On September 10, 2024, the European Commission (EC) offices in charge of the enforcement of the Digital Markets Act (DMA) and the European Data Protection Board (EDPB)—the European body composed of all EU data protection regulators that oversees the consistent application of the General Data Protection Regulation (GDPR)—announced that they intend to provide guidance on the interplay between the DMA and GDPR.Continue Reading EU Agencies to Develop Guidance on the Interplay Between the DMA and GDPR

As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation, reputational damage, and hefty fines. Against that background, the EU is introducing stricter regulations that require robust cyber resilience, mandate board oversight on cybersecurity strategy, and hold board members personally liable for weak security practices.Continue Reading Cybersecurity: A Critical Element in Your 2025 Business Forecast

The Artificial Intelligence Act (AI Act) is the first comprehensive legislation that intends to regulate AI horizontally across all sectors in Europe. It will have far reaching consequences on all companies developing, implementing, or using AI solutions in the EU and beyond. These FAQs provide key information you should know before the AI Act is adopted, and some tips on what you can already be doing to prepare. To learn more, click here to read Wilson Sonsini’s updated FAQs.”Continue Reading Updated: 10 Things You Should Know About the EU Artificial Intelligence Act

On April 8, 2024, the French Data Protection Authority (CNIL) published recommendations on the development phase of artificial intelligence (AI) systems1 (Recommendations). They are the first set of recommendations designed to guide the various players in the AI ecosystem on how to apply the General Data Protection Regulation (GDPR) to the development of AI systems. The Recommendations are relevant to providers and users of AI systems who process personal data as part of the development of such systems, including fine-tuning already-existing AI systems.Continue Reading French Data Protection Authority Publishes Recommendations on the Development of AI Systems: Seven Takeaways

On February 28, 2024, the UK’s Information Commissioner (commissioner) confirmed that the regulator’s focus areas in 2024 will include artificial intelligence (AI), cookies, biometrics, and children’s privacy.Continue Reading UK Privacy Regulator to Focus on AI, Cookies, Biometrics, and Children’s Privacy, and Consult on “Consent or Pay” Models

In 2024, businesses will continue to face an evolving landscape of privacy opportunities and challenges, including an increasingly complex data regulatory environment that extends beyond the General Data Protection Regulation (GDPR). With heightened scrutiny from regulators, consumers, and investors, the need to bolster privacy and data management practices has become even more important. Here’s our top 10 list of what to watch for in the privacy and data regulatory space in 2024:Continue Reading 10 Privacy Predictions in the EU for 2024