Skip to main content

Clifford Chance

Clifford Chance

Talking Tech

Legal insights for a digital age

Featured

2402-009756_LI Postcard3

Digital Services Act (DSA) Checklist

The EU Digital Services Act applies in full since 17 February 2024. We have prepared a PDF which contains an overview of some of the key items to confirm as part of a business's Digital Services Act status checks given this major milestone. The document is interactive – if you want to find out a bit more detail on some aspects, just click where marked. 

 

Download
Media & entertainment

Foul Play: ASA gives a 'red-card' to former footballers for breaching UK advertising rules

In its recent decision the UK advertising regulator, the Advertising Standards Authority (ASA) has upheld complaints against Supreme CBD Ltd (Supreme CBD) for four posts on X (formerly Twitter) which were not obviously identifiable as advertisements and making medical claims that a food supplement CBD product could treat insomnia and anxiety.

Read

German Court Rules on Disclosure of Trade Secrets in Competition Law Investigations

In a landmark decision, the German Federal Supreme Court has adjudicated on the balance between the need for transparency in competition investigations and the protection of a party's trade secrets. The German Federal Supreme Court (the "Court") has delivered a pivotal judgment on 20 February 2024, concerning the disclosure of trade secrets in antitrust proceedings. The case (KVB 69/23) revolves around the German Federal Cartel Office's (Bundeskartellamt – "FCO") intention to share Google's confidential information with competitors during an investigation into Google's business practices.

Read
Cyber

Cybersecurity: where are we now?

Four years into the 2020s there is a clear push in the European Union harmonisation of the rules within the cyber security landscape, with the financial services sector, devices, and cloud security being key areas of focus. This has been a long time coming. Under the guise of its 2020 Cybersecurity Strategy for the Digital Decade, the EU has embarked on a flurry of regulatory developments and proposals that, between them, aim to enhance the baseline cybersecurity of organisations operating in the EU, and levy stronger obligations on certain sectors such as financial services and critical infrastructure. In this overview article, we examine some of these key regulatory developments in the EU, whilst highlighting equivalent efforts, where applicable, in the UK.

Read
dna-molecules

Legal 500: Life Sciences Comparative Guide

We are very proud to have launched the new Legal 500 Life Sciences Comparative Guide as a joint project of The Legal 500 and Clifford Chance. The aim of this guide is to provide its readers with a pragmatic overview of life sciences law across a broad variety of jurisdictions. We have provided the Q&A template for each chapter and also contributed country-specific chapters for the EU and UK. Each chapter provides information about the current issues affecting life sciences practice in a particular country and addresses topics such as legislative framework, regulatory processes, advertising, restrictions, risks of liability and compliance standards as well as insight and opinion and any upcoming legal changes planned for their respective country.

Read the Guide
Data

The European Commission Cookie Pledge the state of play and way forward

The European Commission is working towards introducing a voluntary Cookie Pledge in April this year, with the aim of better empowering consumers to make effective ad choices and alleviating cookie fatigue. The Commission hopes to see adoption by organisations across sectors, with a focus on those in the advertising space. While the Commission has attempted to engage externally through a series of discussions, stakeholders continue to have concerns about the latest draft of the Cookie Pledge. This article sets out our updated analysis on the latest pledging principles for the Cookie Pledge published by the Commission

Read
Fintech

Navigating Digital Securities Sandbox: what is it, and how do I apply?

HM Treasury (HMT) has introduced legislation to launch the UK's Digital Securities Sandbox (DSS).In this article we cover what you need to know, including how to apply, key considerations, and how the DSS compares with its EU equivalent, the DLT Pilot Regime.

Read
Insurtech

Proposed Changes to Reporting and Underwriting Requirements for Pricing Insurance

The New York State Department of Financial Services (DFS) recently issued a proposed circular letter regarding the "Use of Artificial Intelligence Systems and External Consumer Data and Information Sources in Insurance Underwriting and Pricing" (PCL). The PCL incorporates obligations contained in the DFS's 2019 Insurance Circular Letter No. 1 and tracks key themes of the recent National Association of Insurance Commissioners model bulletin on the "Use of Artificial Intelligence Systems by Insurers" and the Colorado regulations on the use of algorithms and predictive models by life insurers.

