On 17 May 2024, Colorado Governor Polis signed the landmark Colorado AI Act (Senate Bill 24-205) into law. Colorado is now the first US state with comprehensive AI regulation, adopting a classification system like the EU’s recent AI Act. The law will take effect 1 February 2026.

Data is a critical asset in today’s globally connected economy. Rapidly evolving technologies have made it easier than ever for companies to collect, use and transfer data throughout the world. Yet strict data protection, privacy and cybersecurity regulation is evolving rapidly, imposing complex and often inconsistent standards. Our Global Data Privacy & Cybersecurity Handbook is updated annually to help you keep up with the dynamic legal landscape. We provide detailed overviews and allow a comparative perspective of the increasingly complex and sophisticated data privacy and cybersecurity standards in over 50 countries.

The recent proliferation of artificial intelligence (AI) tools, particularly generative AI tools, has brought these questions to the forefront of ongoing conversations about the role that AI will play in the marketplace. As an advocate for and enforcer of consumer protection laws, the US Federal Trade Commission recently offered reminders and recommendations for companies offering digital products and AI tools.

On 26 July 2023, the US Securities and Exchange Commission (SEC) approved the final rules for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure. The SEC first proposed amendments to its rules on disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies on 9 March 2022.

Baker McKenzie, in partnership with Accenture LLP, invites in-house corporate legal teams and interested business stakeholders to join us in person on Thursday, 1 June 2023, to discuss how various legal departments are addressing AI and how companies are managing these challenges and risks. The event will take place in the Baker McKenzie Chicago office.

Explore Data PULSE, a platform which helps you to navigate the complex landscape of data, regulatory and IP protection concerns at each stage of the medical product life cycle. As you navigate through each key issue, Data PULSE will help you to identify and mitigate risks across multiple jurisdictions and optimize your strategy through research, market authorization and post-market study phases.

Baker McKenzie’s Sanctions Blog published the alert titled What are the data privacy implications of “leaving Russia”? on 18 March 2022. Read the article via the link here. Please also visit our Sanctions Blog for the most recent updates.

To highlight data security and privacy laws and developments that are already in place, or in progress, in Africa, the new Baker McKenzie Africa Data Security and Privacy Guide outlines information on country-specific data privacy and security laws in 11 countries in Africa – Ghana, Kenya, Madagascar, Mauritius, Morocco, Nigeria, Rwanda, South Africa, Togo, Uganda and Zimbabwe

Welcome to The Employer Rapport, Baker McKenzie’s Labor and Employment video chat series for US multinational employers. In each on-demand episode, our lawyers provide insights and quick, practical tips on today’s most pressing issues and legal developments impacting employers both at the domestic and global levels. This week we discuss What’s the Fate of the Federal Contractor Vaccine Mandate After SCOTUS’s Stay of the OSHA ETS?

A flaw in a widely used software threatens system security and makes companies vulnerable to cyber threats. The Apache Software Foundation released an advisory that Apache Log4j versions up to and including 2.14.1 have a defect that may allow threat actors to execute arbitrary code and deploy viruses including ransomware on that IT infrastructure. Entities that directly or indirectly leverage this software should act with haste to mitigate the risk of a data incident. These events present companies an opportunity to examine internal incident response preparedness and review the allocation of responsibilities in vendor agreements.