The European Commission’s proposed amendments to the General Data Protection Regulation (GDPR) mark the first substantive reworking of the regulation since its enactment, signaling a material shift toward economic pragmatism. These changes warrant close attention not only for what they include, but also for what they omit.
By now, we all know what AI is. Some of us use ChatGPT as our search engine, confidant, secretary, travel agent, and much more. Others, at least, are acutely aware that AI exists, because everyone else is talking about it, possibly making money from it, or losing their jobs to it.
In 2023, we summarized the U.S. Department of Treasury report that raised concerns about the growing reliance of financial institutions (FIs) on cloud computing. Treasury highlighted structural imbalances and regulatory blind spots in the relationship between FIs and cloud service providers (CSPs).
Quantum computing (QC) is poised to disrupt cybersecurity in ways that business leaders and legal professionals cannot afford to ignore. But what exactly is quantum computing, why does it pose such a significant threat to encryption, and what should businesses be doing about it today?
As we covered previously, President Trump has made clear that the U.S. is focused on increasing investments into building, scaling and speeding the development of AI infrastructure and data centers in the U.S., and Big Tech is responding in kind.
The AI Action Summit brought together a wide-ranging assembly of influential figures to discuss the future of artificial intelligence (AI) governance, risk mitigation and international cooperation. The attendees included government leaders and executives from multinational and emerging companies. The event was held on February 10 – 12, 2025, in Paris.
The first binding obligations of the European Union’s landmark AI legislation, the EU AI Act (the Act), came into effect on February 2, 2025. Essentially, from this date, AI practices which present an unacceptable level of risk are prohibited and organizations are required to ensure an appropriate level of AI literacy among staff. For a comprehensive overview of the Act, see our earlier client alert here.
Following his second-term inauguration, President Trump swiftly signed a collection of executive orders. Executive orders issued on January 20 and 21, 2025, rescinded a host of executive actions by President Biden. They also advance a number of new policy initiatives and actions. Among the many executive orders addressing wide-ranging areas are two specifically targeted at diversity, equity, and inclusion (DEI) or diversity, equity, inclusion, and accessibility (DEIA) activities. The policy view reflected in these orders is that DEI policies violate federal civil rights laws and undermine national unity because DEI promotes attention to individuals’ demographic identities; the executive orders also depict “illegal DEI” as a “guise” for racial and sex-based preferences.
In Trump Administration Executive Orders Take Aim at DEI in Government and Private Sector, colleagues Julia E. Judish, Aaron S. Ralph, Alexis P. Landrum, Andrew Caplan, Gabby Regard, Jeffrey P. Metzler, Sarah Rowan, Craig J. Saperstein and Aimee P. Ghosh break down these latest developments and suggest proactive compliance measures for contractors as well as potential next steps for private sector entities without federal contracts or grants.
A recent code leak indicated that OpenAI is set to release its first true AI Agent. An AI agent is a system designed to perceive its environment, process information, and autonomously take actions to achieve specific goals. Unlike traditional software that operates based on direct input and predefined instructions, AI agents can analyze situations, make decisions, and sometimes learn or adapt over time to better achieve its goals.
Imagine you’re an associate at a consulting firm. You’re surprised to see a new “AI Assist” button appear in your email application one morning. Without any training or guidance from your firm’s IT department, you decide to try it out, asking the AI to draft a response to a client’s inquiry about tax implications for a proposed merger. The AI confidently generates a response that looks professional and well-written, which you quickly review and send. Three days later, your managing partner calls you into their office—the AI cited outdated tax regulations and recommended a structure that would create significant liability for the client. The incident triggers an urgent internal review, revealing that dozens of employees have been using the undisclosed AI feature for weeks, potentially exposing the firm to professional liability and damaging client relationships.