Read
US-states_600x400px

US State Privacy Laws

U.S. data privacy has entered a new era. Historically, the data privacy legal landscape has been dominated by sector-specific legislation, such as the Graham-Leach-Bliley Act and Health Insurance Portability and Accountability Act, often with a focus on cybersecurity or preventing misuse of certain types of personal information. The California Consumer Privacy Act was the first comprehensive (i.e., broad sweeping) state data privacy law added to this U.S. regulatory framework that focused on consumer protection. Since its adoption, various state-level regulatory and legislative activity has been building momentum. Today, several states have enacted or are continuing to develop comprehensive data privacy laws with requirements that apply across nearly all business sectors. Understanding the scope, applicability, and requirements of these state data privacy laws are more crucial than ever for companies operating in the U.S.  Read our individual overviews of currently enacted comprehensive state data privacy laws to learn more.

Read

Fintech: Five Trends to Watch

While 2023 saw ongoing uncertainty and high-profile financial sector failures, it also brought regulatory progress around the world, including for landmark regulations on digital assets and AI. In 2024, we will see the next stage of pioneering regulation as blueprints and best practices begin to emerge, alongside compliance challenges.

Read

Global M&A in 2024: Five trends to watch

Following a challenging year for mergers and acquisitions (M&A), the macroeconomic climate is now stabilising, and confidence returning to boardrooms. As a result, we expect the recent growth in M&A to gain momentum into 2024, with deal-making influenced by geopolitics, new technology, and the regulatory response to it.

Read

2024 Data Centre Industry Outlook

The data centre industry continues to develop at an increasing pace due to technological advancements and market trends. Significant global market growth, rising rack density and pricing dynamics present a number of challenges and opportunities. In this briefing we examine the drivers of change in the evolution of digital infrastructure such as sustainability and AI, and how they will impact data centres and the companies that use them.

Read
Data

CJEU decisions on administrative fines under the GDPR

On 5 December 2023, the Court of Justice of the European Union (CJEU) published its preliminary rulings in Cases C-683/21 (Nacionalis visuomenés sveikatos centros prie Sveikatos apsaugos ministerijos) (NVSC) and C-807-21 (Deutsche Wohnen SE) (DW). In these cases, factually unrelated but raising overlapping issues of principle, the CJEU reached several key decisions clarifying the position under the EU General Data Protection Regulation (GDPR) regarding the imposition of administrative fines by data protection supervisory authorities

Read
Intellectual Property

UK Supreme Court ruled that AI cannot be an inventor for UK patents

After hearing the case of Thaler v Comptroller General of Patents Trade Marks and Designs in March earlier this year, the UK Supreme Court has ruled, in a hotly anticipated judgment, that an inventor within the meaning of the Patents Act 1977 (the "1977 Act") must be a natural person who devises a new and non-obvious product or process (the invention), and that an AI system cannot be an inventor.

Read
Artificial intelligence

Biden Executive Order on AI: what businesses can do (for now) about the safety and security mandates

On November 16, 2023, we published an article titled "What businesses need to know (for now) about the Biden Executive Order on AI", where we summarized President Joe Biden's Executive Order on the Safe, Secure and Trustworthy Development and Use of Artificial Intelligence (EO) in a global context and offered practical recommendations for business use. This article focuses on the safety and security aspects of the EO and similarly, seeks to offer practical guidance and perspective.

Read

Webinar

Fibre-600x400-3

Webinar: Space tech for smart cities

Smart cities are using technology to make cities faster, smarter, more efficient and sustainable. The market for smart city related services is growing fast, with the European Space Agency referencing a forecast growth of +57% between 2020-2025. Many of these smart city services and associated technology are heavily reliant, if not entirely dependent, on space tech. In this webinar, from 5 December 2023, our speakers explore the importance of space tech to smart cities, the latest developments, and the opportunities and risks for financial investors in the sector.

Watch Here
Artificial intelligence

What businesses need to know (for now) about the Biden Executive Order on AI

On October 30, 2023, President Joe Biden announced an Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (EO), which marks a historic milestone in the regulation of artificial intelligence systems and technologies in the United States.

