-
Jan 8, 2025 | 
jdsupra.com | Alistair Ho |Deborah Kirk |Nicola Kerr-Shaw
[co-author: Aleksander Aleksiev]On 13 December 2024, the UK Information Commissioner’s Office (ICO) published the report of outcomes from its consultation on generative AI (genAI). The report sets out key themes that emerged from responses to the ICO’s five-part genAI consultation series that launched in January 2024, which covered: The relevant lawful basis for using web scraping to train genAI models. Purpose limitation in the context of genAI.
-
Jan 6, 2025 | 
jdsupra.com | Kata Viktoria Eles |Nicola Kerr-Shaw |David Simon
[co-author: Aleksander Aleksiev]The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including: An ESA statement on DORA compliance. The publication of the final Implementing Technical Standard for registers of information. An ESA report on regulators’ DORA “dry run” of registering information.
-
Oct 15, 2024 | 
jdsupra.com | Nicola Kerr-Shaw |David Simon
[co-author: Aleksander ALeksiev]On 30 September 2024, the UK Department of Science, Innovation and Technology announced that the Cyber Security and Resilience Bill (Bill) will be introduced to Parliament in 2025. The Bill was first announced in the King’s Speech on 17 July 2024. Its aim is to strengthen the UK’s cybersecurity and ensure that critical infrastructure and digital services are secure and resilient.
-
Oct 14, 2024 | 
jdsupra.com | Kata Viktoria Eles |William Ridgway |Nicola Kerr-Shaw
Executive Summary The deadline for EU countries to transpose the expanded cybersecurity directive, NIS 2, into national law is 17 October 2024, but the implementation status varies significantly from country to country. Some of the member states will miss the deadline. In others, the new regulation is expected shortly. NIS 2 significantly expands the scope of NIS 1 and revises how companies are classified.
-
Oct 11, 2024 | 
lexology.com | Susanne Werry |William Ridgway |David Simon |Nicola Kerr-Shaw |Kata Viktoria Eles
Executive Summary The deadline for EU countries to transpose the expanded cybersecurity directive, NIS 2, into national law is 17 October 2024, but the implementation status varies significantly from country to country. Some of the member states will miss the deadline. In others, the new regulation is expected shortly. NIS 2 significantly expands the scope of NIS 1 and revises how companies are classified.
-
Oct 8, 2024 | 
jdsupra.com | William Ridgway |Nicola Kerr-Shaw |Joshua M. Silverstein
October 8, 2024
William Ridgway, Nicola Kerr-Shaw, Joshua Silverstein, David Simon, Susanne Werry
Skadden, Arps, Slate, Meagher & Flom LLP
+ Follow
x Following
x Following
- Unfollow
Contact
To embed, copy and paste the code into your website or blog:
Executive Summary With the EU’s AI Act having entered into force on August 1, 2024, companies now need to focus on its implementation.
-
Sep 25, 2024 | 
lexology.com | Ken Kumayama |Stuart D. Levi |William Ridgway |David Simon |Nicola Kerr-Shaw |Susanne Werry | +1 more
Key PointsAs AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The risks of AI, and the legal and regulatory obligations, differ across industries, and depend on whether the company is the developer of an AI system or an entity that deploys it.
-
Aug 11, 2024 | 
concurrences.com | Bill Batchelor |Ryan Junck |David Simon |Nicola Kerr-Shaw
SummaryIn Nuctech Warsaw (T-284/24), the EU Court of Justice held that EU subsidiaries can lawfully be required to provide access to email accounts and data held by their overseas parent company. The ruling involved the following framing: Broad reach of EU extraterritorial investigative powers: The order interprets the European Commission’s (EC’s) investigative powers broadly. EU law applies to conduct with significant effects in the EU, even if the conduct occurs outside the EU. Consequent...
-
Aug 11, 2024 | 
concurrences.com | Bill Batchelor |Ryan Junck |David Simon |Nicola Kerr-Shaw
SummaryIn Nuctech Warsaw (T-284/24), the EU Court of Justice held that EU subsidiaries can lawfully be required to provide access to email accounts and data held by their overseas parent company. The ruling involved the following framing: Broad reach of EU extraterritorial investigative powers: The order interprets the European Commission’s (EC’s) investigative powers broadly. EU law applies to conduct with significant effects in the EU, even if the conduct occurs outside the EU. Consequent...
-
Aug 9, 2024 | 
jdsupra.com | Nicola Kerr-Shaw
[co-author: Aleksander Aleksiev]Last month the new Labour government in the UK announced in the King’s Speech that it will introduce new artificial intelligence (AI) rules alongside cybersecurity and digital information bills. A brief overview of these developments is set out below. Artificial IntelligenceTo date, the UK has taken a principles-based, “pro-innovation” approach to AI that relied on the application of existing laws rather than introducing dedicated AI legislation.
