Categories
Archives
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok
Data Matters
Cybersecurity, Privacy, Data Protection, Artificial Intelligence, Internet Law, and Policy
Financial Entities in the EU: Time to Register Your ICT Third-Party Service Providers under DORA
The European Union’s (“EU”) Digital Operational Resilience Act (“DORA”) became effective on 17 January 2025. Since then, financial entities (such as banks, insurance companies and investment firms) and their ICT third-party service providers operating in the EU have been – directly or indirectly – subject to the new regime. One of the first key DORA compliance deadlines, for financial entities to register their ICT service providers with competent EU Member State authorities, is coming into effect across most of the member states this month.
(more…)
Anila Rayani
London
anila.rayani@sidley.com
Lauren Cuyvers
Brussels
lcuyvers@sidley.com
William RM Long
London
wlong@sidley.com
EU Commission Publishes AI Continent Action Plan and Seeks Input
On April 9, 2025 the European Commission adopted a communication on the so-called AI Continent Action Plan – its strategy to shape the next phase of AI development in Europe, with consultation to follow. The Commission’s declared objective is to transform the EU into a global leader in AI by fostering innovation, ensuring trustworthy AI, and enhancing competitiveness while safeguarding democratic values and cultural diversity. Keep monitoring Data Matters for more on the Commission’s consultation, when available. (more…)
Elisabetta Righini
Brussels
erighini@sidley.com
Francesca Blythe
London
fblythe@sidley.com
New UK Consumer Rules Herald Stricter Enforcement and Significant Fines
Consumer protection is rising to the top of the regulatory agenda worldwide. The UK consumer protection regime is undergoing a major shift: The Competition and Markets Authority (CMA) now has powerful new tools under the Digital Markets, Competition, and Consumers Act (DMCCA) (see our Sidley Update here), including the ability to directly enforce consumer law and fine companies up to 10% of global annual turnover for serious infringements. (more…)
Clive Gringras
London
clive.gringras@sidley.com
Patrick J. Harrison
London
pharrison@sidley.com
Elisabetta Righini
Brussels
erighini@sidley.com
Ed Roper
London
ed.roper@sidley.com
Monika Zdzieborska
London
mzdzieborska@sidley.com
Bethany Wise
London
bwise@sidley.com
Anna Kubinska
London
akubinska@sidley.com
Meeting EU Data, Cybersecurity, and Artificial Intelligence Law Obligations: A Checklist for Swiss Life Sciences Companies
For Swiss companies, the next six months are critical for preparing to meet new Digital Data Law obligations. In this briefing, we outline the key timelines, compliance requirements, and practical steps to align with EU requirements. (more…)
William RM Long
London
wlong@sidley.com
Eva von Mühlenen
Geneva
emuhlenen@sidley.com
Lauren Cuyvers
Brussels
lcuyvers@sidley.com
New Pathway of Regulating Artificial Intelligence in Switzerland: Competitive Edge or Challenge?
On February 12, 2025, the Swiss Federal Council unveiled its long-awaited approach to artificial intelligence (AI) regulation. Instead of adopting a comprehensive AI Act like the European Union, Switzerland has opted for a sector-specific framework, integrating AI considerations into existing laws rather than creating a standalone regulatory regime. (more…)
Eva von Mühlenen
Geneva
emuhlenen@sidley.com
Chambers 2025 Global Practice Guide for Cybersecurity
The newest editions of the Chambers Global Practice Guides have been published. Sidley lawyers have contributed to: Cybersecurity 2025. (more…)
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Eleanor Dodding
London
edodding@sidley.com
Anila Rayani
London
anila.rayani@sidley.com
U.S. HHS Office of General Counsel Statement of Organization Suggests Potential Consolidation, Expansion of Authority
On March 14, 2025, the U.S. Department of Health and Human Services (HHS) issued a revised Statement of Organization for the Office of the General Counsel (HHS-OGC).1 Changes include a return to an organizational structure more like the early days of the first Trump administration for the lawyers advising the Food and Drug Administration (FDA), as well as the closing of certain regional HHS-OGC offices. Additional changes could potentially signal an effort to consolidate and expand HHS-OGC’s authority, especially with respect to matters currently opined upon by lawyers advising the HHS Office of Inspector General (HHS-OIG). Stakeholders should consider opportunities to engage with HHS in light of the changes announced in the March 2025 Statement of Organization.
(more…)
Brenna E. Jenny
Washington, D.C.
bjenny@sidley.com
Jaime L.M. Jones
Chicago
jaime.jones@sidley.com
Meenakshi Datta
Chicago
mdatta@sidley.com
Rebecca K. Wood
Washington, D.C.
rwood@sidley.com
Raj D. Pai
Washington, D.C.
rpai@sidley.com
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Michael Varrone
Washington, D.C.
michael.varrone@sidley.com
Florida Federal Court Puts Florida’s Security of Communications Act in Play in the Ongoing Wave of Website Privacy Class Actions
In a significant development in the ever-expanding world of privacy class actions, earlier this month a federal judge in Florida denied dismissal of a website privacy claim brought under the Florida Security of Communications Act (FSCA). For years, Florida courts have been reluctant to find that this 50-year-old wiretapping statute could be applied to third-party technologies that analyzed consumer behavior on websites. When a wave of privacy class actions was filed under the FSCA a few years ago, the claims were almost uniformly rejected, as the courts found that the information allegedly intercepted by website technologies had little resemblance to the contents of a wiretapped telephone call. But on March 6, a district court in the Middle District of Florida took a new look at some of the latest website technologies and, in doing so, may have thrown the FSCA back into the mix of decades-old statutes that pose new dangers to consumer-facing websites.
(more…)
Ian M. Ross
Miami
iross@sidley.com
Jonathan Lesgart
Miami
jonathan.lesgart@sidley.com
Upcoming Events
IAPP AI Governance Global Europe 2025
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com