Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Category Archives: Cybersecurity

Posted in Cybersecurity, Data Protection & Privacy, Internet of Things, Policy & Regulation, Technology

Webinar: The impact of California Privacy and Cybersecurity law on IoT in the home

We are pleased to invite you to the next webinar in our Internet of Things series, focusing on the impact of the following California (and other) laws on IoT offerings: California Consumer Privacy Act (CCPA) The new California Privacy Rights and Enforcement Act (CPRA) The California IoT security bill California and other privacy laws have a significant impact on consumer applications and devices for home-based use. Through representative use cases in the following areas, attorneys in our top-rated Hogan Lovells Privacy and Cybersecurity practice will discuss strategies for building and

Posted in Cybersecurity, Data Protection & Privacy

Upcoming privacy and cybersecurity events – October

Please join us for our October 2020 events October 21-23 Mark Brennan will be leading a panel at the virtual Fall Academy 2020 Privacy + Security Forum, where he will be joined by other seasoned experts for deep-dive sessions with practical takeaways. October 22 Bret Cohen will be part of the recording for “We Love You, You’re Perfect, Now Change: Stories of Data Protection in M&A”, an IAPP installment where speakers will discuss privacy, security, and risk. The recording will be made available online. October 23 Tim Tobin and Bret Cohen will be joined by Jared Bomberg, Senior

Posted in Cybersecurity, Internet, Policy & Regulation, Technology

UK Government set to move forwards with regulation on consumer IoT device security

UK Government set to move forwards with regulation on consumer IoT device security The UK Government has just announced that it intends to draw up legislation aimed at ensuring that all consumer smart devices sold in the UK adhere to rigorous security requirements for the Internet of Things (“IoT“). Over the last couple of years, the Government has been considering the need to develop a robust regulatory framework governing the cybersecurity of consumer IoT devices, to ensure that these devices are sufficiently secure from cyber-threats. What will the new legislation

Posted in Cybersecurity

Lessons for In-House Counsel from Cybersecurity’s Front Lines

Recent developments reinforce the urgent need for general counsel and legal departments to deepen their focus on cybersecurity. In today’s environment, any organization can be the target of a cyberattack, regardless of industry, size, or geographic footprint. Indeed, in just the past few years, a variety of cyber adversaries have attacked financial institutions, social media sites, a movie studio, hospital systems, a peer-to-peer ridesharing company, the Democratic National Committee, hotel chains, city governments, educational institutions, telecommunications and energy utilities, prominent retailers, manufacturers, and even the mobile app of a well-known

Posted in Cybersecurity, Data Protection & Privacy, Privacy and Security Litigation

Privacy and Cybersecurity November 2019 Events

Please join us for our November 2019 events. November 5 Your Body as Data Mark Brennan will speak on the panel, “Your Body as Data: Facial Recognition, Biometrics, and the Future of Privacy,” at the Columbus School of Law at The Catholic University of America. Location: Washington, D.C. November 5 2019 Data Protection Leadership Forum Eduardo Ustaran will speak during the session, “International Issues,” and will participate in a Q&A Session at the 2019 Data Protection Leadership Forum hosted by Arthur Cox. Location: Dublin November 20 IAPP Europe Data Protection Congress Eduardo

Posted in Artificial Intelligence, Blockchain, Copyright, Cybersecurity, Data Protection & Privacy, Intellectual Property, Internet, Policy & Regulation, Technology

A Turning Point for Tech – Global survey on digital regulation

Whilst political uncertainty may have businesses’ attention fixed, the Hogan Lovells Global Survey on Digital Regulation: ‘A Turning Point for Tech’ suggests that tech companies should be looking elsewhere. During yesterday’s launch at Hogan Lovells’ London Office, editor of the survey, Falk Schoening uncovered the 452 digital regulations that had been proposed across 16 jurisdictions in just six months of monitoring. The report aims to provide insight for what is on the horizon for tech companies, giving them a ‘heads up’ on how they should look at their business models

Posted in Cybersecurity

All-Day Workshop: Privacy and Cybersecurity KnowledgeShare (Agenda & Speakers Announced)

Join us on Thursday 19 September for the Hogan Lovells Privacy and Cybersecurity KnowledgeShare in London. We will share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. Our all-day event will cover a lot of ground through incisive quick-fire presentations, Q&A panels and hands-on workshops. We are particularly excited to announce that we will be joined by guest speakers: James Dipple-Johnston; Deputy Commissioner (Operations) at the UK Information Commissioner’s Office Jannine Aston; Director, Privacy Policy & Compliance, INTL at

Posted in Cybersecurity

Privacy and Cybersecurity September 2019 Events

Please join us for our September events. September 11 Data and Privacy in the Autonomous Car Tim Tobin will speak on the webinar, “Data and Privacy in the Autonomous Car, What New Questions Might We Face?” presented by the Privacy + Security Forum. To register, please click here. Location: Webinar September 13 Medical Technology Executive Forum Paul Otto will speak on cybersecurity & patient safety at the Medical Device Manufacturers Association’s 12th Annual Medical Technology Executive Forum. Location: Palo Alto, California September 16 Association of Independent Research Institutes Annual Meeting Melissa

