Header graphic for print

Global Media and Communications Watch

The International Legal Blog for the Tech, Media and Telecoms Industry

Posted in Internet, Technology, Telecoms & Broadband

Over-the-air software updates for IoT devices present companies with product liability and safety opportunities — and challenges

Mobile devices within the Internet of Things (IoT) are continuously benefitting from rapid technological advancements. And once those devices are sold to consumers, over-the-air (OTA) software updates ensure they can be modified to stay current with new capabilities. Consumer electronics companies can remotely change product features, deliver messages or warnings, identify safety-related activities, gather data, and solve issues.

But OTA software updates also need to comply with existing and emerging regulations and laws. Companies are wondering whether the availability and ease of OTA updates could also lead to a legal requirement for them to monitor and act on issues — especially those involving safety — over the lifespan of the product. And when software updates can be installed automatically, will there be a need to obtain owner consent?

In this hoganlovells.com interview, Dr. Sebastian Polly, a partner in the Hogan Lovells Munich office, explores how OTA software updates are creating opportunities and challenges for companies in the product liability, safety, and compliance space.

What are OTA software updates and why are they unique?

Polly: OTA means wireless communications. It can be mobile, WiFi, radio — you name it. IoT devices pretty much all have capabilities that allow some form of OTA communications. OTA software updates are a way to allow a manufacturer, supplier, service provider, or another company to remotely access and change the product’s programming. The unique feature is that they can change it, theoretically, whenever and wherever they want, even when the product is long gone — with a customer or user, out there in the field.

Many engineering, quality, and legal departments are just starting to explore opportunities. Remotely updating a product’s software can solve many technical and legal issues. Moreover, OTA software updates can also deliver messages or send warnings directly on the devices to inform customers they’re part of a safety campaign.

Also, once a product has already been on the market for a while, you can theoretically add new features to it or even change the entire way it behaves, or change existing functions and make them better or safer. And you can deactivate certain functions retrospectively. That, of course, goes along with certain legal challenges.

OTA software updates must comply with several areas of law. What are the concerns regarding civil law?

Continue Reading

Posted in Copyright, Digital Single Market (EU) Penny ThorntonAlastair ShawDr. Nils Rauer

DSM Watch: EU Copyright reform – where do we stand?

Reform of EU copyright is the core of the Commission’s Digital Single Market strategy. Various legislative initiatives have been proposed but the “heart” of the reform is without a doubt the proposal for a new copyright directive. While there appears to be a growing consensus on the wording of most articles, a few key provisions remain under debate. In this article we comment on the current 23 April and 17 May 2018 draft proposals published by the Council of the EU (Member State governments’ representatives).

Originally the hope had been to have this legislation finalised by now. However, many provisions have proved controversial. The final vote in the EU Parliament’s committee on legal affairs has recently been postponed to the end of June. The Council published a draft proposal on 23 April 2018. This summarises the main outstanding issues as being: (a) the scope of an additional, optional exception for text and data mining; (b) the scope and term of protection of the press publishers’ right and (c) the scope liability and monitoring obligations for certain service providers (labelled by some the “value gap” provisions). Following a meeting on 27 April, the Council published further draft on 17 May 2018.

Article 3a: Optional Exception for Text and Data Mining

Article 3 of the draft Directive lays down a mandatory exception for reproductions and extractions made by research organisations and cultural heritage institutions in order to carry out text and data mining (TDM) of lawfully accessible works for scientific purposes. In November 2017 the Council introduced a supplementary optional exception for temporary reproductions and extractions of lawfully accessible works that form a part of the process of text and data mining. This optional exception would extend to TDM carried out by investigative journalists and individual researchers and not just research organisations. However, in contrast to the mandatory exception, it only covers temporary reproductions and extractions arising from the process of TDM and would not permit any storage of copies of works. It does not apply if the rights holder has expressly reserved their rights (meaning it can be overridden by contract). Some Member States were concerned that the scope of this optional exception was too broad. However, in the current draft proposal the Council does not propose to limit the scope further.

Continue Reading

Posted in Internet, Policy & Regulation

Is online video like television? New white paper launched today demonstrates that the policing of TV and internet services requires a ‘three layer approach’

TVHogan Lovells and leading TMT consultancy Analysys Mason have launched a white paper today which argues for retaining a ‘three layer approach’ to video regulation in the face of ongoing changes to how video content is consumed by viewers.

After a preliminary political agreement was reached on revision of the EU’s Audiovisual Media Services (AVMS) Directive, the white paper, “TV Regulation in a Digital Age”, explores the ongoing tensions between television and Internet regulation. These tensions are unlikely to disappear, particularly as member states transpose the revised AVMS Directive into national laws, and discuss additional measures to tackle fake news.

Due to be adopted later this year, the revised AVMS Directive will continue to apply to television broadcasters and on-demand services like Netflix. In addition, and for the first time, video-sharing platforms are also intended to be captured by the Directive.

