The International Association of Privacy Professionals (IAPP) held its annual Europe Data Protection Congress in Brussels on November 15 & 16, 2023. Whilst the Congress covered a wide range of topics related to privacy, cybersecurity and the regulation of data more broadly, unsurprisingly a recurring theme throughout was the responsible development, commercialization and use of AI. In this regard panelists explored (amongst other things) what practical and effective AI governance may look like, the role of a Digital Ethics Officer, how to strike a balance between enabling innovation and safeguarding individual rights, and how AI may be used to automate data breach detection and response.
The tenth edition of Lexology In-Depth: Privacy, Data Protection and Cybersecurity (formerly The Privacy, Data Protection and Cybersecurity Law Review) provides a global overview of the evolving legal and regulatory regimes governing data privacy and security, at a time when both privacy and security are increasingly challenged by the fast-paced development of technologies such as large language models, generative AI, and self-teaching/self-replicating applications. A number of lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law.
On 24 October 2023, the European Parliament and Member States concluded a fourth round of trilogue discussions on the draft Artificial Intelligence Regulation (AI Act). Policymakers agreed on provisions to classify high-risk AI systems and also developed general guidance for the use of “enhanced” foundation models. However, the negotiations did not lead to substantial progress on provisions for prohibitions in relation to the use of AI by law enforcement. The next round of trilogue discussions will take place on 6 December 2023.
Artificial Intelligence (AI) has the potential to revolutionize how we find, develop, and deliver new life-saving therapies.
Join “State of the Art” host and Sidley partner Stephen Abreu as he speaks with Colin Hill, CEO and Co-Founder of Aitia. Together, they discuss the challenges and opportunities AI presents for the pharmaceutical industry, particularly how AI is accelerating the pace of drug discovery and its implications for the future of medicine.
The Biden administration’s executive order issued on October 30, 2023, includes a number of initiatives relating to the development and use of artificial intelligence (AI), including in healthcare. As AI becomes a pivotal point of innovation for the healthcare industry, digital health healthcare technology developers, private equity sponsors, and other key industry stakeholders should track the regulatory frameworks certain to be developed following this executive order to better inform strategies for developing drugs and devices and assessing deals involving AI.
On October 30, 2023, President Joe Biden issued an executive order (EO or the Order) on Safe, Secure, and Trustworthy Artificial Intelligence (AI) to advance a coordinated, federal governmentwide approach toward the safe and responsible development of AI. It sets forth a wide range of federal regulatory principles and priorities, directs myriad federal agencies to promulgate standards and technical guidelines, and invokes statutory authority — the Defense Production Act — that has historically been the primary source of presidential authorities to commandeer or regulate private industry to support the national defense. The Order reflects the Biden administration’s desire to make AI more secure and to cement U.S. leadership in global AI policy ahead of other attempts to regulate AI — most notably in the European Union and United Kingdom and to respond to growing competition in AI development from China.
The Information Commissioner’s Office (“ICO”) has introduced a toolkit on data sharing with law enforcement (“Toolkit”) which supplements the ICO’s existing guidance on sharing personal data with law enforcement authorities. The Toolkit is intended to function as a tool for smaller organisations to make an informed decision about whether to share personal data with law enforcement. Larger organisations with expertise in data protection are encouraged to refer to the ICO’s data sharing code of practice but in any event, the Toolkit is intended to help provide clarity for all organisations in making decisions relating to this type of sharing.
On October 25, 2023, the U.S. Department of Commerce Bureau of Industry and Security (BIS) published updated export controls on advanced computing items and semiconductor manufacturing equipment under the Export Administration Regulations (EAR). Specifically, BIS published two interim final rules that revise and expand on the restrictions implemented in the initial interim final rule issued on October 7, 2022 (October 7, 2022 rule).1