• Data Matters

    Cybersecurity, Privacy, Data Protection, Artificial Intelligence, Internet Law, and Policy

Categories

Archives

Apr 202023

FemTech Has Been Warned: UK’s ICO Indicates Closer Scrutinization of FemTech Apps

, , , , , ,
Francesca Blythe, Zina Chatzidimitriadou and Fjolla Lushta

On 4 April 2023, John Edwards, the UK’s Information Commissioner, stated that the UK’s Information Commissioner’s Office (ICO) would be “going after providers of women’s health apps and auditing them, and getting them to change any practices that are non-compliant.” Speaking at the IAPP Global Privacy Summit in Washington DC, the Information Commissioner indicated that this proposed strategy forms part of the ICO’s new “agile” initiative, which will focus on “areas of vulnerability, targeting…intervention [where] that has the greatest impact”.

(more…)

Read more
Francesca Blythe

London

fblythe@sidley.com

Zina Chatzidimitriadou

London

zchatzidimitriadou@sidley.com

Fjolla Lushta

London

flushta@sidley.com

Apr 192023

Regulatory Update: National Association of Insurance Commissioners Spring 2023 National Meeting

, ,
Andrew R. Holland, Stephanie H. Dobecki, Ellen M. Dunn, Michael L. Rosenfield, Sara N. Africano, Chris H. Burusco and Jacob A. Grossman
The National Association of Insurance Commissioners (NAIC) held its Spring 2023 National Meeting (Spring Meeting) March 21–25, 2023. This Sidley Update summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Spring Meeting. Highlights include continued development of accounting principles and investment limitations related to certain types of bonds and structured securities, continued discussion of considerations related to private equity (PE) ownership of insurers, new initiatives to address innovation and technology in the insurance sector, and continued development of a new consumer privacy protections model law.

(more…)

Read more
Andrew R. Holland

New York

aholland@sidley.com

Stephanie H. Dobecki

Chicago

sdobecki@sidley.com

Ellen M. Dunn

New York

edunn@sidley.com

Michael L. Rosenfield

Los Angeles

mrosenfield@sidley.com

Sara N. Africano

Chicago

safricano@sidley.com

Chris H. Burusco

Los Angeles

cburusco@sidley.com

Jacob A. Grossman

Chicago

jgrossman@sidley.com

Apr 182023

U.S. Securities and Exchange Commission Proposes Three Rules Related to Cybersecurity, Reopens Comment for One Rule

, ,
Alan Charles Raul, Andrew P. Blake, Colleen Theresa Brown, Charles A. Sommers, Michele L. Aronson, Sasha Hondagneu-Messner, Casey Grant and Philip Robbins

On March 15, 2023, the U.S. Securities and Exchange Commission (SEC) proposed three rules related to cybersecurity and the protection of consumer information and reopened the comment period for a proposed cybersecurity rule for investment advisers and funds. This significant action would impose new cybersecurity requirements for several SEC-registered entities, including with respect to these entities’ policies, incident response and notification procedures, and cybersecurity risk management. This Sidley commentary and analysis discusses the key features of each proposal, including new requirements and differences among each of the proposals.

(more…)

Read more
Alan Charles Raul

Washington, D.C., New York

Andrew P. Blake

Washington, D.C.

ablake@sidley.com

Colleen Theresa Brown

Washington, D.C.

cbrown@sidley.com

Charles A. Sommers

Washington, D.C.

csommers@sidley.com

Michele L. Aronson

Sasha Hondagneu-Messner

New York

shondagneumessner@sidley.com

Casey Grant

Philip Robbins

Apr 102023

New U.S. FDA Draft Guidance Outlines Path To Faster Modification of AI/ML-Enabled Devices

