Services subject to the EU’s Digital Services Act (DSA) will be required to publish their annual transparency report by February 16, 2025. This includes providers of hosting services, online platforms, very large online platforms (VLOP)
Continue Reading Upcoming Reporting Obligations Under the EU Digital Services ActUnderstanding the EU’s Cyber Solidarity Act: Key Takeaways
By Cédric Burton, Demian Ahn, Laura Brodahl & Matthew Nuding on
Posted in Cybersecurity
On February 4, 2025, the European Union’s (EU) Cyber Solidarity Act (CSA) entered into force. The CSA aims to harmonize and strengthen the cooperation between EU authorities to improve their capacity to detect and address…
Continue Reading Understanding the EU’s Cyber Solidarity Act: Key TakeawaysConsumer Protection Update: With Disruption at the Federal Level, State Attorneys General Are Likely to Loom Large
Posted in Privacy
We are less than a month into the new Trump administration and are seeing an unprecedented wave of activity and major changes at federal agencies. These changes promise to bring significant disruption to the staff and negatively impact the typical activities of numerous agencies, including the nation’s consumer protection watchdog, the Federal Trade Commission (FTC). As discussed below, we expect the impact on the FTC to be significant given the rapid and aggressive moves by the new administration. And we expect state Attorneys General (AGs) to step in to fill the gap.
Continue Reading Consumer Protection Update: With Disruption at the Federal Level, State Attorneys General Are Likely to Loom LargeThe EU’s AI Act Starts to Apply as of February 2, 2025
On February 2, 2025, the European Union’s (EU) Artificial Intelligence Act (AI Act) will start to apply in phases. This alert summarizes the new obligations that will apply as of February 2, 2025. It also indicates when companies can expect the first enforcement actions, and what the enforcement regime will look like. For more information about the scope and requirements of the AI Act, please see our 10 Things You Should Know About the EU AI Act.
Continue Reading The EU’s AI Act Starts to Apply as of February 2, 2025New Federal Children’s Privacy Requirements Are Not Child’s Play: FTC Amends COPPA Rule, Imposing New Obligations on Child-Directed Services
Posted in Privacy
Companies that may have child users, or whose competitors have child users, take note. On January 16, 2025, the Federal Trade Commission (FTC) announced the final amendments to the Children’s Online Privacy Protection Rule (COPPA Rule). At a high level, the COPPA Rule requires websites or online services to provide notice and obtain verifiable parental consent before collecting information from children under the age of 13. The Rule’s amendments slightly expand the Rule’s scope, change the previous notice and consent provisions, and implement new data security requirements. Violations of the Rule would be subject to $53,088 in civil penalties per violation.
Continue Reading New Federal Children’s Privacy Requirements Are Not Child’s Play: FTC Amends COPPA Rule, Imposing New Obligations on Child-Directed ServicesRansomware Attacks: UK Government Proposes Ransom Payment Ban and Mandatory Notification Requirements
Posted in Cybersecurity
On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report all ransomware incidents, but also to declare whether they intend to pay a ransom. The government also announced that it proposes to ban public bodies and infrastructure providers from making ransom payments to cyber attackers. A public consultation is open until April 8, 2025.
Continue Reading Ransomware Attacks: UK Government Proposes Ransom Payment Ban and Mandatory Notification Requirements