The U.S. Department of Labor (DOL) published Compliance Assistance Release No. 2024-01 on September 6, 2024. The release, titled “Cybersecurity Guidance Update,” clarifies that the cybersecurity guidance the DOL issued in April 2021 applies to all employee benefit plans, including health and welfare plans. The DOL states that since the guidance was published, service providers have told plan fiduciaries and Employee Benefits Security Administration (EBSA) investigators that the guidance applies only to retirement plans.
On August 30, 2024, the Beijing Municipal Cyberspace Administration, Beijing Municipal Commerce Bureau and Beijing Municipal Government Services and Data Administration Bureau jointly released the “Administrative Measures for the Data Exit Negative List of the China (Beijing) Pilot Free Trade Zone (Trial)” (Administrative Measures) and the “Data Exit Administration List (Negative List) of the China (Beijing) Pilot Free Trade Zone (2024 Edition)” (Negative List) to facilitate the export of important industry data and personal information out of the country by companies operating in the Beijing free trade zone (FTZ). (more…)
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Lei Lihttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngLei Li2024-09-19 17:47:372024-09-19 17:47:37Pharma Companies in Beijing Free Trade Zone to Benefit from Relaxed Data Transfer Rules
On August 14, 2024, the United States Federal Trade Commission (FTC) announced a final rule that prohibits fake and artificial intelligence-generated consumer reviews, consumer testimonials, and celebrity testimonials, along with other types of unfair or deceptive practices involving reviews and testimonials. This new rule is the latest development in the FTC’s increased rulemaking efforts and increased focus on AI, and will take effect on October 21, 2024.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/10/MN-18359_Data-Matters_833x606-21.jpg607834Colleen Theresa Brownhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngColleen Theresa Brown2024-08-30 09:43:442024-08-30 09:43:44U.S. FTC’s New Rule on Fake and AI-Generated Reviews and Social Media Bots
A federal law known as Section 230 has provided a powerful legal shield for internet companies for nearly three decades. Designed to “promote the internet,” it protects platforms from civil liability for content posted to their sites by third parties.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Samir A. Gandhihttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSamir A. Gandhi2024-08-28 14:21:392024-08-28 14:22:26The Legal Battles Taking Shape in the Clash Over Internet Content
Regulation of artificial intelligence (AI) technology in the Asia-Pacific region (APAC) is developing rapidly, with at least 16 jurisdictions having some form of AI guidance or regulation. Some countries are implementing AI-specific laws and regulation, while others take a more “soft” law approach in reliance on nonbinding principles and standards. While regulatory approaches in the region differ, policy drivers feature common principles including responsible use, data security, end-user protection, and human autonomy.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/10/MN-18359_Data-Matters_833x606-09.jpg607833Shu Min Hohttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngShu Min Ho2024-08-16 12:15:032024-08-16 12:15:03Asia-Pacific Regulations Keep Pace With Rapid Evolution of Artificial Intelligence Technology
On 26 July 2024, the European Supervisory Authorities (EBA, EIOPA and ESMA, collectively, the “ESAs”) published their joint final report on the draft Regulatory Technical Standards (“RTS”) specifying the elements that a financial entity should determine and assess when subcontracting ICT services supporting critical or important functions under Article 30(5) of the Digital Operational Resilience Act (“DORA”). The RTS are intended to assist with the enhancement of the digital operational resilience of the financial services sector by improving in-scope entities’ ICT risk management, specifically with respect to the issue of ICT subcontracting.
On July 30, 2024, New York Attorney General Letitia James announced website privacy guides for New York consumers and businesses. The guides, a business-focused Business Guide to Website Privacy Controls and a consumer-focused Consumer Guide to Tracking on the Web, are available on the Office of the New York State Attorney General’s (the “OAG’s”) website. The Business Guide to Website Privacy Controls is instructive for businesses operating websites available in the state. The OAG’s announcement is made amid increasing regulatory scrutiny, including by the FTC, as well as increased litigation centered on the use of online tracking technologies.
On 24 May 2024, the Council of the European Union (the “Council”) released new details of a proposed reform of the General Data Protection Regulation’s (“GDPR”) procedural rules, which representatives of EU national governments approved on 29 May 2024. On 13 June 2024, the Council issued a press release detailing its agreed common Member States’ position that maintains the general thrust of the original proposed reforms, but which seeks to: (i) introduce clearer timelines; (ii) improve efficiency of cooperation; and (iii) provide an early resolution mechanism.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00William RM Longhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngWilliam RM Long2024-08-12 09:33:582024-08-12 09:33:58EU Governments Sign-off Proposed Reforms to GDPR Procedural Rules and Council Reaches Common Member States’ Position
DOL Confirms Cybersecurity Guidance Applies to All Employee Benefit Plans
The U.S. Department of Labor (DOL) published Compliance Assistance Release No. 2024-01 on September 6, 2024. The release, titled “Cybersecurity Guidance Update,” clarifies that the cybersecurity guidance the DOL issued in April 2021 applies to all employee benefit plans, including health and welfare plans. The DOL states that since the guidance was published, service providers have told plan fiduciaries and Employee Benefits Security Administration (EBSA) investigators that the guidance applies only to retirement plans.
