Uncategorized Archives

In Artificial Intelligence

Averting Patent and other IP Risks in Generative AI Use

February 28, 2024 by Mackenzie Martin and Bryce Bailey 8 Mins Read

In the past year, news coverage on generative artificial intelligence has dominated headlines. Generative AI offers dominant functionality and opportunities to leverage incredibly powerful algorithms to make new content. One area that business leaders and research and development teams may think to use generative AI is in the realm of new inventions. However, while generative AI offers great potential, it also comes with risk. Below, we discuss patent and other IP considerations related to using…

In Cybersecurity

China’s Detailed Cybersecurity Reporting and Disclosure Rules

January 18, 2024 by Rachel Ehlers, Brian Hengesbaugh and Zhenyu Ruan 3 Mins Read

On January 7, 2024, China’s Cyberspace Administration (“CAC”) closed the public consultation period for its new cybersecurity incident reporting rules, which were released in December. If the draft rules are adopted as written, companies would be required to report certain cybersecurity incidents to the relevant Chinese regulator within one hour. The relevant regulator depends on the nature of the IT system compromised, the industry, and other factors and may be the local CAC, the public…

In Cybersecurity

California’s CPPA moves into 2024 with an ambitious agenda on Cybersecurity Audits, Risk Assessments, and Automated Decision-Making Technology

December 14, 2023 by Cynthia Cole, Justine Phillips, Grayson Myers and Garrett Stallins 3 Mins Read

The California Privacy Protection Agency (“CPPA”) held a public board meeting on December 8, 2023. As discussed in our previous article, the CPPA is in the process of preparing Draft Regulations on Cybersecurity Audits, Risk Assessments and Automated Decision-Making Technology. The Rules Subcommittee provided updates on these regulations, and Board members provided their feedback on the drafts. Key Takeaways Regarding CCPA Cybersecurity Audit Regulations The Cybersecurity Audit Regulations would require businesses “whose processing of consumers’…

In California Privacy Law

Colorado Privacy Act Enforcement Update

July 21, 2023 by Helena Engfeldt and Tom Tysowsky 2 Mins Read

The Colorado Privacy Act is enforceable since July 1, 2023. Just as the California Attorney General has done through several sweeps (see here and here), the Colorado Attorney General, Phil Weiser, has announced through letters sent to business that enforcement of the Colorado Privacy Act has begun. The initial round of letters are meant to educate businesses on their new obligations, with particular emphasis on the collection and use of sensitive data and related prior…

In Data Privacy

ICO issues update on change of approach to regulating communication service providers

February 14, 2023 by Lucy Hart 2 Mins Read

The Information Commissioner’s Office (ICO) has published an update confirming its plans to cease enforcement of certain breaches of regulation 5A of the Privacy and Electronic Communications Regulations 2003 (PECR) against public electronic communications service providers (CSPs). Regulation 5A PECR requires CSPs to notify the ICO within 24 hours of becoming aware of a personal data breach. The ICO initially published a statement on 20 January 2023 which stated that it had decided to stop…

In Digital Media & Content

USA: Now is the Time to Evaluate Your Online Content Moderation Programs

February 9, 2023 by Jonathan Tam and Vivian Tse 7 Mins Read

In recent years, CDA 230 has come under scrutiny for its alleged impact on freedoms of speech, online safety, and misinformation. We describe recent examples of lawmakers and authorities seeking to impose more onerous content moderation restrictions or obligations on digital platforms.

In Data Privacy

Data protection trends in children’s online gaming

September 13, 2022 by Elizabeth Denham CBE 9 Mins Read

Children now spend a lot of time playing games online, but the gaming industry has received less scrutiny than social media or streaming platforms over privacy concerns. As gaming grows, the scale of user vulnerability increases as well. Many young people do not understand the data risks posed by online games. Luckily, privacy regulators are increasingly focusing efforts toward protecting children’s safety and autonomy online. Young people enjoy online games because they allow for play, learning and…

In Digital Media & Content

Aprobado el articulado final del Reglamento de Servicios Digitales (DSA) y del Reglamento de Mercados Digitales (DMA)

July 25, 2022 by Patricia Pérez, David Molina, Pablo Uslé and Itziar Osinaga 1 Min Read

El Parlamento Europeo aprobó el 5 de julio el articulado final del Reglamento de Servicios Digitales (DSA) y del Reglamento de Mercados Digitales (DMA). Estas normas regulan la posición jurídica de proveedores de servicios digitales de intermediación (p. e. plataformas como marketplace, motores de búsqueda, redes sociales, servicios de hosting, etc.) y, consecuentemente, afectan también a todos los demás players (usuarios y empresas de todos los tamaños) que interactúan a través de sus servicios.…

In Data Privacy

Data Protection Day – Key developments and looking ahead to 2022

January 27, 2022 by Benjamin Slinn, Dr Michaela Nebel, Florian Tannen, Prof. Dr. Michael Schmidl, Magalie Dansac Le Clerc, Hugo Roy, Dr Lukas Feiler, Beat Koenig, Elisabeth Dehareng, Francesca Gaudino, Radoslaw Nozykowski, Nathalja Doing, Dr. Csaba Vári, Ilay Yilmaz, Can Sozer, Yigit Acar, Anne-Marie Allgrove, Liz Grimwood-Taylor, Dhiraphol Suwanprateep, Manh Hung Tran, Ken Chia, Alex Toh, Jacqueline Wong, Paolo Sbuttoni, Zhenyu Ruan, Kensaku Takase, Daisuke Tatsuno, Kellie Blyth, Arjun Patel, Theo Ling, Conrad Flaczyk, Nadia Rauf, Cristina Messerschmidt, Brian Hengesbaugh, Stephen Reynolds, Nick Merker, Harry Valetk, Michael Egan, Gary Hunt, Dominic Panakal, Alex Crowley, Justin Burgess, Daniel Villanueva-Plasencia, Carlos Vela-Trevino, Flavia Rebello, Suha Alwan and Nadine Bosshard 66 Mins Read

Friday 28 January 2022 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2022, our Global Data Privacy and Security Team have provided a roundup of key trends and developments across the globe from a data protection perspective as well as looking ahead to what to expect in 2022. There are new laws and developments to keep…

In Podcast

Podcast Episode 27 – Breaking Down the UK ICO’s Guidance on the Solar Winds Cyber Attack

February 1, 2021 by Brian Hengesbaugh and Paul Glass 1 Min Read

Brian Hengesbaugh and Partner Paul Glass dissect the recent guidance issued by the ICO in response to the SoldWinds cyber attack. Listen to hear: an overview of what the guidance sayswhy the ICO decided to release guidance in regards to this incidenthow companies should best approach the 72-hour notification rule https://open.spotify.com/episode/5ufO2qYMt4rPOQiVOKHo4n?si=ZMqpxKVpRvKsT8G7jo6o-A