SEC’s Cybersecurity Disclosure Rules Are Here. Is Your Company Ready to Comply?

Companies are facing more attacks on their information systems. And, as their cyber risk skyrockets, the SEC has stepped in with new regulations, telling businesses what to disclose about these incidents — and requiring detailed disclosures on cyber risk management more broadly. With the deadline for compliance fast approaching, businesses are scrambling to mitigate their legal risk and comply with regulations that some say may be an overreach.


New EU FIDA Proposal: How Does This Affect GDPR?

The European Commission issued the Financial Data Access Act (FIDA) proposal in June this year. FIDA will create a legislative framework that aims to “bring payments and the wider financial sector into the digital age” by facilitating the sharing of and access to customer financial data (whether of businesses or consumers).


AI Foundation Models: UK CMA’s Initial Report

The CMA has set out its emerging thinking on the functioning of competition and consumer protection in the market for foundation models.


Schumer Framework May Forge U.S. Model on AI Governance

*This article first appeared on Law360 on September 5, 2023.

This summer, Senate Majority Leader Chuck Schumer proposed a distinctive new framework to develop a comprehensive artificial intelligence regulatory policy that is intended to be adamantly bipartisan and committed, as a first principle, to preserving innovation and intellectual property rights.


Alan Charles Raul

Washington, D.C., New York

Regulatory Update: National Association of Insurance Commissioners Summer 2023 National Meeting

The National Association of Insurance Commissioners (NAIC) held its Summer 2023 National Meeting (Summer Meeting) from August 12–16, 2023. Highlights include continued development of accounting principles and investment limitations related to certain types of bonds and structured securities, continued discussion of considerations related to private equity ownership of insurers, a proposed model bulletin addressing the use of artificial intelligence by the insurance industry, and continued development of a new consumer privacy protections model law.


EU, U.S., and UK Regulatory Developments on the Use of Artificial Intelligence in the Drug Lifecycle

Globally, the rapid advancement of artificial intelligence (AI) and machine learning (ML) raises fundamental questions about how the technology can be used. Drug approval authorities are now also taking part in this discussion, resulting in emerging and evolving guidelines and principles for drug companies.


EU Commission Adopts New Rules for GDPR Enforcement: the Beginning of a Centralized Enforcement Model?

On 4 July 2023, the EU Commission proposed a new Regulation for procedural rules to standardize and streamline cooperation between EU Member State Data Protection Authorities (DPAs) when enforcing the EU General Data Protection Regulation (GDPR) in cross-border cases (GDPR Procedural Regulation). The GDPR adopts a decentralized enforcement model. National EU Member State DPAs are competent to enforce the GDPR on their respective territories. However, in cases with cross-border elements, the GDPR requires all concerned DPAs to cooperate in accordance with the GDPR’s “one-stop-shop” through cooperation and consistency mechanisms. Although these mechanisms establish key principles of cooperation and provide the basis for consistent application of the GDPR throughout the EU, the EU Commission determined more legislative action was needed to increase efficiency and harmonization of cross-border GDPR enforcement action.


Oregon Enacts Comprehensive Consumer Data Privacy Law

On July 18, 2023, Oregon joined the growing league of states that have passed a comprehensive data privacy framework. Signed into law by Gov. Tina Kotek, the Oregon Consumer Privacy Act (the Act), or SB 619, is the product of a multi-year effort by the state Consumer Privacy Task Force formed by Oregon Attorney General Ellen F. Rosenblum, comprising 150 consumer privacy experts from various industries. The Act will take effect on July 1, 2024, except for some provisions that will not take effect until January 1, 2026.


Upcoming Events



Meet the Team

<a target=‘_blank’ href="">Kwaku A. Akowuah</a>

Kwaku A. Akowuah

Washington, D.C.
<a target=‘_blank’ href="">Sheila A.G. Armbrust</a>

Sheila A.G. Armbrust

San Francisco
<a target=‘_blank’ href="">Francesca Blythe</a>

Francesca Blythe

<a target=‘_blank’ href="">Colleen Theresa Brown</a>

Colleen Theresa Brown

Washington, D.C.
<a target=‘_blank’ href="">John M. Casanova</a>

John M. Casanova

<a target=‘_blank’ href="">Thomas D. Cunningham</a>

Thomas D. Cunningham

<a target=‘_blank’ href="">Sharon R. Flanagan</a>

Sharon R. Flanagan

San Francisco, Palo Alto
<a target=‘_blank’ href="">David A. Gordon</a>

David A. Gordon

<a target=‘_blank’ href="">Tomoki Ishiara</a>

Tomoki Ishiara

<a target=‘_blank’ href="">Robert D. Keeling</a>

Robert D. Keeling

Washington, D.C.
<a target=‘_blank’ href="">Amy P. Lally</a>

Amy P. Lally

Century City
<a target=‘_blank’ href="">David C. Lashway</a>

David C. Lashway

Washington, D.C.
<a target=‘_blank’ href="">William RM Long</a>

William RM Long

<a target=‘_blank’ href="">Joan M. Loughnane</a>

Joan M. Loughnane

New York
<a target=‘_blank’ href="">Geeta Malhotra</a>

Geeta Malhotra

<a target=‘_blank’ href="">Glenn G. Nash</a>

Glenn G. Nash

Palo Alto
<a target=‘_blank’ href="">Rollin A. Ransom</a>

Rollin A. Ransom

Los Angeles
<a target=‘_blank’ href="">Alan Charles Raul</a>

Alan Charles Raul

Washington, D.C., New York
<a target=‘_blank’ href="">Jennifer B. Seale</a>

Jennifer B. Seale

Washington, D.C.
<a target=‘_blank’ href="">Yuet Ming Tham</a>

Yuet Ming Tham

Singapore, Hong Kong
<a target=‘_blank’ href="">Jonathan M. Wilan</a>

Jonathan M. Wilan

Washington, D.C.
<a target=‘_blank’ href="">John W. Woods Jr.</a>

John W. Woods Jr.

Washington, D.C.


To receive email alerts when we post a blog entry, please provide your name and email address.