On January 16, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) published a Final Rule formalizing prohibitions on certain connected vehicles (CVs) transactions involving hardware and software linked to the People’s Republic of China (China) and Russia.1 The Final Rule is scheduled to take effect on March 17, 2025. However, given that the Final Rule is one of several new regulatory frameworks on trade issued in the final days of the Biden administration, it remains to be seen what will happen with these regulations after January 20.
On January 15, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) published in the Federal Register updated export controls on advanced computing items (including advanced integrated circuits (ICs) and related equipment, software, and technology) and, for the first time, controls on artificial intelligence (AI) model weights under the Export Administration Regulations (EAR). These new regulations were published as an interim final rule and took effect on January 13, 2025, although compliance is not required until May 15, 2025. BIS also published in the Federal Register a smaller companion rule on January 16, 2025, that expands licensing requirements on foundries and packaging companies seeking to export advanced computing equipment and requires compliance by January 31, 2025.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Jen Fernandezhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngJen Fernandez2025-01-21 09:05:592025-01-21 09:12:45New U.S. Export Controls on Advanced Computing Items and Artificial Intelligence Model Weights: Seven Key Takeaways
Rapid rulemaking and aggressive enforcement by the SEC, combined with legislative, judicial, and regulatory developments, have created new requirements and expectations for U.S. public companies.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2025/01/MN-24013-Data-Matters-Blog-Imagery-Refresh_B_10.jpg606833Sonia Gupta Barroshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSonia Gupta Barros2025-01-17 11:16:042025-01-17 11:16:04Action Items for U.S. Public Companies for 2025
Tokenization of real-world assets (RWAs) is revolutionizing the way we perceive and manage assets. “Tokenized RWAs,” or more simply the digital representation of physical or intangible assets using a token recorded on a blockchain, allows for the efficient recording, trading, transferring, and managing of tangible assets in a digital format.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Andrew J. Siosonhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngAndrew J. Sioson2025-01-16 10:40:542025-01-16 10:40:542025 Will Be a Brave New Tokenized World
Check out the December issue of Spotlight on Women in Privacy, featuring Nathalie Barrera. Nathalie discusses her role as a privacy attorney at Palo Alto Networks, the importance of continuous learning, and some of the key developments she will be watching out for.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2024/12/MN-24013-Data-Matters-Blog-Imagery-Refresh_A_5-1.jpg606833Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngData Matters Contributors2025-01-14 13:16:562025-01-14 13:16:56Spotlight on Women in Privacy: Nathalie Barrera
On January 3, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) published an Advance Notice of Proposed Rulemaking (ANPRM) on the national security risks posed by foreign adversary involvement in the supply chain for unmanned aerial systems (UAS) (i.e., drones), including risks to critical infrastructure and U.S. sensitive data. BIS seeks public input to inform regulations on the supply of certain UAS components developed by entities linked to the People’s Republic of China (China) and Russia.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Jen Fernandezhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngJen Fernandez2025-01-10 09:05:102025-01-09 15:54:16U.S. Department of Commerce Seeks to Protect Drones Supply Chain From Foreign Adversaries
The new year brings with it several state privacy law developments, including the effective dates for comprehensive privacy legislation in Delaware, Iowa, Nebraska, New Hampshire and New Jersey. Among this flurry of new state law obligations, however, privacy officers should not lose sight of continuing developments in states that helped pioneer the wave of state privacy laws, such as in Colorado.
Several categories of UK financial services firms, including banks, insurers, electronic money institutions, and payment institutions, are required to comply with new requirements on operational resilience beginning 31 March 2025.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Francesca Blythehttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngFrancesca Blythe2025-01-07 10:39:472025-01-07 10:39:47UK Operational Resilience Rules: Are You Ready for 31 March 2025?
U.S. Department of Commerce Finalizes Connected Vehicles Supply Chain Restrictions
On January 16, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) published a Final Rule formalizing prohibitions on certain connected vehicles (CVs) transactions involving hardware and software linked to the People’s Republic of China (China) and Russia.1 The Final Rule is scheduled to take effect on March 17, 2025. However, given that the Final Rule is one of several new regulatory frameworks on trade issued in the final days of the Biden administration, it remains to be seen what will happen with these regulations after January 20.
