86 avsnitt • Längd: 35 min • Veckovis: Torsdag
Welcome to Hogan Lovells’ The Data Chronicles, brought to you by the firm’s global Privacy and Cybersecurity practice. This multimedia series is dedicated to the ever-changing legal and regulatory developments in the world of data, privacy, and cybersecurity. Join us as we unravel and unpack various regulatory frameworks and legal developments around the globe.
The Data Chronicles will provide:
In-depth Insights: Our videos and podcasts feature interviews hosted by Scott Loughlin, co-lead of the Privacy and Cybersecurity practice, with leading privacy, cybersecurity, data and other professionals at the forefront of their fields. We’ll share their insights, experience, and practices related to legal issues that cut across legal disciplines, geographies and regulatory regimes.
Trending Topics: Stay up-to-date with the latest developments in privacy, data protection, cybersecurity, data challenges, and emerging technologies. We analyze the implications of these trends and offer insight useful to you and your organization.
The podcast The Data Chronicles is created by Hogan Lovells. The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
In this episode of The Data Chronicles, host Scott Loughlin is joined by Charmian Aw, a partner in the firm’s Singapore office, to explore the current state of data protection law across the Asia Pacific region.
As countries throughout the region ramp up regulations around privacy, cybersecurity, incident response, and AI, it has become increasingly difficult for organizations to keep pace with the rapid developments. Together, Scott and Charmian provide a timely update on recent trends, enforcement activity, and what the future may hold for data governance in this complex and evolving landscape.
With artificial intelligence rapidly reshaping industries, its implications for competition law are becoming more significant than ever. This episode of AI Issue Spotting dives into the evolving relationship between AI and antitrust law in the United States, under the new administration and more broadly.
As AI continues to disrupt markets, understanding its influence on mergers and acquisitions, consumer protection, and competition is crucial. Scott Loughlin is joined by Logan Breed and Chris Fitzpatrick, senior leaders from Hogan Lovells' global antitrust and competition team, to discuss how AI is transforming legal frameworks and what it means for businesses navigating this new frontier.
As AI agents become more integrated into business operations and products, understanding their impact is crucial.
In this episode of AI Issue Spotting, Scott Loughlin is joined by Daniel Berrick, Senior Policy Counsel for Artificial Intelligence at the Future of Privacy Forum, to break down the growing significance of AI agents. They explore key questions around how AI agents function, their risks to data privacy and security, and the challenges they pose in terms of alignment and accuracy. Scott and Daniel discuss the novel issues surrounding data collection, disclosure, and the need for explainability and oversight as AI agents continue to evolve.
With the EU Data Act, the landscape of connected products and the allocation of rights to product data is set to change.
This episode of The Data Chronicles is the final installment in a three-part series on the EU Data Act, turning the spotlight onto connected products and related services. Scott Loughlin is joined by Christian Tinnefeld, a partner at Hogan Lovells’ Hamburg office, and together they dive into how the new law will affect everything from smart devices to wearables, from IoT to medical products.
They explore key parts of the Act, highlighting the impact on data access, privacy, and product development. With deadlines fast approaching, they also discuss the steps businesses must take to navigate this shift and the challenges and opportunities it brings.
The EU Data Act is set to reshape the cloud computing landscape in the EU, but what does it mean for cloud providers and users in practice? That is the question this episode of The Data Chronicles seeks to answer.
Scott Loughlin continues the discussion on the EU Data Act with Henrik Hanssen, counsel from Hogan Lovells’ Hamburg office, to explore how the cloud switching and interoperability requirements under the EU Data Act will affect cloud service product design, customer agreements and cloud business models. As cloud providers face the need to adapt, Scott and Henrik break down the challenges and opportunities that come with this significant regulatory shift.
The EU Data Act is set to transform the digital economy—but what does that mean for businesses?
In the first episode of our three-part series, host Scott Loughlin is joined by Hogan Lovells colleagues, Christian Tinnefeld, partner, and Henrik Hanssen, counsel to break down the Act’s key provisions, its impact on cloud computing, connected products, and data-sharing obligations, and what companies must do to comply before the looming deadlines. From data mapping to contract renegotiations, they explore the challenges and opportunities businesses must navigate.
Tune in for a practical guide to understanding one of Europe’s most significant digital regulations.
The Data Chronicles, a multimedia series from Hogan Lovells’ global Data, Privacy and Cybersecurity practice, is exploring EU data protection regulations in this episode.
Scott Loughlin is joined by Etienne Drouard, partner at Hogan Lovells in France and a former officer at the CNIL, to discuss the CNIL's unique guidelines on AI models and individuals' rights and whether they signal a need for a unified EU approach. They examine challenges in aligning GDPR with AI and defining AI models' boundaries, while some EU regulators focus on training data, and others on outputs’ regulation. The discussion also covers the speed of coordination between regulators and what businesses can expect as AI integration accelerates.
The Data Chronicles is checking in on the status of data protection law in Latin America.
Whether it’s privacy, cyber, or AI, there is a lot going on throughout the region. Join host Scott Loughlin and fellow Hogan Lovells partner Guillermo Larrea as they discuss the challenges businesses face when complying with a wide variety of data protection laws, restrictions on cross-border data transfers, and the evolving standards for AI.
They also cover topics such as emerging trends in enforcement, the region’s unique challenges for legal harmonization, and best practices for managing cybersecurity breaches impacting data subjects and businesses in Latin America.
As global data transfer rules continue to evolve, Scott Loughlin is joined by fellow Hogan Lovells lawyers Eduardo Ustaran and Katie McMullan in this episode of The Data Chronicles to unpack the latest developments.
