On 25 May 2022, the European Commission published Questions and Answers for the New  Standard Contractual Clauses to provide practical guidance on the use of standard contractual clauses (SCCs) and help organisations with their General Data Protection Regulation (GDPR) compliance efforts. The Commission confirmed that the Q&A document will be regularly updated.

Continue reading.

In the 2022 edition of our long-running annual podcast, partners in Mayer Brown’s Technology Transactions practice will discuss trends that will drive and shape technology transactions. This year’s program will focus on convergence of cloud, AI and data; innovation through new and complex collaborations; continued change in cybersecurity and privacy laws and priorities; increasing focus

This article is part three of a four-part series by Mayer Brown on the latest trends in digital transformation. Read part one here and part two here.

The rapid advancement of AI technologies in recent years means that regulators are engaged in a game of catch up. While the existing regulatory landscape is sparse

In this National Cybersecurity Awareness Month conversation, Mayer Brown lawyers from our global practice will discuss the latest legal trends and developments relating to cybersecurity in China, Europe and the UK. Topics will include:

  • The implications for international businesses seeking to comply with China’s new Data Security Law and Personal Information Protection Law in combination

Today, 28 June 2021, the European Commission formally adopted two adequacy decisions with respect of transferring personal data from the European Economic Area (the “EEA”) to the United Kingdom (the “UK”): one under the EU General Data Protection Regulation and one under the EU Law Enforcement Directive. The two decisions come into

On 21 April 2021, the European Commission proposed a new, transformative legal framework to govern the use of artificial intelligence (AI) in the European Union. The proposal adopts a risk-based approach whereby the uses of artificial intelligence are categorised and restricted according to whether they pose an unacceptable, high, or low risk to human safety

On 13 April 2021, the European Data Protection Board (“EDPB“) adopted two opinions  (“Opinions“) concerning draft UK adequacy decisions published by the European Commission  which would permit the free flow of personal data from the European Economic Area (“EEA“) to the UK in the post-Brexit world.

The Opinions largely

On 24 September 2020, the European Commission published a proposal for a new regulation – the Digital Operational Resilience Act (“DORA”) – and an accompanying directive to harmonise digital operational resilience rules for financial organisations in the EU.

Digital operational resilience

Digital operational resilience is the ability to build, assure and review the

On 12 November, the European Commission published draft standard contractual clauses for transfers of personal data from the European Union to third countries (“New SCCs“).

Once approved, the New SCCs will replace the previous standard contractual clauses which pre-date the implementation of the General Data Protection Regulation 2016/679 (“GDPR“). The draft

On 12 November, the European Commission published two sets of documents:

  1. draft of the new standard contractual clauses for transfers of personal data from the European Union to third countries (“New SCCs”); and
  2. draft of standard contractual clauses that can be used by controllers when engaging processors located in the European