Posted in Cybersecurity, Data Protection & Privacy Photo of Paul OttoPhoto of W. James DenvilPhoto of Julian Flamant

New York Enacts New Data Security Laws

On July 25, New York Governor Andrew Cuomo signed into law a pair of bills establishing new requirements for businesses that process certain personal information related to New York residents. The changes include expanding the scope of information covered by New York’s data breach notification law; defining breaches to include incidents involving unauthorized access to covered information, even where the information is not acquired; and requiring consumer reporting agencies who suffer breaches of social security numbers to offer up to 5 years of identity theft services. Businesses maintaining the private

Posted in Cybersecurity, Policy & Regulation Photo of Federico Hernández Arroyo

Cybersecurity (or lack thereof) under new administration

Tech, Data, Telecoms & Media, Mexico Introduction In 2014 the previous administration announced its commitment to creating a national cybersecurity strategy. This strategy formed part of the National Development Plan 2013-2018, which also provided for the national digital strategy – an initiative aimed at fostering digitisation in Mexico through: a digital government; open data; digital inclusion; enhanced digital skills; and  IT-based health, educational and financial services.

Posted in Cybersecurity

Privacy and Cybersecurity August 2019 Events

Please join us for our August events. August 2 Cybersecurity Policies and Strategies Forum Shee Shee Jin will discuss data analytics and data sharing on a panel covering “Big Data” and will present a session on “HIPAA Regulatory Trends” at the South Carolina Primary Health Care Association’s inaugural Cybersecurity Policies and Strategies Forum. Location: Greenville, South Carolina August 20 International Data Transfers Eduardo Ustaran will speak on a DataGuidance webinar on international data transfers. Location: Webinar

Posted in Cybersecurity, Internet Photo of David Taylor

Cyber Security: NCSC warns over global DNS hijacking

The National Cyber Security Centre (NCSC), an organisation of the UK Government that provides cybersecurity advice and support for the public and private sector, published an article earlier this year relating to a recent large-scale global DNS hijacking campaign. The article discusses the risks and solutions for protecting organisations against such attacks, whereby the Domain Name System (DNS) records of websites are changed and visitors are subsequently redirected to malicious websites. In simple terms, the DNS is the service that helps internet users navigate to a domain name by correctly

Posted in Cybersecurity, Internet, Privacy and Security Litigation Photo of Paul OttoPhoto of Allison Holt-RyanPhoto of Nathan Salminen

IoT Webinar Series: Cyberthreats in the Internet of Things

On July 16, 2019, Nathan Salminen, Allison Holt, and Paul Otto from the Hogan Lovells Privacy and Cybersecurity and Litigation teams presented a webinar, “Cyberthreats in the Internet of Things” where they explored some techniques that can be used to exploit potential vulnerabilities in connected devices and how those types of events impact organizations from a regulatory and litigation perspective. Many of the nearly 20 billion Internet of Things (IoT) devices deployed worldwide perform critical functions or have access to networks that process highly sensitive information. The proliferation of connected

Posted in Cybersecurity, Data Protection & Privacy, Policy & Regulation

Privacy and Cybersecurity KnowledgeShare event: Sept 19, London

Join us on Thursday 19 September for our Privacy and Cybersecurity KnowledgeShare in London. We’ll share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. Our all-day event will cover a lot of ground through incisive quick-fire presentations, Q&A panels and hands-on workshops. Topics will include: Nailing the basics – Fast insights into key issues such as lawful grounds for processing, people’s rights and DPIAs. Enforcement – What the risk-based approach truly means. Privacy challenges of the digital economy – AI,

Posted in Cybersecurity

Privacy and Cybersecurity July 2019 Events

Please join us for our July 2019 events. July 4 Making Privacy Actionable Eduardo Ustaran and Nicola Fulford are hosting the IAPP London KnowledgeNet which will discuss, “Making Privacy Actionable: Working with the Chief Data Officer.” Location: London July 5-8 Privacy at the Aspen Institute Harriet Pearson will lead a seminar on “What is Privacy and How Do We Protect It?,” at the Aspen Institute’s Socrates Program. Location: Aspen, Colorado July 11 #DataDoneRight Mark Brennan will provide insights on the FCC’s TCPA-related actions and prospects for robocall legislation in Congress on

Posted in Cybersecurity, Data Protection & Privacy, Intellectual Property Photo of Andrew McGinty

China’s first Data Protection Measures lifting its veils

On May 28, 2019, the Cyberspace Administration of China released the draft Measures on the Administration of Data Security (“Data Security Measures“, see our in-house English translation here) for public consultation. These Data Security Measures will be a great leap forward in China’s current data protection landscape, which mainly consists of scattered provisions contained in various pieces of legislations and standards, such as the Cyber Security Law, the E-Commerce Law, the Consumer Rights Protection Law as well as the Personal Information Security Specification, the most comprehensive yet non-binding national standard