From longstanding US policies and new DOJ rules to Europe's evolving stance, including the impact of the Trump administration and NOYB complaints regarding transfers to China, they cover many important topics.
The trio also discusses the role of Transfer Impact Assessments (TIAs) and offers projections for the future of global data transfer restrictions, providing actionable insights for businesses on how to navigate these changes, including the use of Binding Corporate Rules (BCRs).
This episode of The Data Chronicles features a conversation on the latest developments on India's Digital Personal Data Protection Act of 2023. With newly proposed rules providing details on implementation, Scott Loughlin and Stephen Mathias, Partner and head of the Bangalore office of Kochhar & Co and Co-Chair of the firm's Technology Law Practice, break down key requirements, including: the evolving standard for consent, notice obligations across 22 languages, cybersecurity and breach notification mandates, and more. Scott and Stephen also investigate the broader implications for global businesses, including compliance challenges and how multinational companies should prepare.
AI impact assessments are becoming increasingly important as organizations deploy more AI technologies, and this episode of AI Issue Spotting is here to break down why they matter. These assessments help organizations answer critical questions about their AI systems, from how they work to how they address potential legal risks like bias, safety, and privacy.
Scott Loughlin is joined by Daniel Berrick, Senior Policy Counsel for Artificial Intelligence at the Future of Privacy Forum, to discuss the latest practices and trends in AI Impact Assessments.
The Data Chronicles dives into the recent FTC action against data broker Mobilewalla, which highlights the Commission’s continued focus on the collection, use, and disclosure of sensitive consumer data, including by downstream data recipients in the ad tech ecosystem. Join Scott Loughlin and Hogan Lovells colleague Alaa Salaheldin as they unpack the implications of the FTC action and what it means for the future of data privacy, ad tech and location data.
Explore the evolving relationship between AI and ESG (Environmental, Social, and Governance) issues in this episode of AI Issue Spotting.
As AI technology continues to advance, it brings with it unique legal challenges, particularly in the realm of ESG litigation. Scott Loughlin is joined by David Foster, a partner at Hogan Lovells and leader of the firm’s ESG litigation practice. Together, they examine how AI is intersecting with ESG concerns, including emerging legal risks like AI washing, and the future trajectory of ESG-related lawsuits.
Explore the recent updates in U.S. AI laws, focusing on regulations specific to the health and life sciences sector. With the rise of state-level AI legislation, particularly in California, this episode of AI Issue Spotting discusses how these new laws are shaping the regulatory landscape particularly for entities in the health and life sciences sector. Unlike broad, EU-style regulations, these laws are tailored to address sector-specific challenges and use cases, signaling a continued trend of fragmented, patchwork regulations across industries. Scott Loughlin is joined by Hogan Lovells colleagues Jessica Robinson Hanna and Alyssa Golay to examine the implications of these changes for healthcare, data compliance, and AI in general.
In this special year-end episode of The Data Chronicles, host Scott Loughlin is joined by Eduardo Ustaran, global co-lead of Hogan Lovells' Privacy and Cybersecurity practice, while they take a deep dive into the key developments of 2024 and offer insights into what’s ahead for 2025.
From enhanced regulatory enforcement in the EU to the evolving patchwork of U.S. state privacy laws, they discuss the dynamic challenges shaping the digital landscape. The episode also highlights AI's transformative role, with a focus on privacy implications, governance, and emerging regulations like the EU AI Act. Eduardo shares updates on international data transfer frameworks, while Scott explores the U.S.’s approach to AI innovation and national security concerns surrounding global data flows.
Tune in for one of our favorite episodes of the year, for our analysis and actionable insights on navigating these pivotal changes in data privacy, cybersecurity, and AI governance.
Join us for a short series examining the DOJ’s recent Notice of Proposed Rulemaking (NPRM) on cross-border data transfers and its potential to reshape global data flows from the US to China and other “countries of concern.” We’ll explore the NPRM’s implications for national security, compliance programs, data governance and the unique impact it will have on the health and life sciences sectors.
The impact on the health and life sciences industry
Finally, in Episode 3, Scott continues the discussion with partner Mike Druckman to explore the unique impact of the proposed rule on the health and life sciences sector, including new standards for sensitive data such as genomic information and biospecimens.
Join us for a short series examining the DOJ’s recent Notice of Proposed Rulemaking (NPRM) on cross-border data transfers and its potential to reshape global data flows from the US to China and other “countries of concern.” We’ll explore the NPRM’s implications for national security, compliance programs, data governance and the unique impact it will have on the health and life sciences sectors.
Global Compliance
In Episode 2, Scott discusses with partners Elizabeth Boison and James Denvil the NPRM’s implications for global compliance and data protection programs.
Join us for a short series examining the DOJ’s recent Notice of Proposed Rulemaking (NPRM) on cross-border data transfers and its potential to reshape global data flows from the US to China and other “countries of concern.” We’ll explore the NPRM’s implications for national security, compliance programs, data governance and the unique impact it will have on the health and life sciences sectors.
Overview, Global and Political Shifts
In Episode 1, host Scott Loughlin provides an in-depth overview of the recent NPRM. Later in the episode, Scott is joined by Hogan Lovells partner Ajay Kuntamukkala to discuss the global commercial implication of the proposed rule and its potential impact on global businesses.
In this episode of The Data Chronicles, Scott Loughlin leads a timely discussion on the evolving landscape of U.S. privacy regulations in the wake of the 2024 presidential election.
Recorded in December 2024, just weeks after Donald Trump’s election victory and the election of a Republican-controlled Congress, this episode explores how shifts in federal leadership could reshape the federal privacy framework. Scott is joined by Hogan Lovells colleagues Mark Brennan, Bret Cohen, and Harsimar Dhanoa. Together, they analyze the implications for businesses and consumers, highlighting the potential changes for privacy laws in the U.S.