, , , ,
Deeona R. Gaskin, Rebecca K. Wood, Atiq Chowdhury and Eliza Lawless

The U.S. Food and Drug Administration (FDA or Agency) has issued new draft guidance on “Marketing Submission Recommendations for a Predetermined Change Control Plan for Artificial Intelligence/Machine Learning (AI/ML)-Enabled Device Software Functions”1 that discusses a “science-based approach to ensuring that AI/ML-enabled devices can be safely, effectively, and rapidly modified, updated, and improved in response to new data.”2 This approach should offer more certainty to industry as FDA’s stated goal is to allow AI/ML-enabled devices to be modified faster in accordance with FDA requirements while being “built to adapt to the data and needs of individual health care facilities” and “adapt to deliver treatments according to individual users’ particular characteristics and needs.”3 Those wishing to comment on the draft guidance should note that the comment period closes on July 3, 2023.

(more…)

Read more
Deeona R. Gaskin

Washington D.C.

dgaskin@sidley.com

Rebecca K. Wood

Washington, D.C.

rwood@sidley.com

Atiq Chowdhury

Eliza Lawless

Apr 72023

UK’s OfCom to Publish Guidance on Illegal Content Risk Assessments in Light of Online Safety Bill

, , , ,
William RM Long, Denise Kara and Fjolla Lushta

The UK’s Online Safety Bill (“Bill”), once legislated, will impose duties of care on providers of digital services, social media platforms and other online services to make them responsible for content generated and shared by their users and to mitigate the risk of harm arising from illegal content, and if services are deemed accessible by children, a duty to protect children from harm. As currently drafted, the Bill applies to any service or site that has users in the UK, or targets the UK as a market, even if it is not based in the country. The Bill is currently at the Committee Stage of the legislative process. Although the Bill is expected to receive Royal Assent during 2023, the timeline as to when the provisions will come into force is still unclear.

(more…)

Read more
William RM Long

London

wlong@sidley.com

Denise Kara

Fjolla Lushta

London

flushta@sidley.com

Apr 52023

Chambers 2023 Global Practice Guides for Data Protection & Privacy and Cybersecurity Available

Alan Charles Raul, William RM Long, Eleanor Dodding, João D. Quartilho and Subhalakshmi Kumar

The updated 2023 Chambers Global Practice Guides for Data Protection & Privacy and Cybersecurity, edited by Alan Charles Raul, are available now, covering important developments across the globe and offering insightful legal commentary for businesses.

(more…)

Read more
Alan Charles Raul

Washington, D.C., New York

William RM Long

London

wlong@sidley.com

Eleanor Dodding

London

edodding@sidley.com

João D. Quartilho

Subhalakshmi Kumar

Apr 42023

Equal Employment Opportunity Commission Looks at AI

,
Wendy M. Lazerson, Sheri Porath Rockwell and Sasha Hondagneu-Messner

2023 is rapidly becoming the year of AI policy and regulation.  A particular focus of regulatory concern relates to AI impacts on employees, and the U.S. Equal Employment Opportunity Commission (EEOC) is not sitting on the sidelines.  On January 31, 2023, the EEOC held a public hearing to examine the use of automated systems, including artificial intelligence (AI), in employment decisions.  This hearing, titled “Navigating Employment Discrimination in AI and Automated Systems: A New Civil Rights Frontier,” continues the work of the Artificial Intelligence and Algorithmic Fairness Initiative, which was launched in 2021 by the EEOC.  Through this initiative, the EEOC has already published a guidance titled “The Americans with Disabilities Act and the Use of Software, Algorithms, and Artificial Intelligence to Assess Job Applicants and Employees.” Below are a few high-level takeaways from the hearing:

(more…)

Read more
Wendy M. Lazerson

Palo Alto, San Francisco

wlazerson@sidley.com

Sheri Porath Rockwell

Century City

sheri.rockwell@sidley.com

Sasha Hondagneu-Messner

New York

shondagneumessner@sidley.com

Mar 302023

UK GDPR Reform Is Back! Department of Science, Innovation and Technology Introduces New Data Protection and Digital Information Bill

