Categories
Archives
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
Data Matters
Cybersecurity, Privacy, Data Protection, Artificial Intelligence, Internet Law, and Policy
Sidley Blockchain Bulletin – 2026 Business, Legal and Regulatory Outlook
Blockchain technology and asset tokenization are moving beyond proof-of-concept use cases to production-scale systems, requiring businesses and regulators to confront questions that are no longer theoretical. As institutional adoption expands and rulemaking, enforcement, and litigation accelerate across jurisdictions, the legal consequences of how these technologies are structured, deployed, and governed have become more immediate and more complex.
(more…)
Lilya Tessler
Dallas, Miami
ltessler@sidley.com
Elizabeth Shea Fries
Boston
efries@sidley.com
Teresa Wilton Harmon
Chicago
tharmon@sidley.com
Kate Lashley
Miami, New York
klashley@sidley.com
Kristin S. Teager
Washington, D.C.
kteager@sidley.com
The State of Play in Banking and Digital Assets: Welcome Developments from the Banking Agencies
The environment has never been more favorable for existing banking organizations launching a digital asset business and those Fintech and other nonbank companies considering acquiring or chartering a full-service or limited-purpose bank in order to operate a digital asset business. At the end of 2025, U.S. banking regulators continued to take major steps signaling a considerably more open supervisory posture regarding digital asset activities.
(more…)
Stanley J. Boris
Washington, D.C.
sboris@sidley.com
Michael D. Lewis
Washington, D.C.
michael.lewis@sidley.com
Kristin S. Teager
Washington, D.C.
kteager@sidley.com
David E. Teitelbaum
Washington, D.C.
dteitelbaum@sidley.com
David M. Katz
New York
dkatz@sidley.com
Kristen E. Kane
Washington, D.C.
kristen.kane@sidley.com
Nathan Truong
Washington, D.C.
nathan.truong@sidley.com
Regulatory Update: National Association of Insurance Commissioners Fall 2025 National Meeting
The National Association of Insurance Commissioners (NAIC) held its Fall 2025 National Meeting (Fall Meeting) December 8–11, 2025. This blog summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Fall Meeting. Highlights include evaluation of insurers’ use of funding-agreement-backed note (FABN) and funding-agreement-backed securities (FABS) programs, adoption of guidance regarding the risk transfer analysis for combination reinsurance contracts, discussion of a new committee structure for NAIC investment monitoring activities, and consideration of additional regulatory frameworks to address insurers’ use of artificial intelligence (AI).
(more…)
Andrew R. Holland
New York
aholland@sidley.com
Sara N. Africano
Chicago
safricano@sidley.com
Stephanie H. Dobecki
Chicago
sdobecki@sidley.com
Ellen M. Dunn
New York
edunn@sidley.com
Michael L. Rosenfield
Los Angeles
mrosenfield@sidley.com
Jacob A. Grossman
Chicago
jgrossman@sidley.com
Unpacking the December 11, 2025 Executive Order: Ensuring a National Policy Framework for Artificial Intelligence
On December 11, 2025, President Trump issued a new Executive Order (EO) to protect American Artificial Intelligence (AI) innovation from “the most onerous and excessive laws emerging from the States that threaten to stymie innovation.” Consistent with the President’s July 2025 America’s AI Action Plan, the EO further indicates, “[i]t is the policy of the United States to sustain and enhance the United States’ global AI dominance through a minimally burdensome national policy framework for AI.” (more…)
Colleen Theresa Brown
Washington, D.C.
ctbrown@sidley.com
Michael C. Hochman
Washington, D.C.
michael.hochman@sidley.com
Kwaku A. Akowuah
Washington, D.C.
kakowuah@sidley.com
Michael E. Borden
Washington, D.C.
mborden@sidley.com
Christopher T. Shenk
Washington, D.C.
cshenk@sidley.com
Jonathan M. Wilan
Washington, D.C.
jwilan@sidley.com
Lauren Kitces
Washington, D.C.
lkitces@sidley.com
Marc A. Korman
Washington, D.C.