Host Scott Loughlin is joined by Hogan Lovells partner Jason Downs to explore the growing legal challenges surrounding AI and consumer protection, particularly in areas like pricing, hiring, transparency, and bias.
State attorneys general are increasingly focused on how AI systems affect consumers and using their broad authority to pursue alleged AI harms. With penalties for violations potentially reaching US$10,000 per occurrence, proactive risk management is a must.
Tune in to learn how attorneys general across states are considering these issues and how to stay ahead.
Explore the legal challenges at the intersection of AI.
As AI systems become more power-hungry, data centers must meet rising energy demands, raising complex legal and societal questions.
Scott Loughlin is joined by Hogan Lovells partners Chip Cannon and Amy Roma, who share their expertise on how tech and energy companies are addressing these challenges across the U.S. Together, they dive into issues like energy regulation, data center power consumption, and the legal complexities emerging from the growing demand for AI infrastructure.
The FTC's new Click-to-Cancel rule is designed to simplify the process for consumers to cancel recurring subscriptions and memberships, requiring B2B and B2C businesses to evaluate their practices, user interfaces, and compliance measures. While the intent is clear, its implications are extensive, and the rule has already been challenged in court.
Scott Loughlin is joined by Harsimar Dhanoa, who specializes in emerging regulations. Together, they explore the impact of the new rule in the broader context of user experience, data protection, and consumer rights, as well as the important role of data protection professionals in navigating these changes.
This episode continues the discussion from the AI Mastery Class, where Scott Loughlin is joined by Donald DePass from the D.C. Privacy and Cybersecurity team and Ana Rumualdo from the Mexico City office.
Together, they examine how ethics influences AI compliance programs, highlighting the need to balance harm prevention with technological progress.
They cover key topics such as product safety, transparency, and user empowerment, while also discussing practical steps organizations can take to effectively incorporate ethical practices into their AI development processes.
Explore the challenges of clinical trial recruitment within the life sciences sector in this episode of The Data Chronicles.
Successful clinical trial recruitment is critically important to any research sponsor, including pharmaceutical and medical device companies and this poses a number of complex FDA and privacy considerations.
Host Scott Loughlin is joined by fellow Hogan Lovells lawyers Robert Church, a partner in the FDA practice, and Melissa Levine, counsel in our Privacy and Cybersecurity practice. Together, they discuss how organizations can navigate the regulatory landscape and address the unique hurdles that arise in attracting and enrolling suitable data subjects for clinical studies.
In this Data Chronicles podcast, host Scott Loughlin is joined by Hogan Lovells colleagues Ryan Thompson and Harsimar Dhanoa to explore the clash between data privacy, regulation of online services, and the First Amendment as spotlighted in a recent Ninth Circuit decision on California’s Age-Appropriate Design Code Act (AADC). This ruling, which found that the AADC’s Data Protection Impact Assessment (DPIAs) requirements likely violate the First Amendment, could impact data protection policy more broadly as policymakers increasingly see DPIAs as a regulatory tool. Listen as they dissect the ruling’s implications for DPIAs and the future of using DPIAs as a component of kids policy.
Data minimization is now a popular data protection requirement for policy makers. Whether it’s in established laws like HIPAA, GDPR or the CCPA, or the emerging state laws, lawmakers increasingly expect that businesses will only collect, use, and retain only the minimum amount of personal data. That’s easier said than done.
While the requirement seems straightforward, it is very difficult to implement or even to know where to start. Matt McClelland, Managing Director & IG Practice Leader at Ankura, joins host Scott Loughlin to explore data minimization strategies, including as part of larger data governance programs. While challenging, learning how to approach data minimization can create lasting value for data-driven businesses' AI and cyber risk management.
The FTC has concerns with user reviews. As consumers explore a vast global marketplace, they increasingly depend on product and service reviews to make informed decisions. There are widespread questions, however, whether these reviews can be manipulated or become misleading, including through non-disclosed paid endorsements and AI-generated fake entries.
To address both the importance of reviews and their integrity, the FTC is introducing new rules, which the FTC believes will enhance transparency and fairness in user reviews. Host Scott Loughlin, along with Hogan Lovells lawyers Lance Murashige and Harsimar Dhanoa, will explore how these regulations will impact ecommerce and create a new regulatory overhang for user reviews. This discussion will provide valuable insights into the impact of these changes on both businesses and consumers.
In this episode, host Scott Loughlin is joined by Commissioner Keith E. Sonderling of the U.S. Equal Employment Opportunity Commission (EEOC). Commissioner Sonderling, a leading voice on the impact of artificial intelligence in employment and human resources, offers insights into how developers and employers can harness AI’s potential while managing the underlying legal risks of using AI to support HR functions. Together, Scott and Commissioner Sonderling explore the intersection of AI and employment, with a particular focus on weighing bias concerns against the promise of AI in transforming the hiring process to match talent with opportunities. This episode is a must-listen for HR professionals, legal teams, and anyone interested in the future of AI in the workplace.
Host Scott Loughlin is joined by Hogan Lovells teammates Aaron Lariviere and Rachel Parrish to examine the evolving landscape of individual privacy rights under U.S. state laws in this episode of The Data Chronicles.
Together, they discuss how differing privacy rights — such as access, deletion, and opt-outs — create compliance challenges for organizations operating under the disparate set of U.S. rules. This discussion provides valuable insights into navigating these intricate state-specific laws and implementing effective strategies for compliance.
Our AI issue spotting podcast series on how AI is being litigated today and where disputes are likely to arise in the future.
