Photo of Edward Machin

Rohan Massey and Edward Machin, partner and counsel in Ropes & Gray’s data, privacy & cybersecurity practice will be hosting a webinar on The EU AI Act – The Road to Compliance. The EU AI Act entered into force on August 1st, 2024. The Act is the first piece of comprehensive legislation to

2023 was the year of artificial intelligence — and 2024 is already shaping up to be more (much more) of the same.  The European Union’s legislative bodies passed the AI Act earlier this month, and although the text has yet to be finalised on the world’s first comprehensive AI law, the hype around it already feels unstoppable.  That hype will turn into hard work over the next 12 months, as organisations grapple with understanding their obligations under the Act and putting in a governance framework that meets those obligations.  Needless to say, it will not be an easy task.Continue Reading The Three European Union Laws That Need Your Attention in 2024

Tune in to the third episode of Ropes & Gray’s podcast series, The Data Day, brought to you by the firm’s data, privacy & cybersecurity practice. This series focuses on the day-to-day effects that data has on all of our lives as well as other exciting and interesting legal and regulatory developments in the

The UK Government’s vision for a post-Brexit data protection regime includes controversial changes to the remit and workings of the Information Commissioner’s Office.  In a Privacy Laws & Business article on possible ICO reform, Edward Machin considers what its proposed structure, duties and powers means for the independence of the regulator and its standing on

On July 18, 2022, the UK Government introduced into Parliament the Data Protection and Digital Information Bill (the Data Reform Bill), which proposes legislation to reform the UK data protection regime.  A recent article in Entertainment Law Review by Ropes & Gray attorneys Rohan Massey, Christopher Foo & Edward Machin analyzes the Data Reform Bill’s

On 7 October 2022, the White House issued an Executive Order, as well as an accompanying Fact Sheet, which sets out the foundations for the Transatlantic Data Privacy Framework (“Framework”).

Since the decision of the Court of Justice of the European Uon (“CJEU”) in the Schrems II case in mid-2020, organizations have not