Skip to main content

Clifford Chance

Clifford Chance

Tech Trends 2024

Five trends to watch

This year will see a surge of digital regulation and enforcement. AI is transforming both business strategies and legal landscapes, privacy and cyber laws are proliferating, and child online safety is coming to the forefront. Delayering, decarbonisation and demand for connectivity are impacting deal-making and investment in digital infrastructure. Rapid legal changes, continuing strides in tech, and geopolitical instability, will create complex challenges as well as opportunities.

We look at five trends across AI, data, cyber, digital infrastructure and emerging tech, that are shaping 2024.

Devika Kornbacher, Co-Chair of Clifford Chance Global Tech Group, says...

"How we protect children from digital harms is in the spotlight. There is vocal consensus on the need to do so, but significant divergence in what that protection should look like. In the US, this legal landscape is evolving on both federal and state levels. A broader range of organizations than ever before will be navigating practical challenges around age-assurance, parental consent, and limited collection of data through a patchwork of laws and regulations."

Jonathan Kewley, Co-Chair of Clifford Chance Global Tech Group, says...

"AI and deepfakes have the potential to severely impact the global election super cycle of 2024, which will see half of the world going to the polls. Governments, regulators and tech companies will all face the challenge of ensuring trust and safety, whilst also leaning into the massive opportunities that AI will reveal in drug discovery, delivery of public services and innovation across the economy."

What's ahead for 2024?

Artificial intelligence

As AI drives innovation and change across sectors, significant changes in the legal landscape will shape both public and private approaches to AI use, development and investment. In 2024, we can expect to see the emergence of AI-specific laws beyond the EU AI Act and President Biden's Executive Order, as well as further important guidance arising from international cooperation efforts and a myriad of regional and national AI initiatives. In parallel, there will be a continued push for voluntary projects and measures, and industry best practices Strategic planning and diligence will be crucial for companies and investors leveraging or investing in AI amid shifting requirements, moving markets and a regulatory spotlight.

Dessislava Savova, Continental Europe Head of Clifford Chance Global Tech Group, says...

"In 2024, AI regulation and compliance gets real. Businesses and regulators spent much of last year adjusting to the AI capability jump, but this year the EU AI Act goes from proposal to law, the USA's Executive Order starts to bite, and China's AI regulations will continue to define the landscape in APAC and beyond. Companies need a clear strategy and roadmap that prioritises governance, risk management and literacy. We will see many organisations on the back foot – being ready to strategically and holistically address a rapidly increasing number of obligations across sectors and jurisdictions will be critical to success."


Violetta Kokolus, Partner, says...

"As the hype around generative AI passes, companies will be cautiously moving from testing to implementing new generative AI solutions and seeking out large strategic partnerships to continue their innovation efforts. While increasing legislation may bring more legal certainty, many questions around fundamental legal theories will remain open and highly contested.

Against this backdrop, companies will be entering into detailed and complex contractual arrangements in an attempt to mitigate risk around legal uncertainty. Companies will also need to continue to focus on, and require more contractual commitments relating to, reliability, security, transparency and equity."

Stavroula Vryna, Partner, says...

"Antitrust regulators have been paying close attention to the potential impact of access to large datasets on emerging AI technology markets. As AI algorithms become increasingly sophisticated, dataset scale may become less important. We may see a trend towards a more holistic view of the role of data in relation to AI – with factors such as data quality, diversity and accuracy spotlighted as key to the development of successful AI products, broadening the range of companies of all sizes that can innovate and become real contenders in the AI space." 

James McPhillips, Partner, says...

"In 2024, the only thing certain about AI is that there are a lot of unknowns. Developments will be rapid, dramatic, and probably unexpected. New companies and products that were previously unimaginable will be developed and launched. Many enterprise processes – from contracting to compliance – will need to be retooled. The commercial marketplace and global legal frameworks for how enterprises develop, buy, and deploy AI is being fashioned as we speak.  We are at the dawn of a new technology era with AI, and this landscape presents both opportunity and risk."


Privacy laws continue to increase in number and scope globally. While often sharing core concepts, divergences in these laws demand careful benchmarking and strategic approaches to multi-jurisdictional compliance. Although there were some positive developments in relation to international data flows in 2023, such as the EU-US Data Privacy Framework, the general trend is towards increasingly onerous and fragmented data protection obligations in areas such as data transfers, legal bases for processing, documentation, and incident reporting, which need to be considered alongside disparate and overlapping cyber regimes. Legislators are also increasingly addressing data governance beyond privacy. The recently enacted EU Data Act is a prominent example of a law aimed at regulating data-driven industries.

Megan Gordon, Partner, says...

"Data laws are proliferating globally. In the U.S., data privacy continues to include a myriad of federal and state laws. Several states have enacted or are continuing to develop comprehensive data privacy laws with requirements that apply across nearly all business sectors. And there is more privacy legislation to come. With no comprehensive federal data privacy law on the horizon, keeping up with state privacy legislation and understanding its scope, applicability, and requirements is more crucial than ever for companies operating in the U.S."