In this episode, Scott Loughlin is joined by Hogan Lovells partner Vassi Iliadis, a litigator with a strong background in high-stakes class actions involving cybersecurity breaches, privacy violations, and the legal challenges of AI technologies.
Their discussion provides valuable insights into how AI litigation will evolve from a focus on disputes on what data and IP is ingested into AI technology to later spotlight liability arising from AI outputs and how companies use them in their operations.
Artificial intelligence is not just reshaping our world; it’s also redefining the rules of international trade and export controls.
In this episode, host Scott Loughlin is joined by Hogan Lovells partners Aline Doussin and Stephen Propst to explore how AI is influencing global trade laws and export regulations. Together, they investigate the complexities and emerging challenges of managing AI-enabled products across different jurisdictions, offering insights into navigating the evolving legal landscape.
The dynamic legislative landscape takes center stage in this episode of The Data Chronicles. Across the United States, state legislatures have passed numerous bills relating to privacy, online safety, and data governance, contributing to the complex regulatory environment.
This episode recaps the legislative changes in the first half of 2024, featuring insights from host Scott Loughlin and Harsimar Dhanoa, an associate dedicated to privacy and cybersecurity at Hogan Lovells.
Join them as they discuss the implications of these new laws for businesses and consumers, and what lies ahead in the dynamic intersection of technology, law, and policy.
This episode of The Data Chronicles focuses on insider threats in the hiring process.
Recent reports have highlighted a concerning trend where North Korean nationals seek and sometimes secure jobs in the United States and other Western countries using sophisticated methods to evade sanctions restrictions and potentially steal data. These developments have reignited discussions on how organizations should handle insider threats from sanctioned countries during recruitment.
Joining Scott Loughlin are Dan Ongaro, Hogan Lovells senior associate, and Landon Winkelvoss, co-founder of NISOS, a firm specializing in managed intelligence and digital investigations. Together, they share their insights, dissect the complexities of this issue, and propose strategies to enhance organizational security from insider threats, both foreign and domestic.
In this episode of The Data Chronicles, host Scott Loughlin is joined by Hogan Lovells counsel Dan Whitehead to dive into the evolving realm of cybersecurity regulation in the European Union (EU). Together, they explore the adoption of the Network and Information Security (NIS2) Directive, a cybersecurity framework set to impact a wide range of industries including tech, life sciences, and other critical infrastructure provided both within and outside the EU. The discussion delves into the evolving nature of cybersecurity law, highlighting the implications on security governance, board-level oversight, and incident reporting, along with the GDPR-level fines for non-compliance. Listen as these regulatory changes are dissected and learn about how organizations are looking to comply with these new standards in practice.
In this episode, host Scott Loughlin is joined by Hogan Lovells partners, Joke Bodewits and Nathan Salminen, to unpack the pressing questions surrounding the offensive and defensive use of AI in cybersecurity. Both Joke and Nathan are seasoned cybersecurity lawyers and regular guests of The Data Chronicles, and together they whether AI functions as a cyber weapon, its role in defense strategies, and the new cybersecurity challenges and vulnerabilities it presents.
In this episode of The Data Chronicles, host Scott Loughlin is joined by Hogan Lovells senior associate Dan Ongaro to explore security researchers, in particular, how they differ from threat actors and best practices for handling security researchers effectively. Discussion includes bug bounties and other vulnerability disclosure programs to help organizations remain secure and responsive to legal implications of security researchers such as when researchers cross the line to potential incidents or breaches.
In this episode we discuss how AI is creating new legal issues in the already complex field of digital health. Join host Scott Loughlin and Hogan Lovells partner Melissa Bianchi as they explore the key regulatory frameworks and compliance issues surrounding AI in healthcare in the digital world and how many tech organizations – whether they think of themselves as healthcare companies or not – are now becoming digital health companies in the age of AI.
In this episode we dive into the intricate world of artificial intelligence and commercial contracting. Host Scott Loughlin is joined by Hogan Lovells partner David Toy to explore the nuances of AI in commercial contracting. Dave's expertise in technology, intellectual property, commercial contracting, and outsourcing has seen him negotiate every type of tech deal imaginable, and now it seems like AI is part of each of them. New commercial issues are popping everywhere – from reps to indemnities – with no market standard yet in sight.
Artificial intelligence is not just a futuristic concept; it's a present-day reality that's transforming how we create, share, and protect intellectual property. In this episode host Scott Loughlin is joined by Hogan Lovells counsel, Lauren Cury, to discuss how AI is reshaping the landscape of copyright law. Together they examine both the challenges and opportunities it presents and the strategies companies can employ to stay ahead in this rapidly evolving field.
In this episode of The Data Chronicles, we explore the groundbreaking Colorado AI Act (CAIA), the first cross-sectoral AI governance law in the U.S. Host Scott Loughlin and Hogan Lovells senior associate Sophie Baum explore the implications of this pioneering legislation. Together they discuss the major provisions of the CAIA and highlight developer and deployer obligations, enforcement and rulemaking components of the bill and what companies need to do to prepare when CAIA goes into effect in February 2026.
In this episode of The Data Chronicles, we examine the role of law enforcement in cybersecurity. Host Scott Loughlin leads a discussion with Amit Kachhia-Patel, Assistant Special Agent in Charge (ASAC) overseeing the FBI New York Field Office’s cybersecurity squads, and Pete Marta, partner at Hogan Lovells, as they navigate how companies may leverage the expertise and resources of the FBI in a cyber crisis and explore the evolving landscape of cyber threats globally. Join us as we uncover the collaborative efforts between the private sector and law enforcement needed in combating cybercrime.
