Legislative Development – Debevoise Data Blog

Artificial Intelligence

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser, Gareth Hughes, Erez Liebermann, Jim Pastore, Caroline Novogrod Swett, Marshal Bozzo, Matt Kelly, Robert Maddox, Johanna Skrzypczyk, HJ Brehmer, Stephanie Cipolla, Jackie Dorward, Melyssa Eigen, Joshua A. Goland, Martha Hirst, Karen Joo, Gabriel Kohan, Jarrett Lewis, Noah L. Schwartz, Ned Terrace, Stephanie Thomas, Annabella M. Waszkiewicz, Michiko Wongso and Mengyi Xu December 10, 2024

As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2024 by page views. If you are not already…

Artificial Intelligence

European Data Protection Roundup – July 2024

By: Robert Maddox, Friedrich Popp, Stephanie Thomas, Joshua Plastrik, Theo Wilson, Barney Lynock and Deniz Tanyolac August 27, 2024

Our top five European data protection developments from July are: EU AI guidance: Businesses should consider reviewing their AI policies and practices following guidance from the French CNIL and the…

Cybersecurity

The EU’s Draft NIS2 Regulations: Appropriate ICT Security Measures and Serious Incident Reporting

By: Robert Maddox and Martha Hirst August 12, 2024

The European Commission has published a draft regulation containing further detail on the “technical and methodological” security measures, and cybersecurity incident reporting threshold triggers, under the incoming NIS2 directive (the…

Artificial Intelligence

The EU AI Act: While We Wait

By: Avi Gesser, Matt Kelly and Martha Hirst May 6, 2024

Despite much fanfare, and a process that seems to edge ever nearer to completion, the EU AI Act still has not been formally adopted. The Act still has to undergo…

Announcement

Announcing the Debevoise Tracker for Cybersecurity Incident Disclosure on Form 8-K

By: Avi Gesser, Benjamin R. Pedersen, John Jacob and Talia Lorch March 6, 2024

In July, we previewed the new rules adopted by the Securities and Exchange Commission (“SEC”) for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure. Under these rules, Item 1.05 of…

Business

UK Online Safety Bill Passed – An FAQ

By: Robert Maddox, Martha Hirst and Allegra De Lorenzo September 26, 2023

After years of deliberation, the UK passed its long-awaited Online Safety Bill (the “OS Bill”). It imposes content moderation requirements on certain online platforms and service providers to address illegal…

Artificial Intelligence

European Data Protection Roundup – June & July 2023

By: Robert Maddox, Friedrich Popp, Martha Hirst, Aisling Cowell, Tristan Lockwood, Maria Epishkina, Maria Santos and Sergej Bräuer August 16, 2023

Key takeaways from June and July include: Data transfers to the U.S.: Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S.…

Artificial Intelligence

Colorado Draft AI Insurance Rules Are a Watershed for AI Governance Regulation

By: Eric Dinallo, Avi Gesser, Erez Liebermann, Marshal Bozzo, Anna Gressel, Samuel J. Allaman and Melissa Muse February 14, 2023

On February 1, 2023, the Colorado Division of Insurance (“DOI”) released its draft Algorithm and Predicative Model Governance Regulation (the “Draft AI Regulation”). The Draft AI Regulation imposes requirements on…

Consent

What the GDPR Can Tell Us About State Privacy Laws

By: Johanna Skrzypczyk, Robert Maddox and Martha Hirst November 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. Recently, a number of U.S.…