Kate Scott, Partner, says...

"Data privacy claims continue to trend: class actions in the US, but there has been a quiet swell of GDPR decisions before the CJEU. Expect to see more AI claims in 2024, whether framed as data misuse, copyright or disputes as to liability."


Andrea Tuninetti Ferrari, Counsel, says...

"In 2024 the EU's data strategy will push data regulation far beyond privacy, covering much of the data commercialisation chain. The Data Act will reshape the way businesses contract for IoT-generated data, the Cyber Resilience Act will raise the bar for connected hardware and software, and we could see data-specific regulation for the healthcare, automotive and other sectors. The ultimate goal of the EU is to push data-intensive businesses to a level of compliance which generates user and stakeholder trust."

Sian Smith, Senior Associate, says...

"We are seeing rapid developments in APAC as several countries look to implement comprehensive and far-reaching data privacy laws – some for the first time. Although many are taking inspiration from GDPR and other established laws around the world, we are also seeing diverging approaches and nuances in areas such as data breach notification and cross-border data transfers, which require case-by-case consideration. Many of these regimes have either already come into force or are expected to become effective over the next year or two, so preparation is crucial for international organisations with data flows in APAC."


A global increase in new and revamped legislation and regulatory requirements means cybersecurity obligations are becoming more numerous, and stringent and broader in scope. They increasingly impact critical IT service providers and often come with formidable associated enforcement regimes. Nuanced risk management processes, inclusive of employee training, supplier due diligence, audit rights and other robust contractual terms will be key tools in managing risk exposure and securing crucial rights and recourse in the event of an incident or third-party supplier failure.

Stella Cramer, APAC Head of Clifford Chance Global Tech Group, says...

"We’re seeing a global trend towards increased cyber and operational resilience regulation, and in 2024 a broader range of businesses will be affected. APAC is no exception. Indonesia, Vietnam and Singapore are among the jurisdictions that have recently tightened or introduced new data breach notification regimes. One to watch will be the Singapore Cybersecurity Amendment Bill which, if passed, would expand the scope of entities required to comply with obligations around cybersecurity standards, incident reporting, auditing and risk assessments beyond essential service providers."


Holger Lutz, Partner. says...

"Legislative focus on cyber resilience will demand attention – including, in the EU, DORA, NIS II, the revised Critical Entities Resilience Directive and the Cyber Resilience Act. Beyond the legal drivers, cyber resilience is vital as nearly every company relies on digital connectivity and is a potential target for bad actors, who are sophisticated and ruthless."

Ricky Legg, Associate, says...

"Cybersecurity will remain a strong US regulatory focus in 2024. At the federal level, the Securities and Exchange Commission's new requirements for US public companies include public disclosure obligations in relation to cyber incidents, cybersecurity governance and risk management in certain circumstances. These sit alongside an increased focus on cybersecurity and individual accountability in SEC enforcement activity. In 2024 we'll also see US cybersecurity developments impacting financial institutions and critical infrastructure. Many companies will be refining their cybersecurity programs and disclosure controls as the complex cybersecurity regulatory framework evolves in the US and across the globe." 

Digital infrastructure

Increasing demands for connectivity and data mean digital infrastructure is expected to continue to attract investment despite challenging markets and geopolitical risks.  Targets will likely include data centres, space technology, smart cities and next-generation power generation and transmission. Increased regulation and regulatory scrutiny of sustainability, security, resilience and foreign investment mean that activities and investments connected with digital infrastructure will require careful navigation.

Jennifer Chimanga, Co-head of the Clifford Chance Africa Group, says...

"Demand for connectivity, AI, delayering and other evolutions in the telco business model, and a complex regulatory and geopolitical environment, present significant opportunities for deal-making. However, the challenging financing environment brings greater focus on risk mitigation. More financing is coming in the form of debt/quasi-debt and bonds, there is focus on hedging, lenders are applying rigorous due diligence to test revenue models, and deals are taking longer to conclude. These global trends are exacerbated in Africa, which presents significant opportunities for growth but has major economies grappling with currency/FX volatility."


Nadia Kalic, Partner, says...

"We expect that the global trends of decarbonisation and digitalisation will continue to fuel investment by private capital into infrastructure in 2024. Rapid advances in AI and machine learning and the widespread adoption of IoT-enabled devices is making infrastructure more efficient, consumer friendly and sustainable. However, the use of sensitive data and personal information can be a target for commercial espionage, sabotage and foreign interference activity, and we expect to see continued scrutiny by governments on foreign investments and M&A activity in this space."

Jack Hardman, Partner, says...