The U.S. Federal Communications Commission is once again top of mind for players in the digital economy. The FCC has reinstated net neutrality rules as part of Chairwoman Rosenworcel's push to play a larger role in network, cyber, and national security issues. In this episode, host Scott Loughlin is joined by Hogan Lovells senior counsel Charles Mathias and counsel John Castle, to discuss the privacy implications of the final rules, including how this policy could further restrict foreign access to data, and grant FCC authority over addressing cyber vulnerabilities and imposing other data protection obligations.
Gov. Wes Moore made Maryland the second state to try to create strong limits on information collected on children by signing a new age-appropriate design code into law. In this rapid reaction episode, host Scott Loughlin is joined by Hogan Lovells associate Harsimar Dhanoa to discuss the new law, known as the Maryland Kids Code, and how it seeks to limit data that could be collected from children online and help keep children safe online.
Gov. Moore also signed Maryland’s comprehensive privacy law into law – you can find our rapid reaction episode discussing the key points of the bill here.
Email cyberattacks: a silent threat lurking in our inboxes. In this episode of The Data Chronicles, we dive into the dark world of email-based cyber threats, from phishing scams to misdirected wires. Host Scott Loughlin is joined by Hogan Lovells partner, Nathan Salminen, to discuss the tactics hackers use to deceive users and exploit mailboxes. Learn practical tips to safeguard your inbox and your data as we unravel the complexities of email security against digital adversaries.
Predictions are that artificial intelligence will intersect with virtually every aspect of our lives and seemingly it's impacting every legal discipline. With the issues so widespread and varied, AI lawyers seemingly need to know how to issue spot everything. Is that even possible? In this episode of The Data Chronicles, we examine relationship between US antitrust law and AI. Host Scott Loughlin leads the conversation with special guests Edith Ramirez, partner at Hogan Lovells and former chairwoman of the Federal Trade Commission (FTC), and Chris Fitzpatrick, senior associate at the firm. Together, they explore how AI is transforming market dynamics and how regulators see AI triggering antitrust legal concerns and obligations.
Did you miss our analysis of the Maryland comprehensive privacy bill? If you prefer a quick podcast discussion, we have that too. Join Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, and Hogan Lovells associate Harsimar Dhanoa in a rapid reaction episode discussing the newly passed bill.
In this episode of The Data Chronicles, we dive into the groundbreaking legislation of the European Union (EU) Artificial Intelligence (AI) Act. With artificial intelligence increasingly permeating various aspects of our lives, regulating its development and deployment has become the focus of many policymakers. Host Scott Loughlin is joined by Hogan Lovells partner and co-lead of the Privacy and Cybersecurity practice, Eduardo Ustaran, to break down the key components of the EU AI Act and explore its objectives, scope, and implications for businesses around the world. Through tactical insights and analysis, we aim to shed light on how this legislation is shaping the future of artificial intelligence in Europe and beyond.
Is AI law a new legal discipline for lawyer specialization? The Data Chronicles is interested in knowing the answer. In this episode, host Scott Loughlin is joined by two AI attorneys, Tiffany Georgievski, AI, Data Privacy and IP Attorney with SonyAI, and Peter Tsapatsaris, Lead Counsel of AI at Salesforce, as they discuss the role of an AI attorney, the essential skillset required for success, and whether AI law should be new category for the legal bar.
Host Scott Loughlin and Hogan Lovells partner James Denvil delve into the recent Executive Order (EO) issued by the Biden Administration. Designed to limit access by countries of concern to sensitive personal data of Americans, this EO marks a significant development in cross-border data protection policy. Together, Scott and James explore the implications of the EO, shedding light on its potential impact on the digital ecosystem and how this game-changer in data governance will have far-reaching effects and challenges for businesses operating in the digital landscape.
In this episode of The Data Chronicles, we exam complex legal frameworks for website cookies in the EU. Cookies, those little bits of data stored on our devices, play a significant role in shaping our online experiences, from personalization to tracking user behavior. However, with great power comes great responsibility, and cookies have found themselves at the center of various privacy and compliance debates relating to their lawful use. Host Scott Loughlin is joined by Hogan Lovells Partners, Joke Bodewits and Gonzalo Gallego as they highlight the functionality, legality, and future implementation of regulations surrounding cookies in the EU.
Data scraping, the automated extraction of information from websites, has become a ubiquitous practice in today's data-driven world. However, as organizations harness the power of scraped data to gain insights and drive innovation, questions arise regarding its ethical and legal implications. In this episode of The Data Chronicles, host Scott Loughlin is joined by Hogan Lovells partner Eduardo Ustaran, counsel Lauren Cury, and senior associate Alyssa Golay as they delve into the realm of intellectual property (IP) and privacy. As the appetite for data grows, so do concerns at safeguarding privacy and IP rights in an increasingly digitized world.
Live free or die can now can be applied to consumer privacy. New Hampshire is the latest state to pass comprehensive consumer privacy legislation. Listen in to join host Scott Loughlin and Hogan Lovells associate Harsimar Dhanoa for a rapid-fire analysis of the newly passed bill.
In the post-Dobbs era, concerns have arisen regarding the potential for organizations or governments to gather data from smartphones, revealing information about individuals' visits to medical facilities. Join host Scott Loughlin in this episode as he delves into the pressing issue of geofencing with Hogan Lovells associate, Paige Papandrea. Together, they navigate through the landscape of emerging state laws concerning health privacy and explore the jurisdictions where these laws are emerging, and provide insights into the implications these new requirements hold for organizations navigating the intricacies of health data privacy.
