The Israeli Minister of Defense issued a new set of regulations to repeal the decades-old ministerial order on the supervision of encryption (referred to as the “Cipher Order”).
This legislative shift is rooted in a fundamental change in regulatory thinking, acknowledging the widespread integration of encryption products and the expansion of the networked environment. Consequently, the historic need for comprehensive ...
The UK Parliament has begun deliberations on the Cyber Security and Resilience (Network and Information Systems) Bill. The proposed UK act aims to improve the security and resilience of network and information systems relied upon for essential activities, primarily through amendments to the existing Network and Information Systems Regulations 2018 (the NIS Regulations).
The bill’s operative parts begin with amendments ...
The judgment of the UK High Court in the case of Getty Images v Stability AI outlines the proceedings in a high-stakes intellectual property dispute filed by Getty Images and its affiliated companies against Stability AI Limited. The lawsuit accuses Stability AI of both trademark infringement and secondary copyright infringement relating to its powerful generative art model, Stable Diffusion.
Much ...
The Munich I Regional Court (Landgericht München I) issued a decision recognizing that the large language models (LLMs) used by OpenAI contained memorized reproductions of protected song-lyrics and held that use of the models constituted a reproduction under copyright law. The case involved claims by GEMA (German Society for Musical Performance and Mechanical Reproduction Rights) that OpenAI’s models had memorized ...
The UK Information Commissioner’s Office (ICO) published a blog outlining its enforcement approach to the UK public sector under the UK GDPR and Data Protection Act 2018. The ICO emphasizes that its primary objective is to raise data protection standards across sectors rather than rely on fines as the default tool. Early engagement with senior decision-makers, audits, guidance, and sandbox-type ...
The California Privacy Protection Agency (CPPA) announced that the California Office of Administrative Law has formally approved the regulatory package implementing the Delete Act.
The regulations, effective 1 January 2026, operationalize the California-managed Delete Request and Opt-out Platform (DROP), a centralized mechanism enabling consumers to issue a single deletion request to all registered data brokers. The framework represents a significant ...
The European Data Protection Board (EDPB) adopted an opinion on the European Commission’s draft implementing decision under Article 45 of the GDPR, recognizing that Brazil ensures an essentially equivalent level of protection for personal data. The opinion acknowledges Brazil’s comprehensive framework as closely aligned with the EU’s General Data Protection Regulation (GDPR).
However, the EDPB highlighted several key areas requiring ...
The European Data Protection Supervisor (EDPS) published “Guidance for Risk Management of Artificial Intelligence Systems” in respect of EU institutions, bodies, and agencies subject to the version of the GDPR that applies to EU bodies (“EUDPR”).
The guidance aims to help EU institutions acting as controllers to identify and reduce specific data protection risks under the EUDPR. The guidance focuses ...
New user? Click here to register