by Charu A. Chandrasekhar, Avi Gesser, and Adam Shankman
Left to right: Charu A. Chandrasekhar, Avi Gesser, and Adam Shankman (photos courtesy of Debevoise & Plimpton LLP)
We recognize it’s a little early to make the call for the biggest AI challenge for 2026, but we’re pretty confident that NDAs and other contractual use limitations are about to become a significant problem for enterprise AI adoption.
by Charu Chandrasekhar, Avi Gesser, Jeff Robins, Kristin Snyder and Achutha Raman
Left to Right: Charu Chandrasekhar, Avi Gesser, Jeff Robins, Kristin Snyder and Achutha Raman (Photos courtesy of Debevoise & Plimpton LLP)
Generative artificial intelligence (“GenAI”) innovations are rapidly transforming the formulation, analysis, and delivery of investment advice. Many broker-dealers and investment advisers are embracing GenAI to support one or more parts of the investment lifecycle—synthesizing investment research; undertaking trend analysis, anomaly detection, and pattern recognition for risk modeling and market surveillance; and performing large-scale data extraction and analysis.
by Jonny Frank and Jerry McAdams
Left to right: Jonny Frank and Jerry McAdams (photos courtesy of StoneTurn Group, LLP)
Looking to mitigate tariffs, companies are purchasing foreign products through Duty Paid (“DDP”) transactions marketed by foreign suppliers as turnkey solutions. DDPs promise efficiency but often deliver exposure. Under U.S. law, the importer—not the supplier—remains legally responsible for accurate customs declarations, tariff payments, and regulatory compliance. When suppliers cut corners or game the system, the importer inherits the fallout, including potential Customs Border Protection (“CBP”) penalties, DOJ criminal prosecution and False Claim Act (“FCA”) exposure.
by Sabrina Hannam, Ibe Imo, Shana Sharan, and Ash Buonasera
Left to right: Sabrina Hannam, Ibe Imo, Shana Sharan and Ash Buonasera (photos courtesy of Boardswell)
In the high-stakes world of private equity, venture capital, and technology, a silent revolution is underway, transforming the very essence of how firms operate and compete. It’s a story not of human titans clashing in boardrooms, but of a new collaborator—Artificial Intelligence (AI)—that is rewriting the rules of engagement for human capital management. Once a tool for streamlining simple tasks, AI has evolved into a “digital colleague,” capable of autonomous decision-making and strategic support that extends far beyond the traditional confines of talent acquisition. This shift is challenging long-held practices and heralding an era where success is no longer solely defined by human intuition but by a symbiotic relationship between bold leadership and intelligent machines. Continue reading
by Arsen Kourinian, Ruth Zadikany, and Remy N. Merritt
Left to right: Arsen Kourinian, Ruth Zadikany, and Remy N. Merritt (photos courtesy of Mayer Brown)
The California Civil Rights Council (CRC) recently announced that it has finalized regulations that clarify how California’s anti-discrimination laws apply to the use of artificial intelligence (Al) and automated decision systems (ADSs) in employment decision-making (the “Regulations”). The Regulations provide that the use of an ADS (including Al) in making employment decisions can violate California law if such tools discriminate against employees or applicants — either directly or due to disparate impact — on the basis of protected characteristics (including race, age, religious creed, national origin, gender, and disability).
by Avi Gesser, Jim Pastore, Matt Kelly, Gabriel Kohan, and Jackie Dorward
From left to right: Avi Gesser, Jim Pastore, Matt Kelly, Gabriel Kohan, and Jackie Dorward (photos courtesy of Debevoise & Plimpton LLP)
As the first quarter of 2025 draws to a close and we look ahead to the spring, important changes to the Federal Rules of Evidence (“FRE”) regarding the use of AI in the courtroom are on the horizon. Specifically, the Federal Judicial Conference’s Advisory Committee on Evidence Rules (the “Committee”) is expected to vote on at least one AI-specific proposal at its next meeting on May 2, 2025. The Committee has been grappling with how to handle evidence that is a product of machine learning, which would be subject to Rule 702 if propounded by a human expert.
by Charu A. Chandrasekhar, Erez Liebermann, Benjamin R. Pedersen, Paul M. Rodel, Matt Kelly, Anna Moody, John Jacob, and Talia Lorch
Top (left to right): Charu A. Chandrasekhar, Erez Liebermann, Benjamin R. Pedersen, and Paul M. Rodel. Bottom (left to right): Matt Kelly, Anna Moody, John Jacob, and Talia Lorch. (Photos of courtesy of Debevoise & Plimpton LLP)
On December 18, 2023, the Securities and Exchange Commission’s (the “SEC”) rule requiring disclosure of material cybersecurity incidents became effective. To date, 26 companies have reported a cybersecurity incident under the new Item 1.05 of Form 8-K (“Item 1.05”). After over a year of mandatory cybersecurity incident reporting, we examine the key trends and takeaways.
In early 2024, companies filed a flurry of Forms 8-K under Item 1.05, which stated that the relevant cybersecurity incidents did not have material impacts on the companies’ financial conditions or results of operations. These disclosures were in response to the SEC’s rules requiring that cybersecurity incident disclosures include a description of “the material aspects of the nature, scope, and timing of the incident, and the material impact or reasonably likely material impact on the issuer, including its financial condition and results of operations.” Following these disclosures, the SEC clarified its expectations for cybersecurity incident reporting in a statement issued by the Director of the SEC’s Division of Corporation Finance (the “Statement”), as well as through several comment letters issued by the Staff of the SEC (the “Staff”) to companies which filed Item 1.05 Forms 8-K.
by Katja Langenbucher and Kevin Bauer
Left to right: Katja Langenbucher and Kevin Bauer (photos courtesy of authors)
A little over a year ago, the SCHUFA tightened the requirements for credit scoring under the EU GDPR. On February 27, the Court handed down further instructions on providing scored consumers with “meaningful information about the logic involved” as required by Art. 15(1)(h) of the GDPR.
by Amber C. Thomson, Howard W. Waltzman, Kathryn Allen, and Megan P. Von Borstel
Amber C. Thomson, Howard W. Waltzman, Kathryn Allen, and Megan P. Von Borstel (Photos courtesy of Mayer Brown)
As the digital world becomes an integral part of children’s lives, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This article explores the recent developments in state and federal children’s privacy legislation, examining how states are shaping the future of online safety for minors and shedding light on amendments to the federal Children’s Online Privacy Protection Act.
As social media companies and digital services providers increasingly cater to younger audiences, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This Legal Update explores the recent developments in state and federal children’s privacy legislation, examining how states are shaping the future of online safety for minors and shedding light on amendments to the federal Children’s Online Privacy Protection Act (“COPPA”).
by Marc Gilman
Photo courtesy of the author
On December 5, 2024, the U.S. Commodity Futures Trading Commission (the “CFTC,” or the “Commission”) staff issued an advisory related to the use of artificial intelligence (“AI”) by CFTC-registered entities and registrants (the “Advisory”). In tandem, two CFTC representatives – Chairman Rostin Behnam and Commissioner Kristin N. Johnson – released statements supporting the Advisory and offering thoughts about the current and future implications of AI on CFTC registrants. This blog post will summarize the contents of the Advisory as well as the related statements of the CFTC representatives to collect a set of practical considerations for designing CFTC compliance programs to meet evolving regulatory expectations for the use of AI.