(more…)
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Beth J. Dickstein
Chicago
bdickstein@sidley.com
Mary C. Niehaus
Chicago
mniehaus@sidley.com
Madeline Clasen
Chicago
mclasen@sidley.com
Pharma Companies in Beijing Free Trade Zone to Benefit from Relaxed Data Transfer Rules
On August 30, 2024, the Beijing Municipal Cyberspace Administration, Beijing Municipal Commerce Bureau and Beijing Municipal Government Services and Data Administration Bureau jointly released the “Administrative Measures for the Data Exit Negative List of the China (Beijing) Pilot Free Trade Zone (Trial)” (Administrative Measures) and the “Data Exit Administration List (Negative List) of the China (Beijing) Pilot Free Trade Zone (2024 Edition)” (Negative List) to facilitate the export of important industry data and personal information out of the country by companies operating in the Beijing free trade zone (FTZ). (more…)
Lei Li
Beijing, Shanghai
lei.li@sidley.com
Lianying Wang
Beijing
lianying.wang@sidley.com
U.S. FTC’s New Rule on Fake and AI-Generated Reviews and Social Media Bots
On August 14, 2024, the United States Federal Trade Commission (FTC) announced a final rule that prohibits fake and artificial intelligence-generated consumer reviews, consumer testimonials, and celebrity testimonials, along with other types of unfair or deceptive practices involving reviews and testimonials. This new rule is the latest development in the FTC’s increased rulemaking efforts and increased focus on AI, and will take effect on October 21, 2024.
(more…)
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Benjamin M. Mundel
Washington, D.C.
bmundel@sidley.com
Lauren Freeman
San Francisco
lfreeman@sidley.com
Phillip Shaverdian
Dallas
pshaverdian@sidley.com
The Legal Battles Taking Shape in the Clash Over Internet Content
A federal law known as Section 230 has provided a powerful legal shield for internet companies for nearly three decades. Designed to “promote the internet,” it protects platforms from civil liability for content posted to their sites by third parties.
(more…)
Samir A. Gandhi
New York
sgandhi@sidley.com
Randi Singer
New York, Palo Alto
randi.singer@sidley.com
Michael E. Borden
Washington, D.C.
mborden@sidley.com
Asia-Pacific Regulations Keep Pace With Rapid Evolution of Artificial Intelligence Technology
Regulation of artificial intelligence (AI) technology in the Asia-Pacific region (APAC) is developing rapidly, with at least 16 jurisdictions having some form of AI guidance or regulation. Some countries are implementing AI-specific laws and regulation, while others take a more “soft” law approach in reliance on nonbinding principles and standards. While regulatory approaches in the region differ, policy drivers feature common principles including responsible use, data security, end-user protection, and human autonomy.
(more…)
Shu Min Ho
Singapore
shumin.ho@sidley.com
David Ryan
Hong Kong
david.ryan@sidley.com
Margaret Huang
Singapore
margaret.huang@sidley.com
Lucy Harris
Singapore
lucy.harris@sidley.com
DORA – ESAs Publish Draft Technical Standards on ICT Subcontracting
On 26 July 2024, the European Supervisory Authorities (EBA, EIOPA and ESMA, collectively, the “ESAs”) published their joint final report on the draft Regulatory Technical Standards (“RTS”) specifying the elements that a financial entity should determine and assess when subcontracting ICT services supporting critical or important functions under Article 30(5) of the Digital Operational Resilience Act (“DORA”). The RTS are intended to assist with the enhancement of the digital operational resilience of the financial services sector by improving in-scope entities’ ICT risk management, specifically with respect to the issue of ICT subcontracting.
(more…)
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Arthur Clover
Trainee Solicitor
aclover@sidley.com
New York Attorney General Publishes Guide to Avoid “Key Mistakes” Regarding Online Tracking Technologies
On July 30, 2024, New York Attorney General Letitia James announced website privacy guides for New York consumers and businesses. The guides, a business-focused Business Guide to Website Privacy Controls and a consumer-focused Consumer Guide to Tracking on the Web, are available on the Office of the New York State Attorney General’s (the “OAG’s”) website. The Business Guide to Website Privacy Controls is instructive for businesses operating websites available in the state. The OAG’s announcement is made amid increasing regulatory scrutiny, including by the FTC, as well as increased litigation centered on the use of online tracking technologies.
(more…)
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Mitchell Noordyke
Chicago
mnoordyke@sidley.com
Sasha Hondagneu-Messner
New York
shondagneumessner@sidley.com
EU Governments Sign-off Proposed Reforms to GDPR Procedural Rules and Council Reaches Common Member States’ Position
On 24 May 2024, the Council of the European Union (the “Council”) released new details of a proposed reform of the General Data Protection Regulation’s (“GDPR”) procedural rules, which representatives of EU national governments approved on 29 May 2024. On 13 June 2024, the Council issued a press release detailing its agreed common Member States’ position that maintains the general thrust of the original proposed reforms, but which seeks to: (i) introduce clearer timelines; (ii) improve efficiency of cooperation; and (iii) provide an early resolution mechanism.
(more…)
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Arthur Clover
Trainee Solicitor
aclover@sidley.com
Upcoming Events
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
John M. Casanova
jcasanova@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Glenn G. Nash
gnash@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com