Winston Maxwell, Partner at Hogan Lovells, commented: “Political agreement on the revised AVMS directive is an important first step – but there will be pressure within member states to do more, particularly around fake news.” 

“Strengthening regulation by indiscriminately extending rules – that were designed for traditional TV -to online content, will simply not work. Internet regulation is different, and should remain so.”  

David Abecassis, Partner at Analysys Mason, commented: “Digital transformation is impacting virtually every single industry. There are significant differences between traditional TV and online video platforms, and it is interesting to see how these differences will be reflected in media regulations moving forward.” 

Michael Kende, Senior Adviser at Analysys Mason, added: “Our report provides a detailed analysis of this subject and looks back at developments in TV and on the Internet over the last 15 years. This kind of ‘whole view’ is what is required to keep this industry innovative. We need to be very cautious around any debates which suggest that regulation around the two should be merged in any way.”

Continue Reading

Posted in Policy & Regulation, Technology Helen McGowan

Cross-sector code of conduct for AI – a solution with substance?

On 16 April 2018 the House of Lords Select Committee on Artificial Intelligence published a wide-ranging report on the status of artificial intelligence (“AI”) in the UK.

The report, entitled “AI in the UK: ready, willing and able?” (available here), provides comprehensive coverage of critical issues relevant to the development and use of AI in the UK, such as the potential bias in AI systems; the need for AI systems to be intelligible; funding, education and training in the AI sector; and risk mitigation.

The Chairman of the Select Committee, Lord Clement-Jones, presented a summary of the report at a Law Society event entitled “AI and Ethics: plotting a path to unanswered questions” hosted by Hogan Lovells International LLP on 27 April 2018.

Amongst the many recommendations in the report is that a cross-sector ethical code of conduct for organisations developing and using AI should be drawn up and promoted.

AI risks

The report recognises the significant potential of AI to contribute to economic productivity and for the UK to be among the world leaders in the field of AI, but finds that there are areas of uncertainty which could dissuade investment and potentially hinder uptake of AI by the general population. The report identifies a number of critical risks presented by AI which would need to be mitigated in order to support development and growth of AI systems including:

Continue Reading

Posted in Cybersecurity, Data Protection & Privacy Timothy TobinWinston Maxwell

Straight Talks podcast: Data privacy and cybersecurity in the age of rolling smart devices

The U.S. Environmental Protection Agency was created in 1970 to safeguard the environment against pollutants. The tidal wave of environmental regulations that followed impacted every industry in the United States, especially the automotive market. Decades later, organizations have internalized these regulations into their culture.

Today, the European Union’s General Data Protection Regulation (GDPR) is driving a regulatory wave of similar scope, but now the need is to safeguard data against cyber attacks and privacy breaches. And once again, the automobile industry will feel the regulatory impact. Autonomous and connected vehicles are essentially “rolling smart devices,” and as they enter the mainstream in the EU and United States, automakers are increasingly reliant on data for safe, efficient vehicle operations. But security and privacy concerns and penalties for regulatory noncompliance demand that manufacturers review their policies — and perspectives — on data storage and use.

In this podcast, Tim Tobin and Winston Maxwell, partners at Hogan Lovells, discuss how cybersecurity, data privacy, and ownership concerns are influencing the development of connected and autonomous vehicles.

Click below to start listening to episode 2.






If you missed our first episode on connected and autonomous vehicles and their impacts on product liability, you can listen here.

Stay tuned for the release of episode 3 on Wednesday, May 16, 2018, addressing intellectual property and patent protection issues in the automotive and mobility sector.

Posted in Telecoms & Broadband Mark Brennan

FCC Seeks to Refresh the TCPA Record

Now that the dust has settled from the D.C. Circuit’s highly anticipated Telephone Consumer Protection Act decision in ACA International, et al, v. FCC, the Federal Communications Commission is going back to the drawing board in a new Public Notice that seeks comment on foundational TCPA issues.

In March, the D.C. Circuit struck down the FCC’s 2015 interpretation of the definition of “automatic telephone dialing system” (autodialer) as overly broad, arbitrarily vague, and “utterly unreasonable.”  The court also threw out the FCC’s rules regarding calls to reassigned wireless numbers, finding that exempting callers for liability for only the first call to a reassigned number was arbitrary and capricious.  See our earlier post for more information about the decision.

In the Public Notice, the FCC seeks comment on the following issues:

  • What is an autodialer?
  • How should calls to reassigned numbers be treated and how should the term “called party” be interpreted?
  • How should a called party be able to revoke prior express consent to receive robocalls?
  • Should contractors acting on behalf of the federal government be considered “persons” under the TCPA?
  • Should the FCC reconsider its rules regarding calls to collect federal debts?

Comments are due June 13 and reply comments are due June 28.

