Territoriality will continue to be one of the most vexing problems for data regulation in 2018. One aspect of this debate relates to whether a U.S. judge can compel the disclosure of personal data located in Europe without using international treaty mechanisms. This issue is currently being considered by the United States Supreme Court in the case United States v. … Continue Reading
It is finally here. This is the year of the GDPR. A journey that started with an ambitious policy paper about modernising data protection almost a decade ago – a decade! – is about to reach flying altitude. No more ‘in May next year this, in May next year that’. Our time has come. Given the amount of attention that … Continue Reading
|The famous case brought by Maximilian Schrems against Facebook Ireland in Austria, aimed to become an international and large data protection class action, led on 25 January 2018 to a ruling from the CJEU on two main points:
Aetna will pay almost $17.2 million to settle a federal class action lawsuit stemming from a 2017 mailing that disclosed the HIV status of health plan members. Aetna also agreed last week to pay a $1.15 million fine to the state of New York after the Attorney General Eric Schneiderman’s (NY AG) investigation into Aetna’s alleged violations of federal and … Continue Reading
To date, the main legacy of the Brexit referendum of 2016 appears to be a country split in half: some badly wish the UK would continue to be a member of the EU and some are equally keen on making a move. Yet, there seems to be at least one thing on which Remainers and Leavers will agree: nobody knows … Continue Reading
In the same week that the automotive industry gathers in Washington, D.C. for the 2018 Washington Auto Show, a cross-section of automotive stakeholders, government officials, and consumer and privacy advocates came together at Hogan Lovells’ Washington office to discuss privacy issues facing connected vehicles. The half-day conference, co-hosted by Hogan Lovells and the Future of Privacy Forum, convened on January … Continue Reading
Following the European Commission and European Parliament’s proposed versions of the EU Regulation on Privacy and Electronic Communications (the ePR), we are now waiting for the Council of the European Union to agree their position before discussions between the three bodies can begin. A discussion paper from the Bulgarian Presidency of the Council dated 11 January 2018 (the Paper… Continue Reading
According to the Constitution of Mexico, the protection of personal data is a fundamental right of all Mexican citizens. Under federal law, individuals also have a right to access, change, oppose, or suppress their personal data. Although all private companies process data, some are not sufficiently familiar with Mexico’s data privacy principles and regulations, and many may not have an … Continue Reading
2018 will be another dramatic year for TMT. Our job is to help TMT businesses to chart a course through by bringing together the insights of over 800 lawyers who focus on the sector across six continents. That is why we have asked some of our top thinkers globally to provide a snapshot of their vision for the coming year. … Continue Reading
Last month we hosted our annual ‘Intellectual Values’ seminar in London which this year focused on the ‘connected world’. Sarah Turner, an IP partner in our Tech Hub, gave a talk on the steps companies can take to improve their cybersecurity. The potential damage resulting from a cybersecurity attack is ever increasing as the world becomes more and more … Continue Reading
Two weeks ago, certain territorial divisions of the Russian Data Protection Authority, Roskomnadzor, published their 2018 plans for conducting inspections of local companies’ compliance with Russian data privacy requirements, including with Russia’s data localization requirement. The inspection plans contain a number of prominent multi-national and Russian companies.
Within such inspections, Roskomnadzor assesses the compliance of the entity with Russian … Continue Reading
Last Monday, the Supreme Court granted certiorari in the Microsoft search warrant case, a case in which Microsoft challenged the U.S. government’s right to use the warrant process to obtain certain emails stored overseas. Some view the upcoming decision as signaling the level of access the U.S. government will have to the growing troves of data U.S.-based technology companies … Continue Reading
Hogan Lovells partner Winston Maxwell spoke on October 12, 2017 at a conference on artificial intelligence organized by the French think tank “Le Club des Juristes”. What follows is an English version of his prepared remarks.
Artificial intelligence (“AI”) permits valuable new applications for society. Autonomous vehicles will increase safety and reduce pollution. Voice recognition could make computer keyboards obsolete. … Continue Reading
Whether malicious or inadvertent, workforce actions cause or contribute to over half of cyber attacks experienced by organizations. Protecting against such “insider” cyber risks can be challenging, especially given the global web of privacy, communications secrecy, and employment laws that may be implicated by monitoring workforce use of IT resources.
Harriet Pearson and James Denvil, lawyers in the Hogan Lovells … Continue Reading
On 6 October, the German Federal Cartel Office (“FCO”) launched its new series of papers on “Competition and Consumer Protection in the Digital Economy”. The first paper deals with “Big Data and Competition”. The same day, a “real-life example” of competition enforcement in Big Data became public. The EU Commission confirmed unannounced inspections in “a few Member States” concerning … Continue Reading
Hogan Lovells has announced that Edith Ramirez, the former Chairwoman of the US Federal Trade Commission (FTC), has joined the firm as a partner and will play an active role in Hogan Lovells’ Privacy and Cybersecurity practice. She will also co-head the firm’s Antitrust, Competition and Economic Regulation (ACER) practice.
Ramirez will co-lead the global antitrust practice alongside Suyong … Continue Reading
According to the German Federal Labor Court, Germany’s highest court for employment disputes, German employers are not allowed to monitor employees in the workplace without a concrete suspicion of a criminal violation or, in some cases, a serious breach of duty (judgment dated July 27, 2017, case ref. 2 AZR 681/16). This means that employer monitoring of an employee’s computer … Continue Reading
On Monday, June 12, South Korea became the latest country approved to officially join the Asia-Pacific Economic Cooperation’s (APEC) Cross-Border Privacy Rules (CBPR) system. It is the fifth APEC economy to participate in the system, joining the United States, Canada, Japan, and Mexico. To date, twenty companies—including Apple, Cisco, HP, IBM, Rackspace, and Workday—have been certified under CBPR.
As businesses … Continue Reading
Exactly one year before the EU General Data Protection Regulation (GDPR) becomes applicable, global law firm Hogan Lovells has launched GDPRnow, a mobile application that provides companies with assistance to identify practical steps to comply with the new framework.
On 19 May 2017, the Cyberspace Administration of China (the “CAC“) released a revised draft of its Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures (the “Second Draft Export Review Measures“).
The draft emerged just over a week after public comments closed on the first draft of … Continue Reading
The Hong Kong Securities and Futures Commission (“SFC”) has issued a paper containing proposals to introduce cyber security guidelines under the Securities and Futures Ordinance (the “SFO”) applicable to internet brokers (the “Cyber Security Consultation Paper”). Comments are open through 7 July 2017.
The Cyber Security Consultation Paper reflects a sharpening of focus by the SFC on cyber security issues. … Continue Reading
Major companies, health care organizations and government agencies are facing a wave of cyberattacks involving ransomware that takes control of computers and denies access until a ransom is paid. These attacks are occurring on a global scale and in some cases are having a significant impact on business and healthcare operations. The cyberattack has disrupted targets throughout the world from … Continue Reading
The Digital Economy Bill passed into UK law last Thursday 27 April 2017 amidst the flurry of activity known as the “wash up” period before the dissolution of Parliament and ahead of the early general election in the UK to be held on 8 June. The Digital Economy Act introduces measures to “modernise the UK for enterprise,” and includes plans … Continue Reading