Search results

International transfers in the limelight again with Belgian decision on FATCA data transfers to the US On 24 April 2025, the Belgian Data Protection Authority (DPA) ruled (once again) that transfers of personal data by the Belgian Federal Public Service Finance (FPSF) to the US tax authority under the US Foreign Account Tax Compliance Act (FATCA) are not c... Cyber 2025 – an update on recent developments in a busy cyber year 2025 is shaping up to be a busy year for cyber, as discussed in our new cyber podcast series. The recent retailer headlines are a stark reminder of the devastating impact a cyber-attack can have on an organisation, but they are not the only developments w... The countdown to the European Accessibility Act is almost over – businesses must comply by 28 June Businesses have just over one month to comply with the European Accessibility Act (EAA). The new Directive aims to enhance the inclusion of persons with disabilities and imposes accessibility requirements for certain products and services across the EU. W... Commission updates Model Contractual Clauses for AI procurement As organisations look to procure AI, many are developing contractual clauses to manage AI specific risks. But what should those clauses include? And will they help compliance with laws such as the EU’s AI Act? The European Commission have recently updated... Go compare! Court of Appeal confirms comparables approach for assessing FRAND royalties The Court of Appeal has confirmed, in Optis v Apple, that a conventional comparables-based approach should be adopted by the English courts when assessing FRAND royalties, overturning the first instance decision and rejecting the High Court’s novel, top-d... AI Act deadline missed as EU GPAI Code delayed until August As readers of this blog will know, the final version of the EU’s General Purpose AI (GPAI) Code of Practice was due to be published by 2 May. We, like many others, had been keeping a keen eye out for that final draft, but, alas, the deadline has come and ... Cyber and data incident preparedness: Know your insurance Cyber is in the headlines again, with M&S and other retailers suffering attacks and the cause of the power outage in the Iberian peninsula not yet clear. What is clear, however, is that cyber attacks continue to increase among medium and large businesses ... The UK Formalises Pathway for AI Growth Zones Designation On 30 April 2025, the UK government launched the formal qualifying process of its Artificial Intelligence Growth Zones (AIGZ) initiative. AIGZs intend to catalyse the deployment of AI technology infrastructure—principally hyperscale data centres and high-... Transfer pricing, permanent establishment and diverted profits tax reform – draft legislation As we previously reported, on 28 April 2025 the UK government announced a technical consultation on draft legislation (the Draft Legislation) to reform the UK’s transfer pricing, permanent establishment (PE) and diverted profits tax (DPT) legislation. Res... When Decentralisation Meets Regulation: How Blockchain and GDPR Can Coexist We have prepared a more detailed client briefing on this topic. Read our full client briefing here. The European Data Protection Board (EDPB) has released its long-awaited draft Guidelines on processing of personal data through blockchain technologies.  I...