AI – the threats it poses to reputation, privacy and cyber security, and some practical solutions to combating those threats
Disclaimer: This article was written with the help of AI but also by Michael Yates, Andi Terziu and Alisha Persaud.
MoreWith AI helping to exacerbate cyber threats, legislators in the EU and UK are acting to stem the tide. Significant legislation is either newly in place or on the horizon, and complying with new obligations while preparing for or handling cyber incidents is becoming increasingly challenging. In this edition, we look at the impact of AI on the cyber threat landscape and how to mange risks. We also look at relevant legislative developments (including relating to the UK's PSTIA and the EU's AI Act, revised PLD, DORA and NIS2 implementation). We're nothing if not a full service law firm so we cover how to prepare for and weather the emotional fallout of a cyber attack – it's all part of the service.
Disclaimer: This article was written with the help of AI but also by Michael Yates, Andi Terziu and Alisha Persaud.
MoreJo Joyce provides legal and emotional counsel to those who've suffered or may suffer a cyber attack.
MoreMartijn Loth and Dominique Lensink look at incoming EU cyber security rules for connected devices.
MorePrachi Vasisht and Debbie Heywood compare the UK's Product Security and Telecommunications Infrastructure Act with the EU's draft Cyber Resilience Act.
MoreNicholas Crossland and Charlotte Witherington look at what the EU's Digital Operational Resilience Act means for UK businesses and at similar UK initiatives.
MorePaul Voigt and Alexander Schmalenberger look at Germany's progress on NIS2 implementation.
MoreManaging HR data is an ongoing exercise for employers. We look at data protection requirements for HR data in light of current and incoming law and in the context of recent developments, covering SARs, the EU Whistleblowing Directive, employee monitoring and data breaches as well as top tips for employers.
MoreData exports continue to be high on the agenda but data sharing (of personal and non-personal data) is being looked at much more widely by the EU and the UK in the context of providing individuals with control over their data, opening up the potential of big data, and breaking down barriers to competition. We look at incoming EU legislation relating to data sharing with particular focus on the draft Data Act, as well as at the ICO's Code of Practice on Data Sharing, Privacy Shield 2.0 and data sharing requirements for the UK's Pensions Dashboard.
MorePersonal health data attracts special protection but also benefits from exemptions under UK and EU data protection law. Have legislators and regulators got the balance between innovation and privacy right or do the rules overly restrict advances in healthcare provision and research?
MoreWe look at the UK's implementation of the GDPR journalistic exemption, at the ICO's recently published draft Code of Practice on journalism, the use of data protection law in media cases, and at the tensions between the right to privacy and to freedom of expression.
MoreDigital Legislation Tracker
To help you stay on top of developments we've built a high-level legislation tracker looking at areas relevant to digital businesses across the EU, UK and Germany.
Access TrackerWebinars
Our international team of experts discuss key data privacy issues and developments. Listen to our latest webinars and access our full library.
View recordingsUpdating the Caldicott Principles
Sally Annereau looks at the proposed changes to the Caldicott Principles which aim to maintain future relevance
5 of 5 Insights
Medical devices in the UK – the data protection angle
Mary Rendle looks at the regulatory framework for medical devices processing NHS health data.
by Mary Rendle
1 of 5 Insights
Schrems II – what next for data transfers?
Vin Bange and Debbie Heywood look at the impact of the Schrems II decision on the future of international data transfers, particularly from the EEA and the UK to the USA.
3 of 4 Insights
Data flows to and from the UK after the end of Brexit transition
Debbie Heywood looks at the impact of the end of the Brexit transition period on data transfers to and from the UK.
1 of 4 Insights
The future of Binding Corporate Rules after Schrems II and in light of Brexit
We re-examine the benefits of BCRs in the aftermath of Schrems II and ahead of the end of the Brexit transition period.
4 of 4 Insights
GDPR EU-Representative - For companies without EU establishments
Axel von dem Bussche and Paul Voigt look at the requirement on non-EU established organisations to appoint an EU representative under the GDPR.
by Dr. Paul Voigt, Lic. en Derecho, CIPP/E and Dr. Axel Frhr. von dem Bussche, LL.M. (L.S.E.), CIPP/E
2 of 4 Insights
Employee monitoring in the context of COVID-19
Sally Annereau looks at issues to consider when contemplating return to work or remote work monitoring.
2 of 6 Insights
Processing employee fingerprint data
Debbie Heywood looks at processing employee biometric data in light of a recent fine imposed by the Dutch Data Protection Authority.
3 of 6 Insights
Consent and personal data in an employment setting
Elaine Fletcher and Mary Rendle look at the difficulties with using consent as a lawful basis for processing HR data and consider the alternatives.
by Mary Rendle
1 of 6 Insights