, , , ,
William RM Long, Francesca Blythe, Subhalakshmi Kumar and Fjolla Lushta

On 8 March 2023, the newly created Department of Science, Innovation and Technology (“DSIT”) introduced the Data Protection and Digital Information (No. 2) Bill. The “Bill” is in substance a re-introduction of the previous Data Protection and Digital Information Bill which was withdrawn from Parliament on the same day as the new Bill was published. The Bill, which has been hailed by the UK Government as one that will “save billions” and “cut down pointless paperwork” is the UK’s latest attempt to create a more streamlined piece of data protection legislation for the UK whilst still “ensur[ing] data adequacy.” The Information Commissioner’s Office (“ICO”) also welcomed the re-introduction of the Bill, with the Commissioner stating that he would “support [the Bill’s] ambition.” While much of the Bill remains the same as its previous iteration, we set out the key provisions and notable amendments below.

(more…)

Read more
William RM Long

London

wlong@sidley.com

Francesca Blythe

London

fblythe@sidley.com

Subhalakshmi Kumar

Fjolla Lushta

London

flushta@sidley.com

Upcoming Events

View Calendar

Resources

 

Meet the Team

<a target=‘_blank’ href="https://www.sidley.com/en/people/a/akowuah-kwaku-a">Kwaku A. Akowuah</a>

Kwaku A. Akowuah

Washington, D.C.

kakowuah@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/a/armbrust-sheila-a-g">Sheila A.G. Armbrust</a>

Sheila A.G. Armbrust

San Francisco

sarmbrust@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/b/blythe-francesca">Francesca Blythe</a>

Francesca Blythe

London

fblythe@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/b/brown-colleen-theresa">Colleen Theresa Brown</a>

Colleen Theresa Brown

Washington, D.C.

ctbrown@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/c/cunningham-thomas-d">Thomas D. Cunningham</a>

Thomas D. Cunningham

Chicago

tcunningham@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/f/flanagan-sharon-r">Sharon R. Flanagan</a>

Sharon R. Flanagan

San Francisco, Palo Alto

sflanagan@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/g/gordon-david-a">David A. Gordon</a>

David A. Gordon

Chicago

dgordon@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/i/ishiara-tomoki">Tomoki Ishiara</a>

Tomoki Ishiara

Tokyo

tishiara@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/l/lally-amy-p">Amy P. Lally</a>

Amy P. Lally

Century City

alally@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/l/lashway-david-c">David C. Lashway</a>

David C. Lashway

Washington, D.C.

dlashway@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/l/long-william-rm">William RM Long</a>

William RM Long

London

wlong@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/l/loughnane-joan-m">Joan M. Loughnane</a>

Joan M. Loughnane

New York

jloughnane@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/m/malhotra-geeta">Geeta Malhotra</a>

Geeta Malhotra

Chicago

gmalhotra@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/r/ransom-rollin-a">Rollin A. Ransom</a>

Rollin A. Ransom

Los Angeles

rransom@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/r/raul-alan-charles">Alan Charles Raul</a>

Alan Charles Raul

Washington, D.C., New York

araul@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/s/seale-jennifer-b">Jennifer B. Seale</a>

Jennifer B. Seale

Washington, D.C.

jseale@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/t/tham-yuet-ming">Yuet Ming Tham</a>

Yuet Ming Tham

Singapore, Hong Kong

ytham@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/w/wilan-jonathan-m">Jonathan M. Wilan</a>

Jonathan M. Wilan

Washington, D.C.

jwilan@sidley.com

<a target=‘_blank’ href="https://www.sidley.com/en/people/w/woods-jr-john-w">John W. Woods Jr.</a>

John W. Woods Jr.

Washington, D.C.

jwoods@sidley.com

Click here to view all of Sidley’s Privacy and Cybersecurity professionals.

SUBSCRIBE

To receive email alerts when we post a blog entry, please provide your name and email address.