Investigations Under Pressure: Navigating AI, Cybersecurity, Privacy and Platform Regulation

As digital systems grow more complex, regulatory investigations are increasingly triggered by AI-related failures, cybersecurity incidents and platform and data protection breaches. This session offers a practical framework for privacy, legal and compliance professionals navigating high-stakes investigations across multiple regulatory environments. We will examine how investigations are initiated -often unexpectedly- and what regulators are looking for in terms of cooperation, documentation and transparency.

We will cover how to protect legal privilege, work effectively with internal teams, and respond to regulatory requirements under frameworks such as the EU AI Act and the U.K.’s sector-specific approach to AI, the U.K. and EU NIS regimes (including NIS2), the GDPR, the Digital Services Act and the U.K. Online Safety Act. We will also look at how engagement with regulators - for example through incident notifications, regulatory sandboxes or transparency reporting - can influence the scope and focus of regulatory oversight, including in related business areas.

Using real-world examples, this session will give participants practical tools to spot investigation risks early, put robust processes in place, and manage the challenges of investigations that involve multiple countries and regulators.

What you will learn:

• Key regulatory triggers under EU and U.K. AI, privacy, platform and cybersecurity frameworks.
• How to improve coordination across product, legal, privacy and security teams in the context of regulatory and internal investigations.
• How to manage legal privilege and cross-border risk in regulatory investigations and enquiries.