Whether malicious or inadvertent, workforce actions cause or contribute to over half of cyber attacks experienced by organizations. Protecting against such “insider” cyber risks can be challenging, especially given the global web of privacy, communications secrecy, and employment laws that may be implicated by monitoring workforce use of IT resources.
Harriet Pearson and James Denvil, lawyers in the Hogan Lovells Privacy and Cybersecurity practice, have led the authorship of a white paper to help companies understand and navigate the workforce cyber risk landscape. An international team of privacy and cybersecurity lawyers from Hogan Lovells and select local counsel firms contributed to the analysis.
This white paper does three things:
- Summarizes the key legal issues implicated by such workforce monitoring programs;
- Describes the relevant legal frameworks in 15 major countries, including several European Union member states; and
- Provides practical tips that organizations can adopt when developing global cyber defense programs.
While not constituting legal advice, this new Hogan Lovells white paper can be a valuable resource to organizations seeking to benchmark or assess their insider cyber threat programs.
Click here to access the full white paper and additional information from the authors.
Growing evidence suggests that existing Telephone Consumer Protection Act (“TCPA”) compliance challenges, and the current TCPA litigation landscape, are increasingly a threat to many U.S. companies – particularly small businesses that have fewer resources and could face financial ruin if targeted by a class action lawsuit. To help address this issue and support the U.S. economy, Congress and the Federal Communications Commission (“FCC”) should revise the current TCPA framework and facilitate reasonable, practical compliance approaches for companies attempting in good faith to communicate with customers.
On 6 October, the German Federal Cartel Office (“FCO”) launched its new series of papers on “Competition and Consumer Protection in the Digital Economy”. The first paper deals with “Big Data and Competition”. The same day, a “real-life example” of competition enforcement in Big Data became public. The EU Commission confirmed unannounced inspections in “a few Member States” concerning online access to bank customer’s account data by competing service providers.
In the words of Andreas Mundt, president of the FCO “the special characteristics of digital markets have created new challenges for competition policy and enforcement.” With its new series of papers the FCO continues the public debate on topical competition policy issues highlighting the interfaces between digitalization, competition and consumer protection. The now published paper on “Big Data and Competition” explains the specifics of data-based, digital markets. It highlights the role data can play in competitive analysis and stresses the importance of data protection issues for competition law proceedings.
- Data in the competitive analysis
The FCO clarifies that data based business models can have pro-competitive as well as anti-competitive effects. Regarding potentially critical topics, the paper mainly discusses the following scenarios where data could negatively impact on competition: (1) Data as a source of market power; (2) Data as the origin of increased market transparency facilitating collusion; (3) Data pooling and cooperations between competitors and (4) Data driven anti-competitive behaviors. Finally, the FCO briefly addresses the interplay between data protection and competition law (5).
The European copyright reform is underway. The heart of this process clearly is the draft for a Directive on Copyright in the Digital Single Market (COM 2016(593) final). The draft is and the proposed amendments to it are currently being considered by the European Parliament. The debate is led by the Committee on Legal Affairs (JURI). It was anticipated that JURI would have its final vote on the amended wording on 10 October 2017. However, the draft Copyright Directive has recently been removed from the agenda for that date. For now, it seems that we will have to wait until JURI’s next session on 7 December 2017 to see the bill progressing.
It is not the first time the copyright reform has been taken off JURI’s agenda. Initially, the committee had planned to take its vote on the final language in late September 2017. However, it was not going to happen. Too much was on the committee’s plate. The second postponement now tells an ongoing story. The changes that the new copyright directive shall bring about are broad in nature and impact.
The main reason for the delay obviously is the high number of suggested amendments we have seen since the Commission announced its initial draft – in total 996! The original draft dates back to 14 September 2016. It involves several highly controversial and sensitive copyright issues. The two most contentious issues are the creation of a new neighbouring right for press publishers (Article 11) and the introduction of new monitoring obligations for certain online service provider (Article 13) (see our blog posts here and here).
Welcome to the Hogan Lovells Global Payments Newsletter. In this monthly publication we provide an overview of the most recent payments, regulatory and market developments from major jurisdictions around the world as well as sharing interesting reports and surveys on issues affecting the market.
Key developments of interest over the last month include:
France publishes seven Decrees to complete the implementation of PSD2: The French government has published seven Decrees to supplement the Ordinance 2017-1252 implementing PSD2 which address requirements applying to payment institutions and mandatory information to be used in payment services contracts.