Our TCPA Working Group brings together more than 25 attorneys in our litigation, communications, commercial, and privacy practice areas.  We provide regular TCPA counseling to clients from a broad range of industries, including technology, healthcare, communications, transportation, and financial services.  We have secured dismissals and nominal settlements for clients in TCPA actions and have worked with the FCC to clarify rules addressing a number of key TCPA issues.  We also have significant experience in TCPA appeals.

Posted in Data Protection & Privacy Mark Parsons

Asia Data Protection and Cyber Security Guide 2018

As global focus on data protection and cyber security law and regulation continues to increase, the Asia-Pacific region is increasingly an area of concern for global compliance programs.

Much of the focus internationally has been on preparations for the May, 2018 implementation of the EU GDPR. However, the APAC region is also noteworthy for a number reasons, including China’s ongoing implementation of its Cyber Security Law, the stepping up of data protection laws in Japan and Australia and an overall trend towards stricter enforcement and greater public awareness of their rights under data protection laws.

In the 2018 edition of our annual Asia Pacific Data Protection and Cyber Security Guide, we look back on the significant developments in the region over the course of 2017, and highlight key themes and initiatives for the rest of the year ahead.

Alongside analysis of China’s Cyber Security Law, and the shockwaves of the GDPR felt across the region, the Guide sets out:

  • Individual country spotlights, looking at trends and regulatory developments;
  • A “regulatory heat map”, a graphic representation of the relative stringency of the various data protection regimes across the region; and
  • A guide for making (and keeping) an effective data protection and cyber security compliance program.

Please click here to download the full version of the Asia Data Protection and Cyber Security Guide 2018.

Posted in Digital Single Market (EU), Policy & Regulation Dr. Nils RauerAlastair ShawPenny Thornton

EU: Portability Regulation – important deadline of 2 June 2018

The Portability Regulation (EU) 2017/1128 came into force on 1 April 2018. Part of the EU Commission’s aim to establish a Digital Single Market, the Regulation facilitates cross-border portability of online content. It allows for subscribed content services to “travel” with the subscriber throughout the entire European Union. Be it movies, sport events, music, e-books, online games, they all need to remain accessible when temporarily abroad in another Member State. Service providers need to make sure this travel option is provided to their customers. Providers of free-of-charge online content services may opt-in but if they do the Regulation applies to the full extent. Importantly, the Regulation applies to both new and existing subscriber contracts.

By 2 June 2018, providers of paid-for services must verify the Member State of Residence of each of their existing customers. To this end the Regulation contains a total of eleven test criteria, out of which the provider can select and use up to two in order to verify. Those include, for instance, payment information. Providers who make content available for free must review existing contracts within the first two months in which they enable cross-border portability. We recommend that service providers affected by the Regulation use the remaining time until 2 June to make sure that verification has been carried out properly and in time. In doing so, service providers should note that applicable privacy laws, including the GDPR 2016/679, must also be adhered to.

In most Member States, including the UK, France and Germany, subscribers are given a cause of action for breach of duty where a breach of the relevant Regulation provision, by the provider, causes damage to the subscriber. This applies to the obligation to verify the subscriber’s Member State of residence.

More information about the new Portability Regulation and its practical impact on the digital economy can be found in our latest blog post on this topic.

Posted in Data Protection & Privacy

WEBINAR: Worried about the GDPR? Don’t panic!

With the GDPR about to come into effect, join our experts for a live webinar on 23 May to learn what you should be focusing on now.

The GDPR becomes applicable on 25 May and will affect organisations worldwide.

It is a complex and strict law with dozens of obligations which will be fiercely enforced.

Getting it right will be essential for business success in the digital economy.

Register now to join our webinar.

Our panel will discuss:

  • What should you prioritise now?
  • What are others doing to get it right?
  • How can you approach the GDPR in a practical and positive way?
  • What should your long-term strategy be?
  • Why should the GDPR be seen as an opportunity?

Full details

When: 23 May 2018, 4pm BST, 5pm CEST, 11pm EDT

How: click here to register.


  • Eduardo Ustaran, Hogan Lovells, Partner
  • Nicola Howell, Dun & Bradstreet, Senior Compliance and Privacy Attorney
  • Lien Ceulemans, Salesforce, VP Global Privacy and Associate General Counsel
  • Michael Millar, HL Engage, Managing Editor

Can’t make it?

Don’t worry – register anyway and we’ll send you the recording afterwards.

Posted in e-commerce, Internet, Technology, Telecoms & Broadband

Italy: Double score at TopLegal Industry Awards

We are excited to announce our awards in the two categories below in Tuesday’s TopLegal Industry Awards.

Best Technology Lawyer of the Year – Marco Berliri

“Among the Italian industry sector greater experts“

Best Pharmaceutical Law Firm of the Year

“A team with an outstanding patent litigation track record“

These awards are testament to our holistic, collaborative approach and global perspective in the life sciences industry sector and our leadership in business, law, and regulation in all the key markets of the fast-moving technology, media, and telecoms sector.