Author

Florian Tannen

Browsing

The EU AI Act was adopted by the European Parliament today and is expected to enter into force within a few months, with its first substantive provisions taking effect before the end of 2024. The EU AI Act applies across the AI lifecycle – from developers to deployers of AI technologies – and organisations across industries have been watching its progress closely. Now that it is finally approved, we set out below what’s next, and…

A key step towards adoption of the EU AI Act was reached last Friday as the draft text received unanimous approval from the European Council’s main preparatory body. There are further votes to follow before the Act is adopted, but it’s looking likely that the final vote will take place in April and some substantive provisions of the Act could be in force soon after that, possibly by the end of the year. We set…

28 January 2024 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. Data Privacy Day encourages the global community to think about the importance of respecting privacy, safeguarding data, and enabling trust. In an increasingly connected and digitized world, where data protection, privacy and cybersecurity regulation are rapidly evolving, the work of the global data community is more vital, and more challenging,…

Whilst the EU’s AI Act has been grabbing all the headlines, the draft AI Convention has been flying under the radar. But not for much longer. The Convention, also sometimes called the ‘AI Treaty’, has been drafted by the Council of Europe. If adopted, it will be the first legally binding international convention on AI. The latest draft is not the final version, but contains text that is still subject to negotiation. We’ve set out…

On December 22, 2023 the EU Regulation on harmonised rules on fair access to and use of data, also known as the Data Act, was published in the Official Journal of the European Union. It shall enter into force on the twentieth day following that of its publication, namely on January 11, 2024, and become applicable on September 12, 2025. The Data Act affects manufacturers of connected products and also providers of related services, including virtual…

Late in the evening on Friday 8 December in Brussels was a historic moment for AI regulation in Europe. After three days of extensive final debate the EU Parliament, Council and Commission finally announced provisional agreement on the EU AI Act, the bloc’s landmark legislation regulating development and use of AI in Europe. It is one of the world’s first comprehensive attempts to regulate the use of AI. The EU AI Act awaits formal adoption…

On August 9, India’s Digital Personal Data Protection Bill, 2023 (“DPDP Bill”) passed both houses of the Indian Parliament and now awaits Presidential assent. In 2017, India’s Supreme Court mandated that privacy is a fundamental human right. Since that time, India has been working to pass data protection legislation. The DPDP Bill is India’s fifth draft of the bill. The DPDP Bill only applies to the processing of digital personal data in India, where the personal…

NFTs (Non-fungible Tokens) continue to grow in popularity, but the inherent misalignments in speed between legislation and innovation present a major challenge. NFT project developers, companies interested in using NFTs as an entry point into the web3 world and other stakeholders face legal challenges regarding regulatory matters, aligning these projects with more traditional legal requirements (such as eCommerce related consumer laws) and potential IP (Intellectual Property) breaches. Although there are few legal precedents for NFTs,…

On July 10, 2023, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”). US companies that participate in the DPF will be deemed to provide “adequate protection” under Article 45 of the EU General Data Protection Regulation (“GDPR”) for personal data transfers received from the European Union (“EU”) and European Economic Area (“EEA”). Why did the EC need to adopt the adequacy decision for the DPF? As we have previously written, the…

The US Office of the Director of National Intelligence (“ODNI”) announced today that it has fully implemented new safeguards under Executive Order 14086. See INTEL – ODNI Releases IC Procedures Implementing New Safeguards in Executive Order 14086. These steps clear the path for the European Commission to adopt the draft “adequacy decision” for cross-border data transfers pursuant to the EU-U.S. Data Privacy Framework. By way of brief background, in July 2020, the Court of Justice…