"The Middle East is seeing significant public and private investment in digital transformation and infrastructure, and emerging technologies. As many countries diversify their economies, foster innovation and develop forward-looking infrastructure, we are seeing some of the world's most exciting megaprojects. Lawmakers in the region are taking note of the successes and challenges of legal and supervisory regimes globally and designing approaches tailored to local priorities and needs."

The evolving tech ecosystem

The power and importance of emerging technologies continue to command attention from legislators and regulators. Legal frameworks aimed at regulating digital markets, online spaces, and evolving tech ecosystems and supply chains, will start to bite. Cross-border M&A and foreign direct investment will remain subject to increasing scrutiny worldwide, primarily driven by competition, national security and industrial policy concerns.

Renee Latour, Partner, says...

"The complexity, duration and unpredictability of merger control and investment screening processes for tech transactions has increased. Foreign investment screening regimes, such as CFIUS, are expanding in number and scope, and tech transcations - due to the technology itself and also the access to sensitive or personal data - are squarely in the crosshairs. Upcoming US restrictions on outbound investment aimed at the development of critical technologies in "countries of concern" for military, intelligence, surveillance, or cyber-enabled capabilities will block, or bring additional complexity to, transactions in quantum, AI and semiconductor and microelectronics sectors."

Oscar Tang, Senior Associate, says...

"Quantum sensing, quantum cryptography and communications, and quantum simulation have drawn the interest of governments and private investors worldwide. The law is not far behind – national security and competition law are core concerns. For example, the UK's National Security and Investment Act 2021 already allows the government to scrutinise and intervene in quantum technology acquisitions. Other considerations will increasingly come into the frame, from data protection and information security compliance to apportioning contractual risks and liabilities between contracting parties. 2024 will see efforts continue in both law and policy as quantum technology continues to develop."

Andrei Mikes, Counsel, says...

"In 2024, the enforcement of the EU's Digital Services Act and Digital Markets Act is set to introduce a new era of digital regulation, especially in the use of AI and content targeting algorithms. These regulations will compel online platforms to disclose how their AI systems operate, why users are exposed to certain content, and ensure that these mechanisms are fair and non-discriminatory. This shift towards greater transparency and accountability in digital services is not just about compliance, but about rebuilding user trust in technology, fostering a more informed and equitable digital space."


Arnav Joshi, Senior Associate, says...

"Online safety will take centre stage in 2024, particularly in relation to children. New regulations and guidance will set higher standards for businesses and create challenges for navigating compliance internationally. Buoyed by a renewed focus on AI, online safety and misinformation, principles like fairness, accountability, transparency and human oversight will be further hard-coded into emerging laws around the world. Organisations already embedding these principles in how they develop and deploy technology will have a competitive advantage." 


Meet our Tech team

move left move right
Jonathan Kewley

Jonathan Kewley

Partner and Co-Chair of the Global Tech Group



View Linkedin Profile

Jonathan Kewley is a Partner and the Co-Head of the Clifford Chance Tech Group, a cross disciplinary team of 400+ lawyers globally advising on Tech risk and opportunity. He has a particular focus on the cutting edge areas of Tech ethics, data, artificial intelligence, cyber security and blockchain regulation.

Devika Kornbacher

Devika Kornbacher

Co-Chair, Global Tech Group and Office Managing Partner, Houston

+1 713 821 2818


View Linkedin Profile

Devika Kornbacher is Co-Chair of Clifford Chance's Global Tech Group, a cross disciplinary team of 600+ lawyers globally advising on Tech risk and opportunity.

Devika is a technology and intellectual property lawyer who leverages her extensive technological knowledge and experience to assist clients in fields such as software, hardware, sports, aviation, and retail. She provides comprehensive advice on technology-related legal matters, including data privacy compliance, cybersecurity preparedness, commercialization agreements, and obtaining, protecting, and licensing intellectual property rights. She handles a wide array of transactions, including license agreements, supply agreements, data sharing agreements, reseller agreements, collaboration agreements, joint ventures, software development agreements and patent clearances.

Dessislava Savova

Dessislava Savova




Dessislava Savova leads our global Consumer Goods & Retail Sector Group as well as our Tech Group in Europe.

Dessislava specializes in all areas of commercial law, including technology and commercial contracts and cooperations, joint ventures, economic regulations, consumer law, and data protection, AI and cybersecurity. She is a member of our global Data Risk team.

Further, she is a lecturer at Sciences Po (Ecole de Droit) and the University of Versailles Saint Quentin-en-Yvelines on Tech & Data Law.

Stella Cramer

Stella Cramer


+65 6410 2208


Stella Cramer is the APAC Head of our Tech Group and a technology and data lawyer based in Singapore.

Stella advises on technology matters across the Asia Pacific region. She specialises in complex digital and transformational technology projects, platform collaborations, and technology transactions, often involving disruptive technologies such as blockchain and artificial intelligence.

Related services

  • Share on Twitter
  • Share on LinkedIn
  • Share via email
Back to top