As the European Union edges ever-closer to formally enacting the EU AI Act, attention is turning to how other jurisdictions will approach AI regulation. In the UK, individual regulators will oversee the use of AI within their respective areas of competence. This blog post analyses the UK Competition and Markets Authority’s (“CMA”) proposed approach to AI regulation. The UK Approach…
Companies across a range of industries are increasingly incorporating artificial intelligence (“AI”) into their businesses. As with any new technology, AI presents a number of questions concerning its relation to and compliance with antitrust laws. U.S. antitrust enforcers under the current administration have expressed a range of concerns around AI, including its effects on the accumulation of market power, the…
In an unprecedented settlement, on June 18, 2024, the U.S. Securities & Exchange Commission (the “SEC”) announced that communications and marketing provider R.R. Donnelley & Sons Co. (“RRD”) agreed to pay approximately $2.1 million to resolve charges arising out of its response to a 2021 ransomware attack. According to the SEC, RRD’s response to the attack revealed deficiencies in its…
Luke Dembosky, Avi Gesser, Erez Liebermann, Jim Pastore, Matt Kelly, and Johanna Skrzypczyk were all recognized by The Legal 500 US in the category Cyber Law (Including Data Privacy and Data Protection) with Luke Dembosky and Avi Gesser ranked as Leading Lawyers. Abraham Tabaie and Christopher Ford were also listed as key lawyers in the practice. Clients have said Debevoise has…
On June 11, 2024, the U.S. Securities and Exchange Commission (“SEC”) filed its third matter this year involving “AI washing”—namely, alleged misstatements or omissions by securities market participants about the use of artificial intelligence (“AI”). This particular case is noteworthy for several reasons: it is the Commission’s first litigated AI washing matter; concerns statements made to raise funds from private…
On May 17, 2024, Colorado passed Senate Bill 24-205 (“the Colorado AI Law” or “the Law”), a broad law regulating so-called high-risk AI systems that becomes effective on February 1, 2026. The law imposes sweeping obligations on both AI system deployers and developers doing business in Colorado, including a duty of reasonable care to protect Colorado residents from any known…
Luke Dembosky, Avi Gesser, Erez Liebermann, Jim Pastore and Matt Kelly were all ranked by Chambers & Partners in the Privacy & Data Security: Cybersecurity category. For this category, Chambers reviews law firms’ capacity to assist clients in preparing for and responding to non-intentional data use, including bad actors, data breaches, and any situation where companies lose containment over the…
The rise of generative AI platforms has introduced significant new legal challenges for brand owners. While much has been written about the copyright implications of generative AI, many high-profile cases also include trademark infringement allegations, highlighting the potential for AI-generated content to affect brand reputation and create legal risk. AI tools offer businesses the ability to create new content and…
Key takeaways from April include: UK FCA’s AI regulation: UK FCA-regulated firms should take note of the FCA’s newly confirmed approach to AI regulation that seeks to be outcome-focused, principle-led, and flexible and consider whether their use of AI is consistent with the FCA’s objectives to mitigate risk to consumer protection, market competition, and market integrity. UK Generative AI: Adding…
On May 23, 2024, the U.S. Department of Housing and Urban Development (“HUD”) announced that, effective immediately, Federal Housing Administration (“FHA”)-approved Mortgagees are subject to a drastically heightened cybersecurity incident reporting regime. HUD issued this new requirement (the “HUD Notification Requirement”) without the need for notice or comment in Mortgagee Letter 2024-10 (the “Letter”), which amends the Single Family Housing…