The judgment of the UK High Court in the case of Getty Images v Stability AI outlines the proceedings in a high-stakes intellectual property dispute filed by Getty Images and its affiliated companies against Stability AI Limited. The lawsuit accuses Stability AI of both trademark infringement and secondary copyright infringement relating to its powerful generative art model, Stable Diffusion.
Much ...
The Munich I Regional Court (Landgericht München I) issued a decision recognizing that the large language models (LLMs) used by OpenAI contained memorized reproductions of protected song-lyrics and held that use of the models constituted a reproduction under copyright law. The case involved claims by GEMA (German Society for Musical Performance and Mechanical Reproduction Rights) that OpenAI’s models had memorized ...
The California Privacy Protection Agency (CPPA) announced that the California Office of Administrative Law has formally approved the regulatory package implementing the Delete Act.
The regulations, effective 1 January 2026, operationalize the California-managed Delete Request and Opt-out Platform (DROP), a centralized mechanism enabling consumers to issue a single deletion request to all registered data brokers. The framework represents a significant ...
The UK Information Commissioner’s Office (ICO) published a blog outlining its enforcement approach to the UK public sector under the UK GDPR and Data Protection Act 2018. The ICO emphasizes that its primary objective is to raise data protection standards across sectors rather than rely on fines as the default tool. Early engagement with senior decision-makers, audits, guidance, and sandbox-type ...
The European Data Protection Supervisor (EDPS) published “Guidance for Risk Management of Artificial Intelligence Systems” in respect of EU institutions, bodies, and agencies subject to the version of the GDPR that applies to EU bodies (“EUDPR”).
The guidance aims to help EU institutions acting as controllers to identify and reduce specific data protection risks under the EUDPR. The guidance focuses ...
The European Data Protection Board (EDPB) adopted an opinion on the European Commission’s draft implementing decision under Article 45 of the GDPR, recognizing that Brazil ensures an essentially equivalent level of protection for personal data. The opinion acknowledges Brazil’s comprehensive framework as closely aligned with the EU’s General Data Protection Regulation (GDPR).
However, the EDPB highlighted several key areas requiring ...
The UK Parliament has begun deliberations on the Cyber Security and Resilience (Network and Information Systems) Bill. The proposed UK act aims to improve the security and resilience of network and information systems relied upon for essential activities, primarily through amendments to the existing Network and Information Systems Regulations 2018 (the NIS Regulations).
The bill’s operative parts begin with amendments ...
This October, California Governor Gavin Newsom signed the Digital Age Assurance Act into law, establishing new age verification rules for software applications. The law takes effect on January 1, 2027.
The law focuses on mandatory age verification signals for software applications and online services, aiming to provide greater protections for child users.
Operating system providers (OSPs) are required to provide ...
New user? Click here to register