group

OCTOBER 23, 2023

However, the personalized advertising ecosystem relies heavily on the personal data of users, raising questions about data protection and privacy requirements. So, what should businesses take into account to comply with data protection requirements?

Data protection 130

Data protection Time-tracking Machine learning Compliance 130

Legal IT Group

MAY 3, 2023

ChatGPT (Generative Pre-trained Transformer) — is a chatbot based on AI, developed by the US laboratory OpenAI, which gives information and answers to users’ requests. Regardless of the proven practical benefits of AI in different fields, its use has some risks for users’ privacy and data protection. Violation of Art.

Data protection 130

Data protection Compliance Law Law 130

Global LegalTech Hub

MAY 7, 2024

Countries like Italy initially blocked ChatGPT's use, later reinstating it with promises of increased transparency and data protection. The Ibero-American Data Protection Network (RIPDP) warns of the risks associated with using AI services like those developed by OpenAI, L.L.C.,

Data protection 130

Data protection Compliance Law Law 130

Debevoise Data Blog

OCTOBER 20, 2023

What to do : A UK business that wishes to transfer personal data to the US under the data bridge should go to the DPF List , search for the US organisation in question, and confirm they are signed up to the “UK Extension”. data transfers. Two areas that have been stressed previously in the data protection compliance context.

Data protection 52

Data protection Intellectual Property Compliance Law 52