regulation

CIISec: Most Security Professionals Want Stricter Regulations

By / Blog / ,

69% of security professionals want stricter cybersecurity laws, per a CIISec survey. Major regulations like the Cyber Security and Resilience Bill make senior management liable for breaches. 91% believe boards should be accountable for incidents. The UK plans to ban ransomware payments for certain sectors and enforce mandatory incident reporting.

https://www.infosecurity-magazine.com/news/ciisec-security-professionals/

AI FAQ Series

By / Blog / ,

AI regulation encompasses laws and guidelines for AI development, ensuring safety, ethics, and privacy. Pre-existing and specific laws govern AI use, including the EU AI Act. States are enacting AI laws on ownership, liability, and biases. Ethical responsibilities involve transparency, accountability, and bias mitigation. Compliance requires explaining AI processes and integrating human oversight. Privacy laws impact AI data handling and deletion requests. Ongoing lawsuits may affect AI deployment and liability, necessitating alignment with legal developments.

https://www.orrick.com/en/Insights/2025/08/AI-Regulation-Are-There-Regulations-on-AI-AI-FAQ-Series

Taking the EU AI Act to Practice How the Final GPAI Guidelines Shape the AI Regulatory Landscape

By / Blog / , ,

EU AI Act provides regulatory framework for General-Purpose AI (GPAI), clarifying definitions, obligations, and classifications, effective August 2025. Guidelines outline criteria for GPAI models, notably computational thresholds and output modalities. Compliance includes self-assessment, notification procedures, and challenges against classifications. The act covers market implications, model lifecycle responsibilities, and exemptions for open-source models. Key deadlines include conformity by 2027 and enforcement starting 2026.

https://www.twobirds.com/en/insights/2025/taking-the-eu-ai-act-to-practice-how-the-final-gpai-guidelines-shape-the-ai-regulatory-landscape

What the EU AI Act Means for US Tech Companies

By / Blog / , , ,

EU AI Act, effective Aug 2026, regulates AI, affecting US tech firms in Europe. It classifies AI into four risk categories with varying compliance obligations. High-risk AI requires extensive documentation; firms must prepare proactively. Phenom, a compliant startup, emphasizes early adaptation and client education for success. Non-compliance poses significant risks, necessitating awareness and preparation.

https://technical.ly/civics/how-to-comply-eu-ai-act-guest-post/

AI Laws Across U.S. and Global Practice Areas

By / Blog / , , ,

AI laws are evolving globally and in the U.S., addressing risks and ensuring public safety as AI adoption increases. The EU AI Act categorizes AI systems into four risk levels, imposing stricter compliance for high-risk applications and banning those with unacceptable risks. In the U.S., federal agencies provide regulatory guidance, but comprehensive federal law is lacking. Notable state laws, like Colorado's and Utah's, are emerging to govern AI use and protect consumer rights. As AI reshapes legal practice, attorneys must balance innovation with ethical considerations and regulatory compliance.

https://legal.thomsonreuters.com/blog/navigating-ai-laws-and-regulations-across-practice-areas/

Using Artificial Intelligence? Prepare Now for the EU AI Act

By / Blog / , ,

EU AI Act regulates all AI systems used in the EU, imposing strict compliance for high-risk systems, including those affecting employment. Key requirements include AI literacy training, prohibition checks, technical measures, updated policies, data quality management, human oversight, continuous monitoring, recordkeeping, and informing affected individuals. Non-compliance can result in hefty fines. Organizations should assess current AI systems for regulatory adherence and begin the compliance process immediately.

https://www.staffingindustry.com/editorial/cws-30-contingent-workforce-strategies/using-artificial-intelligence-prepare-now-for-the-eu-ai-act

NIS2: Why Are Firms Struggling to Comply?

By / Blog / , , ,

Many organizations struggle with compliance to the EU's NIS2 Directive due to complex supply chains, outdated infrastructure, and insufficient cybersecurity investment. ENISA warns that several critical sectors, like ICT and healthcare, face significant challenges. In contrast, industries such as electricity and banking show more cybersecurity maturity. Additionally, inconsistent national regulation and capacity issues hinder compliance efforts across EU member states. Recommendations for improving compliance include conducting risk assessments, establishing clear asset visibility, appointing NIS2 leaders, and implementing strong incident response plans.

https://www.itpro.com/business/policy-and-legislation/nis2-why-are-firms-struggling-to-comply

The EU AI Act: What You Need to Know

By / Blog / , ,

EU AI Act Summary: The EU AI Act, adopted by the European Parliament, regulates AI development and use, balancing adoption with individual rights. It categorizes AI risks as unacceptable, high, and low/minimal. Unacceptable risks, like harmful subliminal influences, are banned. High-risk systems must comply with strict standards, while low-risk systems face fewer regulations. The Act will gradually implement over time, with measures including prohibitions on risky systems, establishment of national AI regulatory sandboxes, and guidance on high-risk categories. Organizations must assess and document their AI systems regarding these classifications.

https://kpmg.com/dk/en/ai/the-eu-ai-act-what-you-need-to-know.html

The General-Purpose AI Code of Practice

By / Blog / , ,

EU's General-Purpose AI Code of Practice, published July 10, 2025, aids industry compliance with AI Act on safety, transparency, and copyright. It's voluntary for AI model providers, offering legal certainty and reduced administrative burdens. The code includes chapters on Transparency, Copyright, and Safety, applicable to advanced models with systemic risks. Providers can sign the code to demonstrate compliance.

https://digital-strategy.ec.europa.eu/en/policies/contents-code-gpai

Scroll to Top