A federal law known as Section 230 has provided a powerful legal shield for internet companies for nearly three decades. Designed to “promote the internet,” it protects platforms from civil liability for content posted to their sites by third parties.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Samir A. Gandhihttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSamir A. Gandhi2024-08-28 14:21:392024-08-28 14:22:26The Legal Battles Taking Shape in the Clash Over Internet Content
Regulation of artificial intelligence (AI) technology in the Asia-Pacific region (APAC) is developing rapidly, with at least 16 jurisdictions having some form of AI guidance or regulation. Some countries are implementing AI-specific laws and regulation, while others take a more “soft” law approach in reliance on nonbinding principles and standards. While regulatory approaches in the region differ, policy drivers feature common principles including responsible use, data security, end-user protection, and human autonomy.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/10/MN-18359_Data-Matters_833x606-09.jpg607833Shu Min Hohttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngShu Min Ho2024-08-16 12:15:032024-08-16 12:15:03Asia-Pacific Regulations Keep Pace With Rapid Evolution of Artificial Intelligence Technology
On 26 July 2024, the European Supervisory Authorities (EBA, EIOPA and ESMA, collectively, the “ESAs”) published their joint final report on the draft Regulatory Technical Standards (“RTS”) specifying the elements that a financial entity should determine and assess when subcontracting ICT services supporting critical or important functions under Article 30(5) of the Digital Operational Resilience Act (“DORA”). The RTS are intended to assist with the enhancement of the digital operational resilience of the financial services sector by improving in-scope entities’ ICT risk management, specifically with respect to the issue of ICT subcontracting.
On July 30, 2024, New York Attorney General Letitia James announced website privacy guides for New York consumers and businesses. The guides, a business-focused Business Guide to Website Privacy Controls and a consumer-focused Consumer Guide to Tracking on the Web, are available on the Office of the New York State Attorney General’s (the “OAG’s”) website. The Business Guide to Website Privacy Controls is instructive for businesses operating websites available in the state. The OAG’s announcement is made amid increasing regulatory scrutiny, including by the FTC, as well as increased litigation centered on the use of online tracking technologies.
On 24 May 2024, the Council of the European Union (the “Council”) released new details of a proposed reform of the General Data Protection Regulation’s (“GDPR”) procedural rules, which representatives of EU national governments approved on 29 May 2024. On 13 June 2024, the Council issued a press release detailing its agreed common Member States’ position that maintains the general thrust of the original proposed reforms, but which seeks to: (i) introduce clearer timelines; (ii) improve efficiency of cooperation; and (iii) provide an early resolution mechanism.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00William RM Longhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngWilliam RM Long2024-08-12 09:33:582024-08-12 09:33:58EU Governments Sign-off Proposed Reforms to GDPR Procedural Rules and Council Reaches Common Member States’ Position
During the King’s Speech on 17 July 2024, the newly appointed UK Prime Minister announced the UK Government’s intention to introduce a new Cyber Security and Resilience Bill to strengthen the UK’s defences against the global rise in cyberattacks and to protect the UK’s critical infrastructure. In background briefing notes published together with the King’s Speech, the UK Government stated that the new Cyber Security and Resilience Bill will “strengthen our defences and ensure that more essential digital services than ever before are protected.” According to the briefing notes, the Cyber Security and Resilience Bill intends to address the concern that the UK has not kept up-to-date with recent legislative advancements made by the EU in the cybersecurity space, resulting in the UK being “comparably more vulnerable.” Although the form of the proposed Cyber Security and Resilience Bill has yet to be released, the UK Government has indicated that it plans to introduce the bill in the coming months.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/10/MN-18359_Data-Matters_833x606-15.jpg607834William RM Longhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngWilliam RM Long2024-08-09 09:38:232024-08-09 09:38:23UK proposes New Cyber Security and Resilience Bill to Boost the UK’s Cyber Defences
In July 2024, Malaysia’s legislative body approved significant changes to the country’s Personal Data Protection Act. The changes have the effect of aligning Malaysia’s personal data protection laws more closely with international data protection laws. The effective date and other implementation guidelines are expected to follow closely.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Yuet Ming Thamhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngYuet Ming Tham2024-08-07 10:10:572024-08-07 10:12:34Important Changes to Malaysia’s Data Protection Laws
On July 23, 2024, the competition authorities of the EU, the UK, and the U.S. issued a joint statement on competition in generative artificial intelligence (AI) foundation models and AI products (Joint Statement). Since the emergence of generative AI, each of the authorities has been individually ramping up its work in order to understand better the potential risks to competition that AI may pose. The Joint Statement may herald a more joined-up global approach with respect to scrutiny of competition in AI.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/10/MN-18359_Data-Matters_833x606-10.jpg607834Ken Dalyhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngKen Daly2024-07-31 10:31:542024-07-31 10:37:37Artificial Intelligence Tops Agenda for Global Competition Authorities: EU, UK, and U.S. Issue Joint Statement
The Legal Battles Taking Shape in the Clash Over Internet Content
A federal law known as Section 230 has provided a powerful legal shield for internet companies for nearly three decades. Designed to “promote the internet,” it protects platforms from civil liability for content posted to their sites by third parties.
