Following its White Paper on AI in 2020, the European Commission released in April of this year a proposal for a regulation laying down harmonised rules on artificial intelligence (the "Regulation").  The Regulation builds on various resolutions adopted by the European Parliament in relation to AI and contributes to the EU's objective of becoming a global leader in secure, trustworthy and ethical artificial intelligence. It aims to ensure, on the one hand, legal certainty to facilitate investment and innovation in...

On June 6, the European Commission adopted new Standard Contractual Clauses (SCCs) to enable organizations to transfer personal data outside the European Union (EU) in accordance with the General Data Protection Regulation (GDPR). The new SCCs are intended to address the complex data processing issues that impact modern businesses, and they impose several novel obligations on organizations. Importantly, the new SCCs address situations where the U.S. government (and other non-EU authorities) request access to personal data, which was the...

As most entities look to advance their technology infrastructure post pandemic, cybercriminals are on their own digital transformation journey. Trends like remote work, Internet of Things (IoT), bring-your-own-device (BYOD) and cloud initiatives have given hackers new ways to infiltrate your organization by exponentially expanding the attack surface. Technologies like artificial intelligence (AI) and machine learning (ML) have given hackers new tools to distribute malware, vector in on high-end targets and reach bigger and more diverse audiences. And as these...

Many people use the terms visibility and transparency interchangeably; however, it’s important for shipping professionals to understand that there’s a difference between these two popular terms. While it may seem like we’re splitting hairs, making a clear distinction can go a long way towards a common understanding of what each provides while enabling logistics service providers and shippers to gain the benefits. Visibility Defined: Anecdotally speaking, visibility seems to be the slightly more popular of the two terms right now. In the...

Key insights Keeping your sensitive data and systems secure is critical to your organization’s success. SOC 2 and HITRUST are two ways to have your organization’s security practices evaluated, and while they have many similarities, there are essential differences to consider. Better understand your risk and bring confidence to those you serve, whether your goal is to obtain a SOC 2 report or HITRUST certification. Data has become the most important asset for many organizations, so sharing that data in...

Times are getting harder for foreign investors in the EU! Member States are tightening their foreign direct investment control regimes (see our alert here), and national competition authorities are calling for more rigorous merger control enforcement (see our alert here). The European Commission (“Commission”) encourages Member States to refer to it non-notifiable transactions, and the proposed Digital Markets Act (DMA) shows the direction of the Commission’s intention to regulate (primarily US-based) gatekeepers in the digital markets (see our alert...

Five years after the European Commission first proposed its framework on public country-by-country reporting (pCBCR) to oblige large multinational companies to publicly disclose where they make their profits and where they pay their taxes, the EU’s co-legislators reached a final agreement on Tuesday evening (1 June). The transparency requirement is set to enter into force in early 2023.  After having been blocked by several countries in the Council since 2016, the current Portuguese Presidency of the Council of the EU,...

Companies should check their merger information for accuracy, truthfulness and completeness before handing it over to the European Commission: providing incorrect or misleading information can lead to significant fines and even to the merger clearance decision being revoked. Chemicals company Sigma-Aldrich was fined EUR 7.5 million for having provided incorrect or misleading information on three separate occasions during the Commission’s review of its acquisition by Merck. This is the third fine imposed for providing incorrect or misleading merger information since...