On June 2, 2026, President Trump issued the Executive Order, Promoting Advanced Artificial Intelligence Innovation and Security. The Executive Order carries forward several priorities included in President Trump’s Cyber Strategy for America, released in March 2026.[1] The Executive Order
Data Matters
Data Matters, published by Sidley Austin LLP, focuses on legal developments and regulatory issues related to data privacy, cybersecurity, and digital regulation. The blog covers topics such as compliance with financial industry regulations, data protection in financial services, implications of EU digital legislation including the AI Act and GDPR, and enforcement actions involving data and privacy. It also addresses practical guidance on consent-based marketing communications and emerging risks like generative AI. The content is relevant to legal professionals and businesses navigating the intersection of data governance, technology, and regulatory compliance.
Blog Authors
Latest from Data Matters
Risk Analysis in the Crosshairs: Four Recent Ransomware Resolutions Preview the HIPAA Security Rule Amendments
On April 23, 2026, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced resolution agreements and corrective action plans with four regulated entities following separate ransomware investigations under the Health Insurance Portability and Accountability…
New York Department of Financial Services Issues Coordinated Guidance on Frontier AI Cybersecurity Risks
On May 21, 2026, the New York State Department of Financial Services (“DFS”) issued two coordinated Industry Letters: a letter on Heightened Cybersecurity Risks Associated with Frontier AI Models (the “AI Advisory”) and accompanying Guidance on Measures Regulated Entities Should…
Chambers 2026 Global Practice Guide for Artificial Intelligence
The Chambers 2026 Global Practice Guide for Artificial Intelligence provides the latest legal information on the rapidly evolving AI landscape, covering the commercial use of AI across key industries, AI-specific legislation and regulation, government and regulatory oversight, generative AI, agentic AI systems…
Scientific Research and the GDPR: EDPB Issues Long-Awaited Guidelines
On 15 April 2026, the European Data Protection Board (“EDPB”) published its long-awaited draft Guidelines 1/2026 on the processing of personal data for scientific research purposes (the “Guidelines”), marking the most comprehensive regulatory statement to date on how the GDPR…
Preparing for the UK’s New Data Protection Complaints Regime: Key Steps Before June 2026
The Data (Use and Access) Act 2025 (“DUAA”) has made a number of changes to the UK’s data protection regime, many of which have already come into force. From 19 June 2026, organisations will need to implement or update their…
U.S. SEC Regulation S-P: Compliance Deadline Approaching for Smaller Entities
The U.S. Securities and Exchange Commission has issued amendments to Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information, which became effective on August 2, 2024 (the Final Amendments). For smaller entities, including registered investment advisers with less…
European Biotech Act I: Navigating the EDPB/EDPS Vision for the Future of Clinical Trials
On 12 March 2026, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) issued a Joint Opinion (the “Joint Opinion”) on the proposed European Biotech Act I (the “Biotech Act”). The Joint Opinion broadly supports the…
U.S. SEC Clears Path for Decentralized Crypto Asset Security Trading With Broker Registration Exception for User Interfaces
On April 13, 2026, the staff of the Division of Trading and Markets (Staff) of the U.S. Securities and Exchange Commission (SEC or the Commission) issued a statement (Statement) that it would not object to certain technology providers — referred…
UK Operational Incident and Third-Party Reporting Rules: What Firms Should Do Now
The Financial Conduct Authority (FCA) has published Policy Statement PS26/2 together with final guidance in FG26/3 and FG26/4. The Prudential Regulation Authority (PRA) has also published PS7/26 alongside Supervisory Statement SS1/26 and an update to SS2/21. PS26/2 and…