UK NIS and critical national infrastructure updates
The UK government recently created a page on the new Cybersecurity and Resilience Bill updating the Network and Information Systems (NIS) Regulations 2018. There is no draft of the bill available yet, but it is confirmed the Bill will cover five sectors (transport, energy, drinking water, health, and…
In a rapidly evolving technological landscape, the National Institute of Standards and Technology (NIST) has released crucial guidance on managing risks associated with generative AI (GenAI). Our latest client alert delves into the newly published GenAI Profile (NIST AI 600-1), which outlines 12 potential high-level risks and offers actionable strategies for mitigation by breaking down…
The European Commission (the “Commission”) announced its plans to open a public consultation on the new Standard Contractual Clauses (“SCCs”) in the fourth quarter of 2024. The new SCCs will address the scenario where the data importer (controller or processor) is based outside of the European Economic Area (“EEA”) but is directly subject to the…
The Summer 2023 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:
English version
German versionContinue Reading Get your Update on IT & Data Protection Law in our Germany Newsletter (Summer 2023 Edition)
On 8 June 2023, the UK Secretary of State for Science, Innovation, and Technology, and US Commerce Secretary jointly announced the intention to establish a UK-US data bridge.
The proposed data bridge between the UK and the US would build upon the EU-US Data Privacy Framework (DPF) as the UK Extension allowing free transfers of…
On 13 April 2023, the EU’s Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee) passed a resolution to stop the debate over the draft adequacy decision stating that the new EU-US Data Privacy Framework (DPF) and the Executive Order on Enhancing Safeguards for US Signals Intelligence Activities issued by the US President do not provide sufficient privacy safeguards. The DPF was originally predicted to pass in early 2023 but putting a resolution to Parliament’s vote suggests looming delays.Continue Reading EU-US data transfers: LIBE Committee to stop debate over adequacy decision due to concerns over insufficient privacy safeguards
On 4 April 2023, the Personal Information Protection Commission of Japan (PPC) and European Commissioner for Justice issued a joint Press Statement on the conclusion of the first review of the Japan-EU Mutual Adequacy Decision. Both sides reiterated the importance of cooperation in the data protection regulation sphere that is becoming increasingly complex to navigate.Continue Reading EU may expand the scope of the adequacy decision for Japan following its first review
The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (‘LIBE Committee’) and the European Data Protection Board (‘EDPB’) have recently issued opinions on the European Commission’s draft US adequacy decision (‘Draft Adequacy Decision‘) for the EU-US Data Privacy Framework (‘Framework‘). Both believe there is more…
The winter 2023 edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:
German versionContinue Reading Get your update on IT & data protection law in our newsletter (Winter 2023 edition)
On October 3, 2022, the UK-U.S. agreement on Access to Electronic Data for the Purpose of Countering Serious Crime (the UK-U.S. Agreement) came into force. The UK and the U.S. governments signed the UK-U.S. Agreement on October 3, 2019 under the U.S. Clarifying Lawful Overseas Use of Data Act 2018 (“CLOUD Act”). The U.S. government is negotiating similar agreements with the governments of Canada, Australia and New Zealand, but notably, not with the European Union.Continue Reading Does the UK-U.S. agreement under the U.S. CLOUD Act affect UK’s adequacy under the GDPR?
