The European Union (EU) has revised its Cybersecurity Directive (NIS2). The new rules will apply to a wide range of companies in many sectors, create new cybersecurity obligations, and impose high fines for noncompliance. EU countries have until October 17, 2024, to transpose the new rules. As the deadline approaches, companies should assess the impact on their cybersecurity strategy. This alert summarizes the key obligations for businesses.Continue Reading NIS2: Preparing for EU’s New Cybersecurity Rules
Sebastian Thess
EU Court of Justice Landmark Ruling on Digital Advertising and GDPR Compliance
On March 7, 2024, the European Court of Justice (CJEU) issued a landmark ruling on digital advertising and the concepts of personal data and joint controllership under the General Data Protection Regulation (GDPR).Continue Reading EU Court of Justice Landmark Ruling on Digital Advertising and GDPR Compliance
What’s Next After the EU Parliament’s Position on the Draft AI Act?
A significant milestone in the legislative process of the AI Act has been reached with the vote of the European Parliament (EP) on June 14, 2023. The text now enters a new phase, during which all three EU institutions (the Council of the EU (Council), the EU Commission (EC), and the EP) will work towards an agreement on the final text.
The fast-moving developments and growth of AI have garnered significant political pressure, pushing the EU institutions to finalize the text. Spain, which will assume the presidency of the Council as of July 1, 2023, has stated that finishing the AI Act will be a top priority on its agenda. This alert summarizes the key changes proposed by the EP and what to expect next.Continue Reading What’s Next After the EU Parliament’s Position on the Draft AI Act?