Several states have passed consumer health privacy laws that include unique obligations for a wide array of health-related data. In this episode, host Scott Loughlin is joined by Hogan Lovells counsel Donald DePass and associate Paige Papandrea to discuss the background of these laws, what requirements and trends are in motion, and the challenges that await.
Navigating the intricacies around the secondary use of research data in the European Union (EU) can be daunting. Building upon a previous episode on this subject under U.S. law, in this episode we delve into the EU regulatory landscape governing data usage in research. Scott Loughlin is joined by Hogan Lovells Partner, Patrice Navarro, to unravel the complexities, shedding light on the nuanced rules governing data collection and its secondary use for research.
Companies are excited about AI and the many benefits it can offer. Meanwhile, the many risks are real and legal teams are looking for ways to manage them. What’s the answer? It starts with AI governance, and that’s the focus of this episode of the Data Chronicles podcast. Host Scott Loughlin is joined by Kimberly Zink, a privacy professional with a long history in leading privacy, data governance and, now, AI teams. Together, they explore how businesses and their legal advisors can transition from merely assessing risks to actively addressing them at scale, including the establishment of the right internal infrastructure and processes to make responsible and risk-based use of AI.
With more than 30 African countries adopting data protection legal frameworks and the rapid development of privacy laws in the Middle East, organizations operating in the Middle East and African (MEA) region need to understand their obligations and compliance risks. On this episode of the Data Chronicles, host Scott Loughlin is joined by Hogan Lovells Senior Associate, Aissatou Sylla, to discuss the general overview for the data protection laws in place in the MEA region, highlight the key privacy considerations and obligations and spotlight enforcement trends for each jurisdiction with respect to consent, direct marketing, DPA registration, data transfers, localization, sensitive data, children's data, breach notification requirements, and more.
Addressing zero-day security vulnerabilities requires fast work. In this 10-minute episode, we highlight a newly announced vulnerability in Ivanti's Connect Secure VPN software that has the government and cyber professionals concerned. Since recording on 15 January 2024, this dynamic threat has rapidly evolved. Professionals report the potential for multiple waves of attempted exploitation. The Data Chronicles is here to help and provide you what you need to know to take action. Host Scott Loughlin is joined by Charles Carmakal, Chief Technology Officer at Mandiant, a prominent cybersecurity firm to discuss the vulnerability, the nature of the threat and immediate mitigation steps.
Did you miss our analysis of the comprehensive New Jersey consumer privacy bill? If you prefer a quick podcast discussion, we have that too. Join Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, and Hogan Lovells associate Harsimar Dhanoa in a quick reaction episode of The Data Chronicles. They discuss the bill, what’s new, what’s the same, what’s different and what you need to know.
Researchers and sponsors often want to use data from research studies for research not necessarily contemplated in the protocol or informed consent from the study. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, is joined by counsel Melissa Levine to discuss the complex interaction of U.S. federal and state research and privacy laws that affect the secondary use of research data. They tackle what organizations should consider when evaluating whether to proceed with a secondary research use, the compliance considerations, and approaches to obtaining consent for secondary use from the start of the study and ways to mitigate risk when the consent obtained does not cover the intended secondary uses.
In the final episode of season 1, Scott Loughlin and Eduardo Ustaran, co-leads of the Privacy and Cybersecurity practice discuss their privacy and cybersecurity predictions for 2024 in the EU and US. Among trending topics such as generative AI and automated decision-making, they touch on the use of technology for employee monitoring, the evolution of international data transfers, the intersection of data security and antitrust, and cybersecurity vulnerabilities in the supply chain. Scott and Eduardo share their forecast on enforcement trends, sensitive data, and privacy and cybersecurity litigation, arising from the delayed discovery of how the internet works.
Novel in design and comprehensive in scope, the Digital Services Act is a major reform package that will regulate all online intermediary businesses offering services to EU users starting in 2024. In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, is joined by partner Anthonia Ghalamkarizadeh to discuss the new compliance obligations online marketplaces, social media sites, app stores, search engines, and other services hosting and/or disseminating user generated / third party content will be made subject to. They discuss what digital platforms should know as the law matures and starts to take a more broad effect on data regulation in Europe.
Insider threat remains one of the most challenging cybersecurity issues companies face today.
Over the course of this Data Chronicles series, Hogan Lovells colleagues from across of our firm practice groups will share insights garnered from deep experience working on insider threat investigations and discuss key issues touching everything from privacy and cybersecurity to employment and IP.
In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, and partner Vassi Iliadis and counsel Adam Cooke delve into the differences and difficulties that come with conducting an insider threat investigation from a U.S. perspective, touching on attorney-client privilege, key stakeholders, and more.
Insider threat remains one of the most challenging cybersecurity issues companies face today. Over the course of this Data Chronicles series, Hogan Lovells colleagues from across of our firm practice groups will share insights garnered from deep experience working on insider threat investigations and discuss key issues touching everything from privacy and cybersecurity to employment and IP. In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, and Hogan Lovells partner Christine Gateau and senior associate Dr. Thore Feil discuss what is unique about conducting an insider threat investigation, particularly with respect to global approaches and different jurisdictional sensitivities.
This special episode, originally recorded at this year’s CAQH Connect conference, features a conversation on the hotlist of issues that touched the health data environment in 2023. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, sits down with partner, co-founder of the Hogan Lovells Privacy and Cybersecurity practice, and former lead lawyer in the development of HIPAA regulations, Marcy Wilder. Together, they discuss the complex U.S. health privacy landscape, the changing enforcement environment, the use of generative AI in the health care sector, and the rise of ransomware and extortion cybersecurity incidents.
