We are delighted to welcome you to the first edition of our new Data, Privacy & Cyber Bulletin. Our expanded monthly newsletter will now include contributions from our market-leading teams on the ever-evolving issues of data, privacy and the wider cybersecurity landscape.
The newsletter features thought leadership and practical guidance designed to answer questions, clarify complex legal issues and keep you informed of the trends affecting your business.
By bringing together our expertise in this way, we will be able to provide our clients and readers with both food for thought and input on strategic issues that are defining the way in which they operate. Our Data, Privacy & Cyber team advises on all aspects of advisory and contentious matters, always with a practical and pragmatic approach.
This month’s edition takes in legislative updates in the UK in respect of new data protection legislation, and how proposals to deal with international data transfers have raised concerns about the safety of those transfers. The future regulation of consumer connected products is also discussed, along with concerns how European proposals for the same class of products might impact UK businesses. Further fears around the Replika AI chatbot app are discussed, as well as the recent decision in the long-running dispute between Merck and insurers regarding its property insurance programme.
Our team also considers the conclusions reached by the European Commission following a call for evidence on how regulation of the metaverse should take shape and the impact of the recently announced changes to the fixed recoverable costs scheme in England and Wales, and how this will impact data breach claims.
Data Protection and Digital Information (No.2) Bill passes second reading stage
Initial parliamentary discussions on the Data Protection and Digital Information (No 2) Bill (“the Bill”) have highlighted those issues likely to be the most contentious elements of the Bill during the legislative process.
International data transfers: one step forwards, two steps back?
We consider the progress made as the UK joins the Global Cross-Border Rules Privacy Forum and the challenges that may lie ahead for the EU-US Data Privacy Framework.
Connected products: Publication of draft PSTI regulations raise questions around future European standards
The Government has published draft regulations which will bring the UK’s consumer connectable product security regime into effect on 29 April 2024. Their publication, while offering clarity on expected security standards, also raises questions as to whether similar standards will be implemented in the European Union as part of the Cyber Resilience Act.
The UK Government’s White Paper on AI Regulation - 5 Key Take aways
The Government has recently proposed a framework to legislate AI built around four key elements, which also aims to avoid stifling innovation in the industry. The White Paper offers a differing view to that of the European Commission in both status and approach.
Merck prevails on war clause appeal
The Appellate Division in New Jersey published its decision in the long-running dispute between Merck and insurers regarding its property insurance programme. After more detailed analysis, the Appellate Division reached a similar conclusion to that of the first instance decision.
AI Friends or Foes? The Privacy Risks for Children with Open AI, ChatGPT and Replika
Artificial intelligence (AI) chatbots being advertised as “virtual friends” have become increasingly popular among children. While these “virtual friends” may seem harmless, there are great concerns about privacy risks they pose for children. Recent decisions in Europe are a timely reminder that children require particular protection since they may be less aware of the risks involved.
The European Commission concludes consultation on regulating metaverses
The conclusion of the Commission’s initiative for regulating metaverses has generated an interesting proposed regulatory approach, choosing to forego a formal legislative act and instead focusing on recommendations or opinion; this is likely a recognition of numerous existing EU legislative measures that may apply to metaverses.
Data breach claims and Fixed Recoverable Costs reforms
As any insurer or organisation that deals with data breach claims will know, legal costs typically exceed the quantum of the claim and are a major feature of claims resolution. The recent publication of the draft rules extending the fixed recoverable costs regime, taking effect from October 2023, is a welcome and important development in this field.
We hope you enjoy this month’s edition. Please do contact the authors if you have any questions.