(more…)
Jen Fernandez
Washington, D.C.
jen.fernandez@sidley.com
Alex Tritell
Washington, D.C.
atritell@sidley.com
New U.S. Export Controls on Advanced Computing Items and Artificial Intelligence Model Weights: Seven Key Takeaways
On January 15, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) published in the Federal Register updated export controls on advanced computing items (including advanced integrated circuits (ICs) and related equipment, software, and technology) and, for the first time, controls on artificial intelligence (AI) model weights under the Export Administration Regulations (EAR). These new regulations were published as an interim final rule and took effect on January 13, 2025, although compliance is not required until May 15, 2025. BIS also published in the Federal Register a smaller companion rule on January 16, 2025, that expands licensing requirements on foundries and packaging companies seeking to export advanced computing equipment and requires compliance by January 31, 2025.
Jen Fernandez
Washington, D.C.
jen.fernandez@sidley.com
Lloyd Lyall
Washington, D.C.
lloyd.lyall@sidley.com
Action Items for U.S. Public Companies for 2025
Rapid rulemaking and aggressive enforcement by the SEC, combined with legislative, judicial, and regulatory developments, have created new requirements and expectations for U.S. public companies.
(more…)
Sonia Gupta Barros
Washington, D.C.
sbarros@sidley.com
Beth E. Berg
Chicago
bberg@sidley.com
Paul L. Choi
Chicago
pchoi@sidley.com
Samir A. Gandhi
New York
sgandhi@sidley.com
John P. Kelsh
Chicago
jkelsh@sidley.com
Claire H. Holland
Chicago
cholland@sidley.com
2025 Will Be a Brave New Tokenized World
Tokenization of real-world assets (RWAs) is revolutionizing the way we perceive and manage assets. “Tokenized RWAs,” or more simply the digital representation of physical or intangible assets using a token recorded on a blockchain, allows for the efficient recording, trading, transferring, and managing of tangible assets in a digital format.
(more…)
Andrew J. Sioson
Washington, D.C.
asioson@sidley.com
Lilya Tessler
Dallas, Miami
ltessler@sidley.com
Erika Cabo
Miami
erika.cabo@sidley.com
Spotlight on Women in Privacy: Nathalie Barrera
Check out the December issue of Spotlight on Women in Privacy, featuring Nathalie Barrera. Nathalie discusses her role as a privacy attorney at Palo Alto Networks, the importance of continuous learning, and some of the key developments she will be watching out for.
(more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
U.S. Department of Commerce Seeks to Protect Drones Supply Chain From Foreign Adversaries
On January 3, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) published an Advance Notice of Proposed Rulemaking (ANPRM) on the national security risks posed by foreign adversary involvement in the supply chain for unmanned aerial systems (UAS) (i.e., drones), including risks to critical infrastructure and U.S. sensitive data. BIS seeks public input to inform regulations on the supply of certain UAS components developed by entities linked to the People’s Republic of China (China) and Russia.
(more…)
Jen Fernandez
Washington, D.C.
jen.fernandez@sidley.com
Heather Hedges
Colorado Finalizes Privacy Act Rules: Key Updates for Businesses
The new year brings with it several state privacy law developments, including the effective dates for comprehensive privacy legislation in Delaware, Iowa, Nebraska, New Hampshire and New Jersey. Among this flurry of new state law obligations, however, privacy officers should not lose sight of continuing developments in states that helped pioneer the wave of state privacy laws, such as in Colorado.
(more…)
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Ben Cross
Chicago
bcross@sidley.com
Sheri Porath Rockwell
Century City
sheri.rockwell@sidley.com
Lauren Kitces
Washington, D.C.
lkitces@sidley.com
Joyce Yeager
Knowledge Management Lawyer
jyeager@sidley.com
UK Operational Resilience Rules: Are You Ready for 31 March 2025?
Several categories of UK financial services firms, including banks, insurers, electronic money institutions, and payment institutions, are required to comply with new requirements on operational resilience beginning 31 March 2025.
(more…)
Francesca Blythe
London
fblythe@sidley.com
James Phythian-Adams
London
jphythianadams@sidley.com
Max Charles Savoie
Eleanor Dodding
London
edodding@sidley.com
Paida Manhambara
London
pmanhambara@sidley.com
Julie Rodriguez
London
julie.rodriguez@sidley.com
Upcoming Events
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com