(more…)
Samir A. Gandhi
New York
sgandhi@sidley.com
Randi Singer
New York, Palo Alto
randi.singer@sidley.com
Michael E. Borden
Washington, D.C.
mborden@sidley.com
Asia-Pacific Regulations Keep Pace With Rapid Evolution of Artificial Intelligence Technology
Regulation of artificial intelligence (AI) technology in the Asia-Pacific region (APAC) is developing rapidly, with at least 16 jurisdictions having some form of AI guidance or regulation. Some countries are implementing AI-specific laws and regulation, while others take a more “soft” law approach in reliance on nonbinding principles and standards. While regulatory approaches in the region differ, policy drivers feature common principles including responsible use, data security, end-user protection, and human autonomy.
(more…)
Shu Min Ho
Singapore
shumin.ho@sidley.com
David Ryan
Hong Kong
david.ryan@sidley.com
Margaret Huang
Singapore
margaret.huang@sidley.com
Lucy Harris
Singapore
lucy.harris@sidley.com
DORA – ESAs Publish Draft Technical Standards on ICT Subcontracting
On 26 July 2024, the European Supervisory Authorities (EBA, EIOPA and ESMA, collectively, the “ESAs”) published their joint final report on the draft Regulatory Technical Standards (“RTS”) specifying the elements that a financial entity should determine and assess when subcontracting ICT services supporting critical or important functions under Article 30(5) of the Digital Operational Resilience Act (“DORA”). The RTS are intended to assist with the enhancement of the digital operational resilience of the financial services sector by improving in-scope entities’ ICT risk management, specifically with respect to the issue of ICT subcontracting.
(more…)
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Arthur Clover
Trainee Solicitor
aclover@sidley.com
New York Attorney General Publishes Guide to Avoid “Key Mistakes” Regarding Online Tracking Technologies
On July 30, 2024, New York Attorney General Letitia James announced website privacy guides for New York consumers and businesses. The guides, a business-focused Business Guide to Website Privacy Controls and a consumer-focused Consumer Guide to Tracking on the Web, are available on the Office of the New York State Attorney General’s (the “OAG’s”) website. The Business Guide to Website Privacy Controls is instructive for businesses operating websites available in the state. The OAG’s announcement is made amid increasing regulatory scrutiny, including by the FTC, as well as increased litigation centered on the use of online tracking technologies.
(more…)
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Mitchell Noordyke
Chicago
mnoordyke@sidley.com
Sasha Hondagneu-Messner
New York
shondagneumessner@sidley.com
EU Governments Sign-off Proposed Reforms to GDPR Procedural Rules and Council Reaches Common Member States’ Position
On 24 May 2024, the Council of the European Union (the “Council”) released new details of a proposed reform of the General Data Protection Regulation’s (“GDPR”) procedural rules, which representatives of EU national governments approved on 29 May 2024. On 13 June 2024, the Council issued a press release detailing its agreed common Member States’ position that maintains the general thrust of the original proposed reforms, but which seeks to: (i) introduce clearer timelines; (ii) improve efficiency of cooperation; and (iii) provide an early resolution mechanism.
(more…)
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Arthur Clover
Trainee Solicitor
aclover@sidley.com
UK proposes New Cyber Security and Resilience Bill to Boost the UK’s Cyber Defences
During the King’s Speech on 17 July 2024, the newly appointed UK Prime Minister announced the UK Government’s intention to introduce a new Cyber Security and Resilience Bill to strengthen the UK’s defences against the global rise in cyberattacks and to protect the UK’s critical infrastructure. In background briefing notes published together with the King’s Speech, the UK Government stated that the new Cyber Security and Resilience Bill will “strengthen our defences and ensure that more essential digital services than ever before are protected.” According to the briefing notes, the Cyber Security and Resilience Bill intends to address the concern that the UK has not kept up-to-date with recent legislative advancements made by the EU in the cybersecurity space, resulting in the UK being “comparably more vulnerable.” Although the form of the proposed Cyber Security and Resilience Bill has yet to be released, the UK Government has indicated that it plans to introduce the bill in the coming months.
(more…)
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Denise Kara
Important Changes to Malaysia’s Data Protection Laws
In July 2024, Malaysia’s legislative body approved significant changes to the country’s Personal Data Protection Act. The changes have the effect of aligning Malaysia’s personal data protection laws more closely with international data protection laws. The effective date and other implementation guidelines are expected to follow closely.
(more…)
Yuet Ming Tham
Singapore, Hong Kong
ytham@sidley.com
Shu Min Ho
Singapore
shumin.ho@sidley.com
Margaret Huang
Singapore
margaret.huang@sidley.com
Artificial Intelligence Tops Agenda for Global Competition Authorities: EU, UK, and U.S. Issue Joint Statement
On July 23, 2024, the competition authorities of the EU, the UK, and the U.S. issued a joint statement on competition in generative artificial intelligence (AI) foundation models and AI products (Joint Statement). Since the emergence of generative AI, each of the authorities has been individually ramping up its work in order to understand better the potential risks to competition that AI may pose. The Joint Statement may herald a more joined-up global approach with respect to scrutiny of competition in AI.
(more…)
Ken Daly
Brussels
kdaly@sidley.com
Patrick J. Harrison
London
pharrison@sidley.com
Monika Zdzieborska
London
mzdzieborska@sidley.com
Fiona Shajko
London
fshajko@sidley.com
Upcoming Events
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com