Read
Consumer

The new UK Online Safety Regime

After being in the works for half a decade, the Online Safety Act 2023 (OSA) received Royal Assent on 26 October 2023. It will join the EU's Digital Services Act (EU DSA) as one of the newest and boldest tech regulations in Europe and is aimed at making the UK 'the safest place to be online'. The OSA will deploy a diverse set of rules, obligations, and regulatory powers designed to protect users, particularly children, from online harms. Whether the OSA, and its regulator, Ofcom, will be successful in striking the balance between freedom of speech and other rights, and the need for online safety, will remain in contention for years to come.In this first of a series of three articles on the online safety regime in the UK, we will provide an overview of the OSA and what it entails for the 100,000 services estimated to be in scope. The following articles in this series will unpack compliance obligations and practical guidance for businesses in more detail.

Read
Data

First-tier Tribunal dismisses UK ICO's Clearview enforcement and monetary penalty notices on jurisdictional grounds

In its judgment dated 17 October 2023, the First-tier Tribunal held that the UK Information Commissioner's Office (ICO) did not have jurisdiction to issue its 18 May 2022 enforcement and monetary penalty notices, which alleged breaches of the UK and EU General Data Protection Regulations (together, GDPR), to Clearview AI Inc (Clearview).

Read
Data

German Data Protection Authorities comment on new EU-U.S. Data Privacy Framework

On 4 September 2023, the Conference of the German Data Protection authorities (DSK) published a guidance on the EU Commission's "adequacy decision" under the GDPR on the EU-U.S. Data Privacy Framework dated 10 July 2023 (DPF) (see our article European Commission approves EU-US data privacy framework). In the guidance, the DSK explains the background and the main content of the adequacy decision on the DPF. They focus on the scope of the new mechanism, the use of alternative instruments for transfers to the U.S. and enforcement of data subjects' rights against certified organizations in the U.S

READ
Data

European Commission approves EU-US data privacy framework

On 10 July 2023, the European Commission reached an "adequacy decision" under the European Union General Data Protection Regulation (GDPR), approving transfers of personal data to organisations located in the United States that will be certified under the newly-established Trans-Atlantic Data Privacy Framework (DPF) agreed between the U.S. and the EU.

READ
Antitrust

The EU Court of Justice's CK Telecoms Judgment

The recent CK Telecoms ruling of the Court of Justice of the EU (CJEU) has overturned a previous judgment of the General Court, which had sought to create stricter and more structured tests for the European Commission to meet before prohibiting certain mergers in concentrated markets under the EU Merger Regulation.

READ
Healthtech

Is ChatGPT a medical device?

ChatGPT can provide medical information, but should it be classified a medical device? It's a question that Germany's Federal Institute for Drugs and Medical Devices (BfArM) was confronted with in an open letter from a Hamburg-based law firm which suggests that ChatGPT – a human-trained OpenAI-based chatbot that feeds its knowledge via freely accessible online sources – falls under the regulations applicable to medical devices in Germany and Europe.

Read
Media & entertainment

Navigating the impact of Generative AI in advertising: new guidance from the ASA

In today's fast growing world of advertising, staying ahead of the curve is essential. There are many way businesses can look to do that, but one that is growing in popularity is using generative AI. How this will work in practice is still up for debate – and will be an interesting area to watch over the next few years, particularly as the global debate on whether there's copyright in the AI-generated works (and if so, who owns it) rumbles on. However, CAP and the ASA have recently released guidance on the use of generative AI in advertising campaigns, to make sure that advertisers stay on the right side of the law

Read
Cyber

Data poisoning and AI transparency

In this article, part of behavioural insights practice Canvas8’s 2024 Expert Outlook – an annual report helping businesses to understand and navigate behavioural change in the year ahead – Herbert Swaniker, a senior lawyer at Clifford Chance, charts the new challenges for cyber security.

