Categories
Archives
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok
Data Matters
Cybersecurity, Privacy, Data Protection, Artificial Intelligence, Internet Law, and Policy
New California Law Adds to Complexity of Content Moderation
States and Congress have been enacting or debating different approaches to online “content moderation” by social media and other internet platforms. California’s “Content Moderation Requirements for Internet Terms of Service” bill (“AB 587”) goes into effect on Jan 1, 2024. In short, AB 587 requires social media companies to disclose their processes to take down or manage content and users on their platforms. AB 587 takes a somewhat different approach to social media content regulation than previously enacted laws in Texas and Florida. (more…)
Kwaku A. Akowuah
Washington, D.C.
kakowuah@sidley.com
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
Ash Nagdev
Palo Alto
anagdev@sidley.com
Nayef Andrabi
Amisha Gandhi
San Francisco
amisha.gandhi@sidley.com
The Ninth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available
The ninth edition of The Privacy, Data Protection and Cybersecurity Law Review provides a global overview of the legal and regulatory regimes governing data privacy and security, and covers areas such as data processors’ obligations, data subject rights, data transfers and localization, best practices for minimizing cyber risk, public and private enforcement, and an outlook for future developments. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law.
(more…)
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
William RM Long
London
wlong@sidley.com
Yuet Ming Tham
Singapore, Hong Kong
ytham@sidley.com
Linh Lieu
linh.lieu@sidley.com
Tomoki Ishiara
Tokyo
tishiara@sidley.com
Margaret Allen
Singapore, Dallas
margaret.allen@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Sheri Porath Rockwell
Century City
sheri.rockwell@sidley.com
Eleanor Dodding
London
edodding@sidley.com
Lester Fung
João D. Quartilho
Faraaz Amzar
Singapore
faraaz.amzar@sidley.com
European Commission Publishes Draft Cyber Resilience Act
On 15 September 2022, the European Commission (“Commission” or “EC”) published a draft proposal for a Cyber Resilience Act (“CRA” ). The CRA comes in response to the increasingly common occurrence of cyberattacks, with some predicting that the global cost of cyberattacks for companies will reach $10.5 trillion annually by 2025, up from $3 trillion in 2015. The CRA promises to transform the European cybersecurity landscape by harmonizing and bolstering cybersecurity rules across all technologies with “digital elements.” The Commission is currently inviting public feedback on the CRA through 18 November 2022. The CRA will then pass through the European Parliament for debate and for amendments to be proposed.
(more…)
William RM Long
London
wlong@sidley.com
Subhalakshmi Kumar
Eleanor Oates
London
eoates@sidley.com
CFPB Begins Rulemaking on Data Access and Portability
The Consumer Financial Protection Bureau (CFPB) on October 27, 2022 took the long-anticipated first step to issue a regulation implementing Section 1033 of the Dodd-Frank Wall Street Reform and Consumer Protection Act. This followed a preview by CFPB Director Rohit Chopra at the Money 20/20 conference on October 25 in which he outlined the “CFPB’s new approach to regulation,” which is designed to create “catalysts for more competition.” With respect to Section 1033, Director Chopra said that the CFPB is “exploring safeguards to prevent excessive control or monopolization by one, or even a handful of, firms” and will be working toward avoiding regulations that could be “rigged in favor of some players over others.” Director Chopra’s focus on competition as an essential element of consumer protection has been a hallmark of his directorship.
John K. Van De Weert
Thomas G. Ward
Washington, D.C.
tgward@sidley.com
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Kerry Nilsen
Washington D.C.
knilsen@sidley.com
Joel D. Feinberg
Washington, D.C.
jfeinberg@sidley.com
HHS Office for Civil Rights Releases Webinar on Recognized Security Practices: Provides Guidance on Mitigating Potential Violations of HIPAA
Pursuant to legislation passed in 2021, covered entities and business associates subject to HIPAA and facing potential regulatory enforcement may receive some credit lessening to reduce enforcement penalties if they had implemented Recognized Security Practices (RSPs) within the prior 12 months. However, what may constitute RSPs and how a covered entity or business associate can demonstrate implementation of RSPs to receive such credit had not been clear. Now, the Department of Health and Human Services is seeking to provide clarity. (more…)
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Sasha Hondagneu-Messner
New York
shondagneumessner@sidley.com
Developments to Improve the Cybersecurity of Federal Government Agencies, Critical Infrastructure
Recently, several developments have been proposed or announced to help identify and mitigate cyber risk for United States critical infrastructure operators and software in an effort to further bolster the cybersecurity posture of the federal government. (more…)
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
Stephen W. McInerney
Chicago
smcinerney@sidley.com
Vishnu Tirumala
Washington, D.C.
vtirumala@sidley.com
One Step Forward, Two Steps Back: FDA’s Final Guidance on Clinical Decision Software Raises More Questions Than Answers
Recently, the U.S. Food and Drug Administration (FDA) published a suite of guidance documents relating to software, automation, and artificial intelligence. One guidance document in particular, addressing clinical decision support (CDS) software, may signal a tightening in FDA’s oversight on software tools with artificial intelligence and machine learning (AI/ML) that could introduce confusion and frustrate innovation in this important, fast-developing area. On October 18, 2022, FDA held a webinar to provide additional clarifications on this final guidance.
Coleen Klasmeier
Jeffrey M. Singer
Jaclyn G. Fonteyne
Washington, D.C.
jaclyn.fonteyne@sidley.com
Yuzhi Hu
White House Publishes In-Depth Guidance on the Use of Automated Systems and Recognizes Privacy as Foundational Principle of Framework
On October 4, 2022, the White House Office of Science and Technology Policy published The Blueprint for an AI Bill of Rights: Making Automated Systems Work for the American People (the “AI Blueprint”). The AI Blueprint outlines non-binding guidelines for the development and deployment of automated systems and is the culmination of a year-long process of public engagement and deliberation.
(more…)
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
Lauren Kitces
Washington, D.C.
lkitces@sidley.com
Alexandra T. Mushka
Washington, D.C.
amushka@sidley.com
Upcoming Events
IAPP AI Governance Global Europe 2025
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com