UK FCA publishes revised guidance and Handbook rules for PSD2: On 19 September 2017, the FCA published the final revisions to its Payment Services Approach Document to reflect PSD2, the UK Payment Services Regulations 2017, and industry feedback.
Developments in PSD2 implementation in Italy: On 15 September 2017, the Italian Government approved, on a preliminary basis, a draft decree implementing PSD2 and the Interchange Fee Regulation and published an accompanying explanatory memorandum.
To view a PDF of the full Newsletter please click here. You can also follow us on Twitter at @HLPayments for regular news and updates.
On 21 September 2017, the Federal Court of Justice (Bundesgerichtshof – BGH) handed down a judgment of utmost importance for the exploitation of copyright on the Internet. It will become known and referred to under the name “Vorschaubilder III” (“Thumbnail III“). And, it is already to be anticipated that it will leave both experts and industry divided. From the perspective of an objective observer, the judges have done nothing but express their view on how the most recent jurisprudence of the Court of Justice of European Union (CJEU) is to be understood and applied at national level. Still, there are aspects in the judgment that will trigger debate.
So far, only the press release has been published, but the core of the judges’ reasoning can already be understood from the press release – even though some details remain unclear and vague (BGH, Case Ref.: I ZR 11/16 – Thumbnails III).
The defendant is the operator of a website (AOL), on which image searches can be run by way of specific search terms being entered by the user. It is based on a search engine operator’s image search services, more precisely, on the Google Image Search. In the list of results produced by the website, small images are displayed to the user, the so-called “previews” or “thumbnails“.
Please join us on 17 October when we will be hosting our annual Intellectual Value seminar – this year focusing on ‘The Connected World’ and a variety of topics from across the Internet of Things.
From factories to offices, vehicles to homes, smart technologies are transforming every aspect of our society – and they’re here to stay. Businesses need to position themselves to take advantage of the opportunities that increased connectivity creates, and particularly those concerning the underlying data it generates. Knowing how to do so, what the limits are, and where opportunities lie is the key to success.
Topics and themes:
- Complying with the GDPR in a connected world
- Wearable technology – securing the right kind of IP protection
- What is the Digital Single Market and what does it mean for your business?
- 10 steps to cybersecurity – protecting yourself in a connected world
- Drones – is the sky the limit? A look at what restricts or encourages commercial use
We look forward to seeing you there. To register your interest in our event please contact Tom Goddard
Date: 17 October 2017
Venue: Hogan Lovells, Atlantic House, Holborn Viaduct, London, EC1A 2FG Map
Time: 09:00 Registration, 09:30 Seminar, 12:00 Lunch
A new study has found that litigation involving the Telephone Consumer Protection Act (“TCPA”) has increased 50 percent since the Federal Communications Commission released its July 2015 “Omnibus” Declaratory Ruling and Order, which had purported to clarify several issues around the agency’s TCPA rules. As explained below, this continuing trend is one of many reasons that Congress and the FCC should revisit the TCPA framework and provide reasonable, practical compliance approaches for good-faith callers.
Evidencing in court that a defamatory statement has caused harm to your reputation can be notoriously difficult. The courts in the UK have therefore traditionally proceeded on the basis that, where a statement is proven to be defamatory, harm is presumed, unless the defendant can prove otherwise. This approach was brought into doubt by the Defamation Act 2013 (the “Act”), which requires that the harm caused by defamation must be “serious” before it is actionable. Does this mean the claimant must now prove that serious harm has been caused in every case?
In Lachaux v Independent Print Ltd  EWCA Civ 1334, the Court of Appeal has reversed an earlier decision of the High Court and confirmed that following the Act there is still a presumption of harm in defamation cases. However, there is no presumption that “serious” harm has been caused, which would need to be proven by the claimant.
The case concerned a series of articles published by the Huffington Post, The Independent and The Evening Standard in 2014 that suggested Bruno Lachaux, a French aerospace engineer, was guilty of domestic violence, child abduction and manipulating the Emirati legal system to deprive his former partner of access to their child, Louis.
At the annual Smallsat conference in Logan, Utah, the Commercial Smallsat Spectrum Management Association (CSSMA) held its first meeting since legally forming earlier this month. A number of well-known smallsat operators and other companies have joined the organization, which seeks to advance a number of goals common to the smallsat community. These goals include creating conditions for a transparent and expedited spectrum coordination process for shared spectrum and advocating CSSMA views on spectrum management and other policy matters affecting the smallsat community.