mkorman@sidley.com
Sheri Porath Rockwell
Century City
sheri.rockwell@sidley.com
The 12th Edition of Lexology In-Depth: Privacy, Data Protection and Cybersecurity is now available
The 12th edition of Lexology In-Depth: Privacy, Data Protection and Cybersecurity (formerly The Privacy, Data Protection and Cybersecurity Law Review) provides an incisive global overview of the legal and regulatory regimes governing data privacy and security. With a focus on recent developments, it covers key areas such as data processors’ obligations; data subject rights; data transfers and localisation; best practices for minimising cyber risk; public and private enforcement; and an outlook for future developments. A number of lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law. (more…)
David Lashway
Washington D.C.
dlashway@sidley.com
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Lauren Cuyvers
Brussels
lcuyvers@sidley.com
Matthias Bruynseraede
London
mbruynseraede@sidley.com
Jonathan M. Wilan
Washington, D.C.
jwilan@sidley.com
Sheri Porath Rockwell
Century City
sheri.rockwell@sidley.com
Eleanor Dodding
London
edodding@sidley.com
FINRA Issues 2026 Regulatory Oversight Report
On December 9, 2025, the Financial Industry Regulatory Authority (FINRA) released its 2026 Annual Regulatory Oversight Report (2026 Report). The nearly 90-page report highlights emerging risks — including cybersecurity, data privacy, and generative AI (GenAI) — and offers tools and best practices for member firms. It also reemphasizes the perennial focus areas of Regulation Best Interest (Reg BI) compliance, third-party vendor management, best execution, consolidated audit trail (CAT), and compliance with the financial responsibility rules. Below are key takeaways, followed by a deeper dive into notable areas of focus, for some of the topics most relevant for broker-dealers.
(more…)
Andrew P. Blake
Washington, D.C.
ablake@sidley.com
W. Hardy Callcott
San Francisco
wcallcott@sidley.com
Kenyon Colli Hall
Boston
kenyon.hall@sidley.com
David M. Katz
New York
dkatz@sidley.com
Corin R. Swift
New York
corin.swift@sidley.com
Lilya Tessler
Dallas, Miami
ltessler@sidley.com
Lara C. Thyagarajan
New York
lthyagarajan@sidley.com
Paul M. Tyrrell
Boston
ptyrrell@sidley.com
EU Digital Omnibus: Implications for MedTech Companies
The European Commission (Commission) released its Digital Omnibus package, which aims to streamline and recalibrate certain aspects of the fast-growing body of EU digital regulations, on November 19, 2025. Rather than rewrite the core legislative instruments, including Regulation (EU) 2024/1689 (AI Act), Regulation (EU) 2016/679 (GDPR), Regulation (EU) 2023/2854 (Data Act) and Directive (EU) 2022/2555 (NIS2), the Commission has opted for a series of targeted amendments intended to reduce overlap, smooth implementation and increase legal certainty. The Digital Omnibus package is now open for review for an eight-week period, which is being extended until the proposals are available in all EU languages, allowing stakeholders to comment directly on the Commission-adopted texts before negotiations progress in the Parliament and Council.
(more…)
Francesca Blythe
London
fblythe@sidley.com
William RM Long
London
wlong@sidley.com
Elisabetta Righini
Brussels
erighini@sidley.com
Josefine Sommer
Brussels
jsommer@sidley.com
Eva von Mühlenen
Geneva
emuhlenen@sidley.com
Belinda Baum
Brussels
belinda.baum@sidley.com
EU Digital Omnibus: The European Commission Proposes Important Changes to the EU’s Digital Rulebook
On November 19, 2025, the European Commission officially adopted a proposal for the Digital Omnibus package. Specifically, the Digital Omnibus package consists of two legislative proposals, a Digital Omnibus on AI and a general Digital Omnibus (Digital Legislation Omnibus). The proposed package marks the Commission’s first step toward optimising the EU’s digital rulebook. It draws on more than a year of preparatory work and extensive stakeholder feedback: businesses across a number of different sectors have highlighted concerns about regulatory overlap, uneven national implementation and the need for clearer cross-regime rules and streamlined reporting.
(more…)
Francesca Blythe
London
fblythe@sidley.com
Clive Gringras
London
clive.gringras@sidley.com
William RM Long
London
wlong@sidley.com
Elisabetta Righini
Brussels
erighini@sidley.com
Josefine Sommer
Brussels
jsommer@sidley.com
Upcoming Events
Women in Privacy – Global Privacy Leadership Lunch
Resources