The Biden Administration has issued an extensive Executive Order establishing new standards for artificial intelligence (AI) safety and security. In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, is joined by Mark Brennan, lead of the Hogan Lovells Technology and Telecoms sector group, and Harsimar Dhanoa, associate in the Privacy and Cybersecurity practice, to discuss the landmark efforts made by the White House as part of a comprehensive U.S. strategy for responsible AI innovation. The episode covers how this EO and other shifting frameworks will impact both developers and users of AI, how organizations can start preparing today, and what the future of AI regulation may look like.
In this episode, we delve into the realm of cybersecurity, with a particular focus on the concept of cybersecurity governance. Cybersecurity governance entails managing the human elements within organizations, uniting multiple departments, diverse personalities, and various dynamics to address a common challenge. Scott Loughlin, co-lead of the Hogan Lovells Privacy & Cybersecurity practice, is accompanied by Mike Priest, Chief Information Security Officer at Globe Life, and Jason Fruge, former Chief Information Security Officer at Upbound Group. Together, they explore various guidance documents, frameworks and methods through which cybersecurity professionals can deliver significant value to their executive teams and their boards.
In this episode we embark on a fascinating journey into the heart of Miami, where innovative technology and data-driven insights are transforming the urban landscape. The Underline, a 10-mile linear park designed by the world-renowned architects of New York’s High Line, is redefining Miami's public spaces and connectivity, transforming the city's underutilized spaces into vibrant, green, and connected corridors. Scott Loughlin, co-lead of the Hogan Lovells Privacy & Cybersecurity practice, is joined by Hogan Lovells Counsel and Pro Bono Counsel to The Underline, Daniel Balmori, and The Underline's Chief Innovation Officer, Jake Moskowitz, to discuss how data and technology can shape a more connected, sustainable, and inclusive city.
Insider threat remains one of the most challenging cybersecurity issues companies face today. Over the course of this new Data Chronicles series, Hogan Lovells colleagues from across of our firm practice groups will share insights garnered from deep experience working on insider threat investigations and discuss key issues touching everything from privacy and cybersecurity to employment and IP. In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, discusses with Hogan Lovells partners James Denvil and David Sharfstein, and senior associate, Alicia Paller, how to kick off an insider threat investigation and factors companies should keep in mind.
Scott Loughlin: Contact
James Denvil: Contact
David Sharfstein: Contact
Alicia Paller: Contact
Insider threat remains one of the most challenging cybersecurity issues companies face today. Over the course of this new Data Chronicles series, Hogan Lovells colleagues from across of our firm practice groups will share insights garnered from deep experience working on insider threat investigations and discuss key issues touching everything from privacy and cybersecurity to employment and IP. In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, and Hogan Lovells partners Pete Marta and Stephanie Yonekura lay the foundation for how insider threats may present within organizations and how companies may prepare to mitigate the associated risks.
Scott Loughlin: Contact
Pete Marta: Contact
Stephanie Yonekura: Contact
In our second installment of our two-part series, we discuss the proposed rules issued by the California Privacy Protection Agency (the CPPA) focusing on cybersecurity and the requirement to conduct cybersecurity assessments. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, is joined by Hogan Lovells associates Dan Ongaro and Alaa Salaheldin as they explore the implications these cybersecurity requirements will have on data professionals, businesses, as well as corporate boards.
Scott Loughlin: Contact
Dan Ongaro: Contact
Alaa Salaheldin: Contact
In September, the Board of the California Privacy Protection Agency (CPPA) announced the first public drafts of two forthcoming sets of regulations relating to the California Consumer Privacy Act and California Privacy Rights Act. These “discussion” drafts focus on new requirements related to cybersecurity audits, privacy risk assessments, AI, and automated decision-making. In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, is joined by Hogan Lovells senior associate Aaron Lariviere to explain the context for the draft regulations, to walk through key features of the privacy risk assessment regulations, and to explore the potential impacts these regulations will have for businesses.
Scott Loughlin: Contact
Aaron Lariviere: Contact
The role of a Data Protection Officer (DPO) has been well-known under data protection laws in Europe, currently under the EU GDPR, and prior to that, the EU Data Protection Directive. The role goes as far back as the 1970s, however, despite its established history, numerous questions continue to revolve around the responsibilities of a DPO. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, sits down with Hogan Lovells partner Christian Tinnefeld to discuss the ever-evolving role of a DPO and provide some practical tips for those serving in the function.
In this episode of The Data Chronicles, we delve into the emerging realm of cyber risk and liability and its connection to the False Claims Act. Join us as Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, engages in a conversation with Hogan Lovells partner Mike Scheimer and counsel Stacy Hadeka. Together, they explore the implications when organizations holding government contracts face allegations of breaching their cybersecurity commitments. Discover why this is a vital concern, particularly for defense contractors, universities, and any entity providing products and services to the United States Government receiving CUI or subject to unique cybersecurity requirements such as CMMC.
Scott Loughlin: Contact
Mike Scheimer: Contact
Stacy Hadeka: Contact
The Federal Communications Commission (FCC) has proposed a voluntary cybersecurity labeling program to address unique cybersecurity concerns associated with the growing number of Internet of Things (IoT) devices. Against the backdrop of the FCC’s Notice of Proposed Rulemaking (NPRM), Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, discusses with Hogan Lovells partners Ari Fitzgerald and Katy Milner the scope of the FCC’s proposed program (covering everything from mobile phones and computers to Internet-connected refrigerators, cars, and speakers) and how manufacturers of these devices should be thinking about the new requirements.
