U.S. Commerce Department Issues First-of-Its-Kind Determination Banning Certain Software Products and Services

On June 20, 2024, the U.S. Department of Commerce (Commerce) Office of Information and Communications Technology and Services (OICTS) published a first-of-its-kind Final Determination against Kaspersky Lab, Inc., prohibiting the provision of its antivirus software and cybersecurity products in the United States or to U.S. persons. This Final Determination provides new insights into OICTS review of information and communications technology and services (ICTS) transactions and the prohibitions or restrictions that may result. The full text of the Final Determination is available here. OICTS also provides additional guidance on the new prohibition here.


An Artificial Intelligence, Privacy, and Cybersecurity Update for Indian Companies Doing Business in the United States and Europe

Pivotal shifts have occurred in global data privacy, artificial intelligence (AI), and cybersecurity from executives facing more pressure to monitor their organizations’ cybersecurity operations, to an unprecedented wave of consumer data privacy laws and rapid advancements in AI technology use and deployment. Indian organizations should establish best practices to address these new (and emerging) laws, regulations, and frameworks.


One Step Closer: AI Act Approved by Council of the EU

On 21 May 2024, the Council of the European Union approved the EU Artificial Intelligence Act (the “AI Act”). This is the final stage in the legislative process and comes after the EU Parliament voted to adopt the legislation on 13 March 2024. This final vote clears the path for the formal signing of the legislation and its publication in the Official Journal of the EU in the coming weeks. The AI Act will then enter into force 20 days after such publication with staggered transition periods of 6 to 36 months.


U.S. SEC Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information Amendments Adopted

On May 16, 2024, the U.S. Securities and Exchange Commission (SEC) adopted amendments to its Regulation S-P. These final amendments impose significant cybersecurity requirements for several SEC-registered entities and transfer agents registered with another appropriate regulatory agency, including with respect to these entities’ policies and procedures, incident response and notification procedures, and cybersecurity risk management.


The Digital Markets, Competition and Consumers Act is Approved: Key Things to Know About the UK’s New Competition and Consumer Powers

On May 23, 2024, the UK finally passed its Digital Markets, Competition and Consumers Act (DMCCA), introducing a new “pro-competition” regime for digital markets and marking the biggest reform to UK competition and consumer laws in a decade. The DMCCA is the latest piece of legislation aiming to tackle the power of Big Tech, as regulators around the world debate new ways to oversee competition in the digital sector.


ICO Publishes Its Strategic Approach to Regulating AI

On 30 April 2024, the UK’s Information Commissioner’s Office (“ICO”) published its strategic approach to regulating artificial intelligence (“AI”) (the “Strategy”), following the UK government’s request that key regulators set out their approach to AI regulation and compliance with the UK government’s previous AI White Paper (see our previous blog post here). In its Strategy, the ICO sets out: (i) the opportunities and risks of AI; (ii) the role of data protection law; (iii) its work on AI; (iv) upcoming developments; and (v) its collaboration with other regulators. The publication of the ICO’s Strategy follows the recent publication of the Financial Conduct Authority’s (“FCA”) approach to regulating AI.


A New Wave of Class Actions: The Genetic Information Privacy Act

Largely dormant for the last 25 years, Illinois’ Genetic Information Privacy Act (GIPA) has been sharing the limelight recently with its sibling, the Biometric Information Privacy Act. (BIPA). GIPA includes a number of restrictions related to the use and disclosure of genetic testing and genetic information, and it provides a private right of action and permits recovery of steep statutory damages. In 2023 alone, over 50 GIPA complaints were filed, and new suits continue to be filed in 2024. In this article, published on AML, Sidley lawyers Kathleen Carlson, Lawrence Fogel, and Colleen Brown explore some of GIPA’s emerging issues and unanswered questions.


Top 10 Questions on the EU AI Act

The EU AI Act will be the first standalone piece of legislation worldwide regulating the use and provision of AI in the EU, and will form a key consideration in AI governance programs. The AI Act will have a significant impact on many organizations inside and outside the EU, with failure to comply potentially leading to fines of up to 7% of annual worldwide turnover.


Upcoming Events



Meet the Team

<a target=‘_blank’ href="">Kwaku A. Akowuah</a>

Kwaku A. Akowuah

Washington, D.C.
<a target=‘_blank’ href="">Sheila A.G. Armbrust</a>

Sheila A.G. Armbrust

San Francisco
<a target=‘_blank’ href="">Francesca Blythe</a>

Francesca Blythe

<a target=‘_blank’ href="">Colleen Theresa Brown</a>

Colleen Theresa Brown

Washington, D.C.
<a target=‘_blank’ href="">John M. Casanova</a>

John M. Casanova

<a target=‘_blank’ href="">Thomas D. Cunningham</a>

Thomas D. Cunningham

<a target=‘_blank’ href="">Sharon R. Flanagan</a>

Sharon R. Flanagan

San Francisco, Palo Alto
<a target=‘_blank’ href="">David A. Gordon</a>

David A. Gordon

<a target=‘_blank’ href="">Tomoki Ishiara</a>

Tomoki Ishiara

<a target=‘_blank’ href="">Robert D. Keeling</a>

Robert D. Keeling

Washington, D.C.
<a target=‘_blank’ href="">Amy P. Lally</a>

Amy P. Lally

Century City
<a target=‘_blank’ href="">David C. Lashway</a>

David C. Lashway

Washington, D.C.
<a target=‘_blank’ href="">William RM Long</a>

William RM Long

<a target=‘_blank’ href="">Joan M. Loughnane</a>

Joan M. Loughnane

New York
<a target=‘_blank’ href="">Geeta Malhotra</a>

Geeta Malhotra

<a target=‘_blank’ href="">Glenn G. Nash</a>

Glenn G. Nash

Palo Alto
<a target=‘_blank’ href="">Rollin A. Ransom</a>

Rollin A. Ransom

Los Angeles
<a target=‘_blank’ href="">Alan Charles Raul</a>

Alan Charles Raul

Washington, D.C., New York
<a target=‘_blank’ href="">Jennifer B. Seale</a>

Jennifer B. Seale

Washington, D.C.
<a target=‘_blank’ href="">Yuet Ming Tham</a>

Yuet Ming Tham

Singapore, Hong Kong
<a target=‘_blank’ href="">Jonathan M. Wilan</a>

Jonathan M. Wilan

Washington, D.C.
<a target=‘_blank’ href="">John W. Woods Jr.</a>

John W. Woods Jr.

Washington, D.C.


To receive email alerts when we post a blog entry, please provide your name and email address.