Sidley Data Privacy

Digital health AI technologies are transforming the advancement of drug development and healthcare delivery at an unprecedented speed, backed by governments facilitating the momentum to improve healthcare for their growing populations. Sidley’s European life sciences lawyers Josefine Liv Sommer, Eva von Mühlenen, LL.M., and Francesca Blythe share a timely take on the top 5 life sciences industry trends being shaped by pioneering digital technologies. Read more on "Top Trends in the European Digital Health/AI Market."

On September 23, 2024, the U.S. Department of Justice (DOJ) updated its Evaluation of Corporate Compliance Programs (the ECCP) to reflect DOJ’s evolving expectations with respect to corporate compliance programs, including how those programs appropriately address the compliance risks of new technology such as artificial intelligence (AI). Read more on "Compliance Programs Expected to Evolve With Technology: DOJ Updates Corporate Compliance Guidance to Include Artificial Intelligence."

On 12 September 2024, Advocate General Medina issued their Opinion in Case C-383/23 in which they confirmed that supervisory data protection authorities must, when calculating the fine for a GDPR infringement committed by a subsidiary, take into account the total annual turnover of the entire group—a concept known as parental liability. Read more on "Advisor to the CJEU Confirms GDPR Fines For Subsidiary Infringements Should Reflect Group Turnover" in William Long, Francesca Blythe and Anila Rayani's blog post.

On September 26, 2024, the U.S. Department of Commerce Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) published a long-awaited rule proposing to ban certain connected vehicles transactions involving hardware and software linked to the People’s Republic of China (China) and Russia. Read more on "U.S. Department of Commerce Issues Proposed Rule on ICTS Supply Chain for Connected Vehicles" on Jennifer Fernandez, Elyssa (Emsellem) Kutner, Aaron Flyer, Heather Hedges, and Sophia Wallach's blog post.

The U.S. Department of Labor has published an update to its existing #cybersecurity guidance, confirming that the guidance it issued in April 2021 applies to all employee benefit plans, including health and welfare plans. Read our insights here, https://bit.ly/3Xy2kkJ.

Join Sidley partner Francesca Blythe on Thursday, October 10 for ACA Group’s webinar “Ready for DORA? Top Tips for Last Minute Compliance,” where she’ll share her insights on the Digital Operational Resilience Act (#DORA), challenges posed by the directive, and what entities can do now to meet the January 2025 compliance date. Learn more and register below.

On August 30, 2024, the Beijing Municipal Cyberspace Administration, Beijing Municipal Commerce Bureau and Beijing Municipal Government Services and Data Administration Bureau jointly released the “Administrative Measures for the Data Exit Negative List of the China (Beijing) Pilot Free Trade Zone (Trial)” (Administrative Measures) and the “Data Exit Administration List (Negative List) of the China (Beijing) Pilot Free Trade Zone (2024 Edition)” (Negative List) to facilitate the export of important industry data and personal information out of the country by companies operating in the Beijing free trade zone (FTZ). Read more on "Pharma Companies in Beijing Free Trade Zone to Benefit from Relaxed Data Transfer Rules" in Lei Li and Lianying Wang's blog post.

On August 14, 2024, the United States Federal Trade Commission (FTC) announced a final rule that prohibits fake and artificial intelligence-generated consumer reviews, consumer testimonials, and celebrity testimonials, along with other types of unfair or deceptive practices involving reviews and testimonials. Read more on "U.S. FTC’s New Rule on Fake and AI-Generated Reviews and Social Media Bots" on Colleen Theresa Brown, Benjamin Mundel, Lauren Freeman, and Phillip Shaverdian's blog post.

A federal law known as Section 230 has provided a powerful legal shield for internet companies for nearly three decades. Designed to “promote the internet,” it protects platforms from civil liability for content posted to their sites by third parties. But the measure is inspiring lawsuits from plaintiffs who say it allows internet companies to escape accountability for harmful content. Read more on "The Legal Battles Taking Shape in the Clash Over Internet Content" on  Samir A. Gandhi, Randi Singer, and Michael Borden's blog post. 

Read more on "Asia-Pacific Regulations Keep Pace With Rapid Evolution of Artificial Intelligence Technology" on Shu Min Ho, David Ryan, Margaret Huang, and Lucy Harris' blog post.