Scott Loughlin: Contact
Ari Fitzgerald: Contact
Katy Milner: Contact
In the second installment of our two-episode series, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, interviews Hogan Lovells litigation partner Vassi Iliadis and associate Laura Penaranda for an in-depth discussion on arbitration risks and class action waivers. They delve into the effects these provisions have on consumer-facing companies after a data security issue, resulting in an increase in arbitration demands due to clauses that are included in common terms of use contracts. The discussion provides an overview of arbitration risks, the impact of mass arbitration, and what companies should consider when revising their arbitration agreements.
Scott Loughlin: Contact
Vassi Iliadis: Contact
Laura Penaranda: Contact
This episode explores the recently adopted rules from the U.S. Securities and Exchange Commission (SEC) on cybersecurity disclosures for publicly traded companies. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, chats with Hogan Lovells partners John Beckman, Allison Holt Ryan and Paul Otto as they uncover key elements of these rule changes, including enhanced disclosure requirements for certain cybersecurity incidents, cyber risk management expectations, and updated processes for cybersecurity oversight and reporting.
Scott Loughlin: Contact
John Beckman: Contact
Allison Holt Ryan: Contact
Paul Otto: Contact
In today's digital age, the challenges of cybersecurity are increasing and evolving. When a data breach happens, the legal aftermath can be both complex and costly. In the first installment of a two part series, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, interviews Hogan Lovells litigation partner Allison Holt Ryan and counsel Adam Cooke as they discuss the ins and outs of data breach litigation, focusing on the current environment, a recent Fourth Circuit decision and its implications, and steps businesses can consider as they work to mitigate data breach litigation risk.
Scott Loughlin: Contact
Allison Holt Ryan: Contact
Adam Cooke: Contact
The European Commission’s adoption of its adequacy decision for the EU-U.S. Data Privacy Framework cleared the way for U.S.-based entities to certify their participation and begin importing EU personal data. In this second installment of a two-episode series, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, chats with U.S.-based colleagues, partner Bret Cohen, and senior associates Julian Flamant and Natalie Perez, to discuss the history of Trans-Atlantic data flows and unpack how U.S. importers can leverage the Framework.
Scott Loughlin: Contact
Bret Cohen: Contact
Julian Flamant: Contact
Natalie Perez: Contact
The explosive growth of direct-to-consumer health and wellness technologies that increase the amount of health data collected from consumers has triggered further action by [state legislators and] federal regulators. Scott Loughlin, co-lead of the Privacy and Cybersecurity practice, is joined by Hogan Lovells senior associate Alyssa Golay and associate Fleur Oké to discuss the proposed changes to the FTC’s Health Breach Notification Rule (HBNR), recent enforcement actions, regulator guidance, and what these actions mean for health and wellness technologies and their use of consumer data.
Scott Loughlin: Contact
Alyssa Golay: Contact
Fleur Oké: Contact
India will have a new comprehensive privacy law, which will shake up the data protection world in the region and require companies to rethink their global privacy compliance programs. In this episode, Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice is joined by Stephen Mathias, Partner and Co-Chair of the Technology Practice at Kochhar & Co, a leading law firm in India, to discuss the new law, which is named the Digital Personal Data Protection Bill 2023 (DPDPB). Scott and Stephen go into detail regarding the DPDPB’s areas of focus, how it compares to the GDPR, and what significant obligations and ramifications the bill has for global compliance programs and those who oversee them.
Scott Loughlin: Contact
In this episode, Scott Loughlin, co-lead of the Privacy and Cybersecurity practice, is joined by senior counsel and co-founder of the Hogan Lovells Privacy and Cybersecurity practice, Christopher Wolf, for a discussion the beginnings of privacy law. Chris details how he, along with other key originators, drove the creation of privacy as a distinct legal practice area. He provides great insight on the evolution of the industry, and more importantly, his forecast on where privacy is headed and what new attorneys or law students should know as they consider a focused practice in privacy.
Scott Loughlin: Contact
Christopher Wolf: Contact
Welcome to Hogan Lovells’ The Data Chronicles, brought to you by the firm’s global Privacy and Cybersecurity practice. This multimedia series is dedicated to the ever-changing legal and regulatory developments in the world of data, privacy, and cybersecurity. Join us as we unravel and unpack various regulatory frameworks and legal developments around the globe.
Scott Loughlin: Contact
Automobile original equipment manufacturers (OEMs) are increasingly incorporating biometric trackers and analytics into a broad array of vehicle features to improve security and safety. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, interviews Hogan Lovells partner James Denvil, senior associate Alicia Paller, and associate Jay Ettinger on how the use of biometric data continues to play an increasingly prominent role in the automotive industry, U.S. legal traps for unwary, and how litigation is likely to follow.
Scott Loughlin: Contact
James Denvil: Contact
Alicia Paller: Contact
Jay Ettinger: Contact
Earlier in July, the European Commission adopted its eagerly anticipated adequacy decision on international data transfers under the EU-U.S. Data Privacy Framework. The adequacy decision was preceded by substantial changes to U.S. intelligence-gathering requirements that have cleared the path for transfers of EU personal data. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, interviews Hogan Lovells partner Eduardo Ustaran and senior associate Julie Schwartz on what the adequacy decision means for EU-based data exporters and the future of the framework in light of expected legal challenges.
Scott Loughlin: Contact
Eduardo Ustaran: Contact
Julie Schwartz: Contact
This episode explores the launch of the Federal Communications Commission (FCC) first-ever privacy and data protection task force, developed to address broader data privacy concerns. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, hosts a discussion with Hogan Lovells partner Katy Milner and senior counsel Charles Mathias regarding the creation of the task force and what this means for the future of privacy regulation and oversight in the telecommunications industry and beyond.
Scott Loughlin: Contact
Katy Milner: Contact
Charles Mathias: Contact
En liten tjänst av I'm With Friends. Finns även på engelska.