Read
ai-abstract-digital-human-face

AI Series: Responsible AI – navigating evolving law, policy and public perception

On 3rd October 2023, we hosted a hybrid session with an international panel of experts to examine differing approaches to AI regulation and policy globally, explore changing public perceptions of AI, and discuss what this means in practice for organisations creating forward-looking, multijurisdictional AI strategies. 

Watch Here

EU Data Act: Political Agreement Reached

The Data Act seeks to foster innovation within the EU by increasing access to, and re-use of, data concerning the performance, use and environment of connected products and related services. Another key aspect is its introduction of provisions which aim to facilitate switching between data processing services (such as cloud services).

Read
Cyber

SEC adopts new cybersecurity disclosure requirements

On July 26, 2023, the U.S. Securities and Exchange Commission adopted new cybersecurity related disclosure requirements that will apply to public companies that are subject to periodic reporting obligations under US federal securities law. The SEC is amending Form 8-K to require registrants that use this form to report specified information related to a cybersecurity incident within four business days of determining that the incident is material.

Read
Fintech

A ripple in still water or a tidal wave: initial reflections on the SEC v. Ripple decision

A federal court has ruled that certain transactions involving the XRP token were not securities transactions. The decision has already created “ripple effects” in the global crypto industry

AI-600x400px-1

Responsible AI in Practice

Public awareness of AI is increasing and, with it, questions on how AI will be used and the impact it will have on our lives. To help identify the pressures faced by policymakers and demands from stakeholders, our report, in partnership with Milltown Partners – Responsible AI in Practice – analyses the results of focus groups of policy-informed individuals conducted in the US, the UK and Germany. Groups were asked about issues such as bias, consent, copyright, transparency,  content moderation and AI governance.  We found that people's attitudes towards AI are developed and nuanced. They are optimistic about the potential of AI, but there is work to do to demonstrate that it will be used responsibly and safely.

Read the Report
about-us-news

Who we are

We are one of the world's pre-eminent law firms, with significant depth and range of resources across five continents. Our Tech Group is a single global team delivering strategic tech law advice to help clients stay ahead of the curve and outstrip the pace of change.

Find out more

Talking Tech Newsletters

Fintech

Global Fintech Update

Our weekly global fintech round-up, summarises fintech regulatory developments that have happened around the world along with our Clifford Chance fintech publications and upcoming events

Read latest edition
Tech

Tech Policy Unit Horizon Scanner

The Tech Policy Unit Horizon Scanner is our monthly dive into the key tech policy and legislative developments around the world.

Read latest edition
ESG

Sustainability: ESG Developments

This monthly newsletter is intended to assist banks, financial investors and corporates in keeping up to date with ESG developments.

Read latest edition
Media & entertainment

The Advertising Brief

Our quarterly newsletter delivering concise summaries of the most interesting cases from the UK's Advertising Standards Authority (ASA) with our key takeaways for all brand owners to be aware of

Read latest edition
Fintech

Global Crypto Round-Up

This monthly newsletter provides you with a monthly brief into the world of digital assets, keeping you up to date with regulatory developments, publications and events from across jurisdictions.

Read latest edition
Cyber

Stories from the Wild

This monthly newsletter will bring you the latest stories in information security and cybersecurity.

Read latest edition

Latest Podcast

australia-tech-connectivity

LabChat: Blockchain in Asia Pacific (with Joanne Chuang, Jack Hardman and Marc Liew)

Create+65 Innovation Lead Joanne Chuang and Dubai Partner Jack Hardman talk to Marc Liew, Head of Ecosystem Development for APAC at R3, about some of the key developments in the blockchain space including whether the current state of the market still presents an opportunity for reflection and innovation, as well as Clifford Chance's collaboration with R3 through the Venture Development Programme.  

Listen

Latest Events

EVENT: Clifford Chance International Festival of Fintech (Tuesday 12 March - Thursday 14 March 2024)

Our third Clifford Chance International Festival of Fintech, will take place virtually on Tuesday 12 to Thursday 14 March 2024, complemented by in-person events in certain locations. Our virtual programme offers three days of insightful global fintech webinars featuring expert panel discussions and fireside chats with industry leaders, each focused on the fast-changing world of financial technology and tackling related legal and regulatory issues.  See the full programme and current line-up of speakers

Register