As companies begin to move beyond large language model (LLM)-powered assistants into fully autonomous agents—AI systems that can plan, take actions, and adapt without human-in-the-loop—legal and privacy teams must be aware of the use cases and the risks that come
With the entry into force of the AI Act (Regulation 2024/1689) in August 2024, a pioneering framework of AI was established.
On February 2, 2025, the first provisions of the AI Act became applicable, including the AI system definition, AI
The rulemaking process on California’s Proposed “Regulations on CCPA Updates, Cybersecurity Audits, Risk Assessments, Automated Decisionmaking Technology, and Insurance Companies” (2025 CCPA Regulations) has been ongoing since November 2024. With the one-year statutory period to complete the rulemaking or be
On April 14, 2025, the European Data Protection Board (EDPB) released guidelines detailing how to process personal data using blockchain technologies in compliance with the General Data Protection Regulation (GDPR) (Guidelines 02/2025 on processing of personal data through blockchain
The European Commission published its long-awaited Guidelines on Prohibited AI Practices (CGPAIP) on February 4, 2025, two days after the AI Act’s articles on prohibited practices became applicable.
The good news is that in clarifying these prohibited practices
(Updated May 12, 2025)
Since January, the federal government has moved away from comprehensive legislation on artificial intelligence (AI) and adopted a more muted approach to federal privacy legislation (as compared to 2024’s tabled federal legislation). Meanwhile, state legislatures
SPB’s Tokyo/Shanghai Partner Scott Warren, along with New York Partner Julia Jacobson, will be speaking on and moderating panels at the Society for the Policing of Cyberspace (POLCYB) Global Cybercrime Management Executive Roundtable in Vancouver, Canada on May 30 as
The Ministry of Electronics and Information Technology (MeitY) has recently released the much-awaited draft of the Digital Personal Data Protection Rules, 2025 (Rules) for public consultation. These proposed Rules provide important insights into the upcoming implementation of India’s new data
In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
Companies in all industries take note: regulators are scrutinizing how companies offer and manage privacy rights requests and looking into the nature of vendor processing in connection with application of those requests. This includes applying the proper verification standards and