Despite recent focus on artificial intelligence (AI) by U.S. financial regulators, the Securities and Exchange Commission (SEC), Commodity Futures Trading Commission (CFTC), and Financial Industry Regulatory Authority (FINRA) have not yet issued new regulations specifically addressing the use of AI. Nonetheless, during the Biden administration, guidance from these agencies emphasized the necessity of responsible use
Data Matters
Blog Authors
Latest from Data Matters
U.S. Copyright Office Issues Report on Artificial Intelligence and Copyrightability
On January 29, 2025, the U.S. Copyright Office issued the second part of its Report on Copyright and Artificial Intelligence, following a Notice of Inquiry (NOI) the Office issued in 2023. The first part of the Office’s Report, released in July 2024, addressed digital replicas. This second part addresses copyrightability, an issue that attracted considerable…
EU Commission Launches Cybersecurity Action Plan for Hospitals and Healthcare Providers
On January 15, 2025 the EU Commission published an action plan with an aim to support cybersecurity in hospitals and healthcare providers in the EU (the Action Plan). The Action Plan is another response by the EU to the increasing cybersecurity threats facing all industries, including the health sector. The Commission notes that this…
With New Technologies Come New Risks: FINRA Issues 2025 Regulatory Oversight Report
Last week, the Financial Industry Regulatory Authority (FINRA) published its 2025 Annual Regulatory Oversight Report. The 80-page report hits on a number of familiar themes and subjects and includes two new areas of focus: 1) risks arising from the use of third-party vendors, including cybersecurity and data privacy risks, and 2) extended-hours trading services, which…
CMS Seeks Comments on Proposed Guidance Addressing Study Protocols That Use Real-World Data
On January 17, 2025, the Centers for Medicare & Medicaid Services (CMS) issued a proposed guidance document on study protocols that use real-world data (RWD). The proposed guidance focuses on studies with RWD sources in the context of Medicare National Coverage Determinations (NCDs) using CMS’s Coverage with Evidence Development (CED) paradigm. It presents a proposed…
Data Privacy and Cybersecurity Outlook for 2025: What Financial Services Firms Need To Know
Last year saw many developments across the worldwide data privacy and cybersecurity landscape, including in the EU/UK, and this momentum shows no sign of slowing in 2025. The EU General Data Protection Regulation (GDPR) enters its seventh year in May 2025. New cybersecurity and operational resilience legislation and related guidance are coming into force to…
European Health Data Space Regulation Adopted: What’s Next for Life Sciences Companies?
On January 21, 2025, the European Health Data Space Regulation (EHDS) was formally adopted by the Council of the European Union. This marks the near-final step in the adoption process, and the text will be published in the coming weeks. Importantly for life sciences companies (pharma, biotech, and medtech), the EHDS’ so-called secondary use provisions…
U.S. Department of Commerce Finalizes Connected Vehicles Supply Chain Restrictions
On January 16, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) published a Final Rule formalizing prohibitions on certain connected vehicles (CVs) transactions involving hardware and software linked to the People’s Republic of China (China) and Russia.1 The Final Rule is scheduled to…
New U.S. Export Controls on Advanced Computing Items and Artificial Intelligence Model Weights: Seven Key Takeaways
On January 15, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) published in the Federal Register updated export controls on advanced computing items (including advanced integrated circuits (ICs) and related equipment, software, and technology) and, for the first time, controls on artificial intelligence (AI) model weights under the Export Administration Regulations (EAR). These new regulations…
Action Items for U.S. Public Companies for 2025
Rapid rulemaking and aggressive enforcement by the SEC, combined with legislative, judicial, and regulatory developments, have created new requirements and expectations for U.S. public companies.
The post Action Items for U.S. Public Companies for 2025 appeared first on Data Matters Privacy Blog.