On 11 November, 2016, Hong Kong’s Applied Science and Technology Research Institute (“ASTRI“) published its “Whitepaper On Distributed Ledger Technology” (the “DLT Whitepaper“), a substantial research exercise commissioned by the Hong Kong Monetary Authority (the “HKMA“).
The DLT Whitepaper is a useful and well-informed introduction to blockchain, or distributed ledger technology (“DLT“), as it is referred to throughout the paper, with a focus on how DLT may be used to enhance Hong Kong’s banking system. Of particular interest is the discussion of a proof of concept project in mortgage loan applications that ASTRI has been developing with a number of Hong Kong’s leading banks.
DLT has been widely touted for its potential to revolutionise financial services across a range of applications, from crypto-currencies to digital identity systems to smart contracts to fully automated clearing and settlements systems for payments and securities. The discussions are often expansive, ambitious and high level, making it difficult to bring a legal or regulatory assessment to any particular solution being proposed. The DLT Whitepaper is different. It does much to move forward discussion about Hong Kong’s future in blockchain through its sharp focus on a specific proof of concept project, and at the same time recognises that there are legal and regulatory concerns that will need to be addressed in order to see this solution through to fruition.
The Internet of Things continues to draw broad interest from policymakers and regulators around the globe. Following on the heels of a major distributed denial-of-service attack in October 2016 that leveraged potentially millions of compromised IoT devices, members of Congress have sent letters to US federal agencies regarding the risks posed by insecure IoT devices and held a hearing about what if anything should be the US federal response to such IoT-driven cyberattacks. Against that backdrop, in November 2016 two US federal agencies have issued guidance on securing IoT.
National Institute of Standards and Technology (NIST)
After four years of work, NIST (part of the Department of Commerce) on November 15 released groundbreaking guidance on securing the Internet of Things. NIST Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems (NIST SP 800-160), focuses on how to create IoT devices that are fit-for-purpose from a security perspective (akin to how society expects a bridge to be engineered against collapse). NIST approaches IoT security challenges from a systems engineering perspective, leveraging existing international standards for systems and software engineering (e.g., ISO/IEC/IEEE 15288) to consider the entire lifecycle of IoT device security. As a result, the publication is targeted not only to engineering professionals, but also to individuals with security governance, risk management, and oversight responsibilities and it will likely be an influential resource for regulators and others considering the appropriateness of IoT security efforts.
The Internet of Things (“IoT”) connects markets and supply chains around the world. Industry, governments and consumers around the world are embracing IoT technologies to improve research and public policy, to accelerate service delivery and to monitor global development programs across healthcare, agriculture, natural resource management, climate, and energy sectors. Industry experts project that between 20 to 30 billion IoT devices will connect to the internet by 2020. Some estimate that IoT could generate up to $11.1 trillion per year in economic value across industries, comprising up to 11 percent of the world economy by 2025.
IoT is not a single network of connected devices, but a set of technologies that must communicate with one another to function. To function properly, information must flow across international borders in a standard fashion often using globally or regionally harmonized radiofrequency spectrum. The flow of IoT-generated information today is significant, but barriers to information sharing remain.
Leaders from the public and private sectors recently analyzed the relationship between federal spectrum policy and the Internet of Things (IoT) at the Fifth Annual Winnik International Telecoms and Internet Forum. In a discussion co-moderated by Hogan Lovells Partners Trey Hanbury and Mark Parsons, panelists explored the demands IoT will impose on networks and proposed regulatory strategies that could encourage innovation and investment in IoT.
More spectrum is not enough, cautioned Renee Gregory, Senior Policy Advisor at the White House Office of Science and Technology Policy. According to Gregory, IoT will require carriers and edge providers to use more efficiently spectrum that is already available. Virginia Lam Abrams, Senior Vice President, Communications & Government Relations at Starry, Inc., agreed. She said the “spectrum crunch” presents an opportunity for startups to develop new technology to offer service over high-frequency “junk bands” previously considered unusable. (Starry’s technology, for example, uses the 37 GHz band to deliver gigabit internet to the home.) Continue Reading
Hogan Lovells’ Winnik International Telecoms & Internet Forum explored how the Internet of Things (IoT) may continue to expand the scope of cybersecurity concerns. Cybersecurity risks for the IoT were previously synonymous with enterprise products. Now these risks extend to consumer devices, services and applications.
