Topic: Data protection

This article examines how Australian financial regulators approach artificial intelligence, summarising key guidance from ASIC, APRA, OAIC and AUSTRAC and setting out practical compliance considerations for firms, boards and executives.

Generative AI is quickly becoming part of everyday legal work, but recent court decisions show it can also create real risks for attorney client privilege.

The video gaming industry is an alluring target for cyber criminals. In response, regulators in various jurisdictions have sought to bring video gaming into scope of critical infrastructure legislation or have adopted sector-specific rules.

Most incidents handled by our Norton Rose Fulbright cyber team originate from the customer’s service provider. In many cases it is the service provider’s systems, infrastructure and environment which proves to be the most vulnerable to cyber breaches and security issues.

Businesses investing in, financing or operating data centres face a complex matrix of laws and regulatory requirements. Ensuring compliance is important for lender and investor due diligence and is crucial to avoiding fines, penalties and contractual or regulatory breaches that can significantly impact the business and any investment in, or financing of, data centres.

Please join us at our 12th Annual European Data Protection Conference.

On 16 January 2023, Singapore’s Infocomm Media Development Authority (IMDA), in collaboration with the AI Verify Foundation, announced a public consultation on its draft Model AI Governance Framework for Generative AI (Draft GenAI Governance Framework), showing the areas where future policy interventions relating to generative AI may take place and options for such intervention.

The UK Information Commissioner’s Office (ICO) published its final guidance on monitoring workers on 3 October 2023 (the Guidance).

We have published an article, EU: An overview of the European digital strategy, explaining the aims and key components of the EU digital strategy, outlining at a high-level key legislation that has been published in this space in the past three years and highlighting the way in which the various legislative instruments interact with each other and with European data privacy rules.

The Commercial Court in Jinxin Inc v Aser Media Pte Ltd and others & Others has ruled that an employer’s right to monitor and access private information of an employee held on its systems does not extend to a loss of confidentiality in those documents, and therefore a loss of privilege, as against the employer.