Key takeaways from August include: Conflicts of interest: Businesses should consider re-evaluating their data protection officer’s role and responsibilities, including dual roles on boards and committees, to prevent conflicts of interest…
Key takeaways from June and July include: Data transfers to the U.S.: Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S.…
On July 10, 2023, the European Commission adopted with immediate effect an adequacy decision for the EU-U.S. Data Privacy Framework (the “DPF”). The decision enables businesses in Europe to transfer…
On June 22, 2023, Robert Maddox, International Counsel, and Tristan Lockwood, Associate, delivered the latest instalment of the Debevoise London insurance industry webinar series, focusing on the European Union’s Digital…
Key takeaways this May include: Facial recognition: Businesses, including those with no presence in the EEA, face continued challenges in establishing GDPR-compliant facial recognition technology after the French CNIL fined…
Big businesses, especially those with a global footprint and operating in regulated sectors, are increasingly confronted with new and diverging cyber incident reporting requirements. A single incident—even a relatively minor…
Key takeaways this April include: UK children’s data protection focus continues: Businesses may wish to review policies and procedures for dealing with children’s data in light of recent UK ICO…
Key takeaways this March include: Fairness in AI: Businesses utilising AI may want to assess fairness principles in accordance with the latest UK ICO guidance, which includes clarification around AI…
Back in November 2022, we highlighted the enactment of the EU’s Digital Operational Resilience Act (“DORA”) that will impose far-reaching operational resilience requirements and Board oversight requirements on almost all…
Following recent enforcement action by the UK Prudential Regulation Authority (“PRA”) against Wyelands Bank, which was partly based on its failure to retain business-related messages exchanged by senior executives and…