Category

Information Governance

Category

The ICO has recently launched a public consultation on the first chapter of its draft guidance on generative AI and data protection. This consultation has a particular focus, it is a call to explore the lawful basis for extracting data from the web to train generative AI models (a process which is becoming more common across numerous markets). The ICO is requesting input from developers, users and wider interested parties. What is generative AI? Generative…

Whilst the EU’s AI Act has been grabbing all the headlines, the draft AI Convention has been flying under the radar. But not for much longer. The Convention, also sometimes called the ‘AI Treaty’, has been drafted by the Council of Europe. If adopted, it will be the first legally binding international convention on AI. The latest draft is not the final version, but contains text that is still subject to negotiation. We’ve set out…

Organizations are increasingly relying upon and integrating artificial intelligence (AI) technologies, including automated decision-making (ADM) processes, into their workflows and utilizing these applications for critical decision-making processes.[1] AI is being leveraged for a variety of use cases (e.g., IT process automation, marketing and customer care, security and threat detection, recruitment and employment, etc.) and across different industries including technology and communications, financial services, manufacturing, and consumer services. Any AI system is driven and sustained by…

Increasingly companies are turning their attention to environmental, social, and corporate governance (ESG) reporting. In response to market and shareholder demands, companies are making commitments to address issues such as climate change, diversity and inclusion, and ethical governance. ESG reporting is used to evaluate the non-financial performance of companies with the aim of encouraging the development of responsible business practices.[1] Previously companies viewed these initiatives as voluntary with low legal risk. However, there is growing…

Records and data retention can be complicated, particularly when balancing competing statutory requirements from around the globe, industry best practices, business needs, and the growing importance of privacy considerations. When faced with these realities, many organizations seek solutions that will make retention easier and more streamlined. While there are several ways to achieve this, organizations need to proceed with caution when choosing which aspects of their retention policies and procedures to simplify. One aspect organizations…

In recent years, the world of cross-border data flows has changed dramatically, driven by the exponential growth of data and the increasing ability and desire to harness and exploit it, as well as the growing number of regulatory developments that have created a patchwork of varying approaches across jurisdictions, which organizations must now navigate. Cross-border data transfers have become an increasingly complex issue, intersecting different areas of regulatory focus, including not only privacy and cybersecurity,…

The world of technology is always changing, often accelerated by the social and cultural realities of the time. These changes are sometimes incremental and have a seemingly imperceptible impact on our lives, or we can find ourselves in the midst of a paradigm shift. We are arguably entering such a period now. The development of extended reality (XR) platforms is being thrust centre stage at a time when we as a society have collectively become…

Although a paradigm shift towards flexible working arrangements was already underway before the COVID-19 pandemic, it is clear that remote and hybrid work arrangements are here to stay. Two years into the pandemic, many businesses continue to operate with a distributed workforce. Others, including major technology companies, have allowed their employees to work remotely on a permanent basis. This has resulted in a large and growing portion of the population working from their homes. These…

The COVID-19 pandemic has forced many organizations to re-evaluate and transform their approach to crisis and risk management in relation to their information governance programs. Since the start of the pandemic, several jurisdictions have introduced temporary legislative measures (e.g., proof of vaccination requirements), amendments to existing legislation (e.g., tax relief measures), imposed new requirements (e.g., remote working), and suspended limitation periods for legal claims and disputes in certain situations. As with any crisis that triggers…