The European Union (EU) is introducing new regulations for online and tech businesses to create a consistent legal framework across various sectors. By 2025, several European and German laws will come into effect. Want to know which ones? Keep reading! This alert provides a quick overview of what these 2025 frameworks are about, who they
Regulatory
Online Safety Act – Keeping you updated
By Asélle Ibraimova on
On 25 March 2024, Ofcom called for evidence for the third phase of its online safety regulations. This call for evidence will culminate in Ofcom’s third consultation paper, which will act as guidance for service providers to ensure compliance with the Online Safety Act (“OSA”).
The third phase of online regulations introduces further…
Utah’s GenAI Law Holds AI Users Accountable for Deceptive Outputs
Utah’s recent passage of updates to its consumer protection law and the Artificial Intelligence Policy Act (Utah AI Policy Act), which comes into effect on May 1, 2024, could mark an important moment in AI regulation. Notably, the updates to state consumer protection law emphasize holding companies that use generative AI (GenAI)—rather than developers—accountable if…
Introduction of a UK BCR Addendum
By Asélle Ibraimova on
On 19 December 2023, the Information Commissioner’s Office (ICO) published its updated guide on UK Binding Corporate Rules (BCRs), introducing the UK BCR Addendum for controllers and processors (the Addendum). It will enable organisations with existing EU BCRs to include data transfers from the UK.Continue Reading Introduction of a UK BCR Addendum
Cybersecurity preparedness: What guidance to follow?
With cybersecurity becoming a board-level issue, compliance officers, lawyers, board members, and business drivers are looking for official guidance or recommendations on cybersecurity measures to protect business, customers, and the wider economy.Continue Reading Cybersecurity preparedness: What guidance to follow?
UK & US cybersecurity agencies release new ‘Guidelines for Secure AI System Development’
On 26 November 2023, the US Cybersecurity and Infrastructure Security Agency (CISA), together with the UK’s National Cyber Security Centre (NCSC), published joint ‘Guidelines for Secure AI System Development’ (the Guidelines).
The Guidelines were formulated by CISA and the NCSC, in cooperation with 21 other international agencies and ministries, as well as industry experts.Continue Reading UK & US cybersecurity agencies release new ‘Guidelines for Secure AI System Development’
The UK Online Harms Bill becomes the Online Safety Act
By Asélle Ibraimova & Sarah O'Brien on
On 26 October 2023, the UK adopted the Online Safety Act 2023, which introduces new obligations for online platforms to improve user safety online by ensuring content that is illegal and harmful is monitored and removed. We previously compared the Act in its draft form with the EU Digital Services Act here and will be updating the table soon.Continue Reading The UK Online Harms Bill becomes the Online Safety Act
“Reject All” button in cookie consent banners – An update from the UK and the EU
By Asélle Ibraimova & Sven Schonhofen on
Currently there are two trends on cookie consent banner design – either (1) the “Accept All” and “Reject All” options are shown in the first layer of a cookie consent management solution, or (2) only the “Accept All” option is shown in the first layer together with a link to the second layer of the cookie consent management solution where the user can reject to the use of non-essential cookies. There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required.Continue Reading “Reject All” button in cookie consent banners – An update from the UK and the EU
The UK Information Commissioner’s Data Protection Practioner’s Conference 2023 on Cybersecurity
By Asélle Ibraimova & Sarah O'Brien on
On 3 October 2023, the UK Information Commissioner’s Office organised its annual Data Protection Practioner’s Conference 2023 (DPPC 2023). This year its focus was on Cybersecurity – a topic that concerns organisations across the board. Here are the takeaways from the DPPC 2023 (the event sessions available here).Continue Reading The UK Information Commissioner’s Data Protection Practioner’s Conference 2023 on Cybersecurity
DRCF to launch AI and Digital Hub regulatory advice pilot in 2024
By Sarah O'Brien on
On 19 September, the Department for Science, Innovation and Technology (DSIT) announced in a press release that it is to launch a pilot advisory service next year, called the DRCF AI and Digital Hub.
This service will be operated by members of the Digital Regulation Cooperation Forum (DRCF), made up of the Information Commissioner’s Office (ICO), the Office of Communications (Ofcom), the Competition and Markets Authority (CMA) and the Financial Conduct Authority (FCA).
The DRCF AI and Digital Hub will provide businesses with tailored advice and support regarding how to meet requirements across multiple regulatory regimes. The DSIT anticipates that this service will expedite the process of getting new products and innovations to market, in a safe and responsible manner.
As such, the launch of the DRCF AI and Digital Hub will likely be welcome news for businesses across the UK, providing companies and innovators with the tools to navigate a challenging and multi-layered regulatory environment.Continue Reading DRCF to launch AI and Digital Hub regulatory advice pilot in 2024