The Trump Administration has not slowed down in its rollout of wide-sweeping technology policy changes with potentially significant impacts to be felt throughout the country and around the globe. Personnel changes and public announcements of new priorities are the throughline of new actions crossing various sectors and agencies at the…
Introduction As the United States transitions to a new administration, federal policymaking is beginning to shift away from civil rights and other Biden-era AI governance priorities and towards AI policies focused on “out-innovating the rest of the world,” securing US technological advantage, and national security, defense, and cybersecurity. In the…
On 14 January 2025, the UK government launched a public consultation on proposed legislative measures to combat the ever-increasing threat of ransomware. With these proposals, the UK government is seeking to step up its efforts to understand, deter and prosecute ransomware attacks by gathering more information from victims and undermining…
With the deadline for Member States to transpose the European Union’s updated Network and Information Systems Directive (Directive (EU) 2022/2555) (“NIS 2” or “Directive”) into national law having passed on 18 October 2024, organisations operating in or servicing the EU market face significant new cybersecurity obligations. The revised Directive, which…
Since the passing of the California Consumer Privacy Act (CCPA) in 2018, California has led the nation in privacy regulation and enforcement. But, beginning July 1, 2024, Texas will be the new sheriff in town. On July 1, Texas’ Data Privacy and Security Act goes into effect as one of the strongest…
As we kick off 2024, many of us are wondering what this year’s hot topics and trends will be in the privacy and cybersecurity sector. Will AI continue to be the trendsetter, even among privacy regulators? And what will businesses do to keep up to date with all emerging laws,…
On December 14, 2023, the EU Court of Justice (“CJEU”) issued its first ever ruling on the scope of data security requirements under the GDPR. In VB v. NAP, the CJEU held that an organization is not liable for a security breach unless it failed to implement appropriate security measures….
The cybersecurity world is ablaze as recent developments demonstrate an increased expectation of accountability and competence in the space. This trend is unsurprising given high-profile cyber-attacks coupled with advances in artificial intelligence (AI). In fact, days after releasing the Administration’s Executive Order on the Safe, Secure, and Trustworthy Development and…
Case Law Updates and Fines On May 29, 2023, the Hellenic Data Protection Authority (HDPA) published Decision No. 20/2023, in which it fined WIND Hellas Telecommunications S.A. (now NOVA Telecommunications & Media Monoprosopi SA) €150,000, for violations of the General Data Protection Regulation (GDPR), following a complaint. You can read the press release here and the…
The Supreme Court’s ruling in the Dobbs Decision, which overturned Roe v. Wade and Casey v. Planned Parenthood and eliminated the constitutional right to an abortion, permitted states to regulate access to abortion services. Since the Supreme Court issued its opinion on June 24, 2022, privacy, consumer and reproductive health…