Posted in Cybersecurity, Internet, Policy & Regulation Photo of David Taylor

Analyzing the impact of the EU GDPR on access to WHOIS data, one year on

During the Annual INTA 2019 Meeting, a panel was held on the EU General Data Privacy Regulation (GDPR) and the temporary removal of data for the WHOIS directory. IPMT Partner David Taylor spoke on the following GDPR issues and their impact on global brand protection. When the GDPR came into force back in 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) implemented a temporary policy which resulted in a majority of global registrant data being hidden from public view in the WHOIS directory. This temporary policy cannot extend beyond one year,

Posted in Cybersecurity, Data Protection & Privacy, Internet

Privacy and Cybersecurity June 2019 Events

Please join us for our June events. June 4 Privacy Breakfast Paul Otto and Tim Tobin are presenting at the Hogan Lovells Munich office’s privacy breakfast, “EU General Data Protection Regulation,” on privacy topics such as the California Consumer Privacy Act (CCPA), cybersecurity and data breaches, and sector-specific issues found in the life sciences and health care, automotive, and financial sectors. Click here to register. Location: Munich, Germany June 25-26 National Association of College and University Attorneys Bret Cohen and Stephanie Gold are presenting at the annual conference of the National Association of College and University Attorneys on the panel, “Focus

Posted in Cybersecurity

Hogan Lovells Privacy and Cybersecurity Practice Ranked as a Top-Tier Practice by Chambers USA for 8th Consecutive Year

Chambers USA recently released its 2019 rankings and we are pleased to announce that Hogan Lovells’ Privacy and Cybersecurity (PaC) practice once again received Band 1 recognition by Chambers USA. Chambers noted that PaC “[r]emains one of the country’s preeminent privacy and data security practices. A highly talented roster of attorneys advising clients on major data breaches and complex policy matters across a multitude of industries, including retail, automotive and media.” Several of our team members also were individually recognized. Marcy Wilder, PaC’s global co-lead, was ranked in Band 1

Posted in Cybersecurity, Data Protection & Privacy, Policy & Regulation, Privacy and Security Litigation

Asia Pacific Data Protection and Cybersecurity Regulation: 2018 in Review and Looking Ahead to 2019

What is in store for data protection and cyber security regulation in Asia Pacific (APAC) in 2019? 2018 was a momentous year for data protection and cyber security regulation globally – the implementation of the European Union’s General Data Protection Regulation (GDPR) was, of course, the main event. The shockwaves of GDPR hit APAC with full force, coupled with the promulgation of an important GDPR-inspired national standard in China and the tabling of a draft data protection law in India that shares the same lineage. Rising public awareness of data

Posted in Cybersecurity, Data Protection & Privacy, Policy & Regulation, Privacy and Security Litigation, Technology

Privacy and Cybersecurity April 2019 Events

Please join us for our April events. April 2                             Trust in data, no longer a luxury? Nicola Fulford and James Denvil will speak at the workshop,” Trust in data, no longer a luxury – Privacy, security, and consumer trust for 21st century,” at the Luxury Law London Summit. They will discuss some of the challenges of succeeding in a data-driven market that is undergoing global regulatory upheavals. Location: London April 4                             Global TEC Forum Mark Brennan will speak on the panel, “California Breaks New Privacy Ground (Again): The California Consumer Privacy

Posted in Cybersecurity, Data Protection & Privacy, Policy & Regulation, Privacy and Security Litigation Photo of Joke Bodewits

Dutch Data Protection Authority Sets GDPR Fines Structure

On 14 March 2019, the Dutch data protection authority (Autoriteit Persoonsgegevens, DPA) announced (in Dutch) its fining structure for violations of the European General Data Protection Regulation (GDPR) and the Dutch law implementing the GDPR (Implementation Act). The GDPR sets two levels of administrative fines that may apply depending on which GDPR provisions have been infringed: The higher of €10 million or 2% of global revenue and the higher of €20 million or 4% of global revenue. At both levels, the GDPR sets maximums for administrative fines and calls on

Posted in Cybersecurity, Data Protection & Privacy, Policy & Regulation, Privacy and Security Litigation Photo of Joke Bodewits

Dutch Data Protection Authority States Cookie Walls Violate GDPR

On 7 March 2019, the Dutch Data Protection Authority published guidance (in Dutch) that it considers “cookie walls” to violate the GDPR. A cookie wall is a pop-up on a website that blocks a user from access to the website until he or she consents to the placing of tracking cookies or similar technologies. Under current Dutch cookie law, functional and analytical cookies can be used without consent. Tracking cookies like those used for advertising may only be used if a visitor has given consent. According to the Dutch DPA, the