According to cybersecurity leaders attending the forum, the IoT market needs new, market-driven approaches to cybersecurity given the number of at-risk IoT products and services. Travis LeBlanc, Chief of the Federal Communications Commission’s (FCC) Enforcement Bureau, said while the number of IoT devices has exploded, the existing 500 million IoT devices with outdated security features are “not going anywhere.” According to LeBlanc, “government needs to incentivize the entire [IoT] community because individual networks may not be affected.” LeBlanc reviewed various government initiatives from the FCC, Federal Trade Commission, National Telecommunications and Information Administration, and the National Institute of Standards and Technology. He said innovation is outpacing regulation. According to LeBlanc, government should not over-regulate because doing so would restrain innovation. He added that, while achieving perfectly secure devices and networks is impossible, industry and government can better manage risks through collaboration, consumer education, and multi-national efforts to confront global cybersecurity threats.
Welcome to the Hogan Lovells Global Payments Newsletter. In this monthly publication we provide an overview of the most recent payments, regulatory and market developments from major jurisdictions around the world as well as sharing interesting reports and surveys on issues affecting the market.
Key developments of interest over the last month include:
- UK PSR policy statement on IFR guidance (phase 2): The UK Payment Systems Regulator has published a policy statement on guidance on its approach as a competent authority for the EU Interchange Fee Regulation. See our client briefing on the PSR’s final guidance here.
- Australia to regulate Bitcoin exchanges under AML laws: The Australian government wants to begin drafting legislative proposals to update its anti-money laundering laws to include bitcoin and other digital currency exchanges by the middle of next year.
- Singapore and South Korea sign cooperation agreement in FinTech: The agreement provides a framework for cooperation in FinTech between Singapore and South Korea. Under the agreement, the Monetary Authority of Singapore and the Korean Financial Services Commission will explore potential joint innovation projects on technologies such as big data and mobile payments.
To view a PDF of the full Newsletter please click here. You can also follow us on Twitter at @HLPayments for regular news and updates.
A further step towards the reform of European copyright was taken On 29 November 2016. The Committee on Legal Affairs of the European Parliament (JURI) not only voted for a proposal for a regulation on ensuring the cross-border portability of online content services in the internal market; in its Brussels meeting, JURI also organized a public hearing regarding one specific and highly discussed aspect of the current reform of European copyright – potential obligations for service providers. In the context of the very diverse Digital Single Market Strategy, the European Commission presented in total five drafts in order to modernize copyright law in the EU that have to pass the legislative process (see also our blog post).
Connected devices are everywhere and create a wealth of data. How do we understand and use this data? And how do we protect it against disclosure and attack?
With questions like these, Stacey Higginbotham, creator of the Internet of Things Podcast and the “Stacey Knows Things” newsletter, launched an “armchair discussion” about the Internet of Things (“IoT”) during Hogan Lovells’ recent Winnik International Telecoms & Internet Forum. The discussion featured Dean Brenner, Senior Vice President, Government Affairs for Qualcomm Incorporated and Jonathan Adelstein, President and CEO of the Wireless Infrastructure Association.
Our cross disciplinary London “Tech Hub” last night hosted a great dinner for clients. Greg Williams, Executive Editor of WIRED led a wide ranging discussion. Given “Chatham House rules”, here’s a purely personal perspective on the debate.
We were inspired by the next wave of technologies – from autonomous vehicles to mixed reality. We were sometimes amused by the prospect of changes in ways that we interact with technology – from a touch centric experience to one built around vision and voice. But, perhaps prompted by reflections on the events of 2016, it was striking that the focus of the discussion moved quickly from the technology itself to ways in which it is used (and potentially abused) by society.
Since the dawn of history inventors and innovators have rarely anticipated how their creations will be used. New applications of technology change the way people live and work but society has always taken time to understand those changes and to create new frameworks, often reflected in the law, to manage change in socially beneficial ways.
An era where speed of technological progress, and the ability of new technologies to spread, are accelerating exponentially sets society new challenges. Should companies whose products reach billions globally within a few short years of launch be “responsible” for the way those products are used or the jobs that they displace? Can society get ahead of the game and set rules for the coming era of Artificial Intelligence (and what happens if it doesn’t)? Does the state need to play a fundamentally different role in helping people to understand, and take a degree of control (personally or through social institutions) over technology and its application? How do we govern essentially global challenges which do not respect borders in a world where protectionist sentiments appear to be on the rise?
We see symptoms of these issues in our work every day but, too often, they remain niche topics discussed only within the “tech community”. Yet technology has become has all pervasive as money – arguably even more so. Just as we wouldn’t regard banks as the only people who should be engaged in a debate about the role of money in our economy and society, the overriding lesson from a fascinating discussion is that technology is too important to be left to technologists.