Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Category Archives: Data Protection & Privacy

Posted in Cybersecurity, Data Protection & Privacy

SEC Issues New Interpretive Guidance on Cybersecurity Disclosures

On February 21, the Securities and Exchange Commission (SEC) published interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents. The Commission’s release follows shorter cybersecurity “disclosure guidance” issued in 2011 by the staff of the SEC’s Division of Corporation Finance. The new guidance was prompted by the agency’s concern over the increase in the risks … Continue Reading

Posted in Data Protection & Privacy Winston MaxwellPatrice Navarro

Hosts of health data: certified compliant!

The Decree No 2018-137 of 26 February 2018 on the hosting of personal health data has been published on 28 February 2018 in the Official Journal.  The Decree defines notably the arrangements for implementing the procedure for certifying hosts of health data.

Context

The Decree has been adopted pursuant to Order No 2017-27 of 12 January 2017 on the hosting … Continue Reading

Posted in Data Protection & Privacy Eduardo Ustaran

Is Artificial Intelligence the Ultimate Test for Privacy?

Nothing challenges the effectiveness of data protection law like technological innovation. You think you have cracked a technology neutral framework and then along comes the next evolutionary step in the chain to rock the boat. It happened with the cloud. It happened with social media, with mobile, with online behavioural targeting and with the Internet of Things. And from the … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhKatherine Gasztonyi

Russia: Main Takeaways from Roskomnadzor’s Open Doors Day

Recently, the Russian Data Privacy Authority (Roskomnadzor) organized an Open Doors Day in honor of the International Data Privacy Day. During the occasion, Roskomnadzor officers presented on the authority’s 2017 enforcement activities. They followed this presentation with an open question and answer period, during which they responded to numerous questions raised by attendees. We summarize the key takeaways below.

2017 Continue Reading

Posted in Data Protection & Privacy Winston Maxwell

European Commission and Article 29 Working Party Urge Respect for International Law in Data Cases

Territoriality will continue to be one of the most vexing problems for data regulation in 2018.  One aspect of this debate relates to whether a U.S. judge can compel the disclosure of personal data located in Europe without using international treaty mechanisms.  This issue is currently being considered by the United States Supreme Court in the case United States v. Continue Reading

Posted in Data Protection & Privacy, Internet, Policy & Regulation Christine GateauChristelle CoslinPauline Faron

First views from the CJEU on how to build a consumer collective action in the Schrems v Facebook Ireland case: The concept of “consumer” and lack of jurisdiction of the consumer’s home court over assigned claims

The famous case brought by Maximilian Schrems against Facebook Ireland in Austria, aimed to become an international and large data protection class action, led on 25 January 2018 to a ruling from the CJEU on two main points:
  • A consumer’s right to have a claim heard in his or her home court under European law does not extend so as
Continue Reading
Posted in Data Protection & Privacy

Aetna $17.2 Million Breach Settlement Brings Lessons for Handling Health Data

Aetna will pay almost $17.2 million to settle a federal class action lawsuit stemming from a 2017 mailing that disclosed the HIV status of health plan members. Aetna also agreed last week to pay a $1.15 million fine to the state of New York after the Attorney General Eric Schneiderman’s (NY AG) investigation into Aetna’s alleged violations of federal and … Continue Reading

Posted in Data Protection & Privacy, Technology Timothy TobinW. James Denvil

Navigating the Road Ahead: Auto Industry Stakeholders and Regulators Convene to Discuss Connected Vehicle Privacy

In the same week that the automotive industry gathers in Washington, D.C. for the 2018 Washington Auto Show, a cross-section of automotive stakeholders, government officials, and consumer and privacy advocates came together at Hogan Lovells’ Washington office to discuss privacy issues facing connected vehicles. The half-day conference, co-hosted by Hogan Lovells and the Future of Privacy Forum, convened on January … Continue Reading

Posted in Data Protection & Privacy Winston Maxwell

DSM Watch: Stakes high for IoT industry in European ePrivacy debate

Following the European Commission and European Parliament’s proposed versions of the EU Regulation on Privacy and Electronic Communications (the ePR), we are now waiting for the Council of the European Union to agree their position before discussions between the three bodies can begin. A discussion paper from the Bulgarian Presidency of the Council dated 11 January 2018 (the PaperContinue Reading

Posted in Data Protection & Privacy

Why Companies in Mexico Should Reassess Their Compliance with Data Privacy Protocols—and Their Risk of a Data Breach

According to the Constitution of Mexico, the protection of personal data is a fundamental right of all Mexican citizens. Under federal law, individuals also have a right to access, change, oppose, or suppress their personal data. Although all private companies process data, some are not sufficiently familiar with Mexico’s data privacy principles and regulations, and many may not have an … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy, Digital Single Market (EU), Drones, Internet, Policy & Regulation, Technology, Telecoms & Broadband Peter WattsWinston MaxwellMichele Farquhar

TMT Horizons 2018

2018 will be another dramatic year for TMT. Our job is to help TMT businesses to chart a course through by bringing together the insights of over 800 lawyers who focus on the sector across six continents. That is why we have asked some of our top thinkers globally to provide a snapshot of their vision for the coming year. … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy Sarah Turner

10 steps to better cybersecurity -‘Intellectual Values seminar series #1’ video

Last month we hosted our annual ‘Intellectual Values’ seminar in London which this year focused on the ‘connected world’. Sarah Turner, an IP partner in our Tech Hub, gave a talk on the steps companies can take to improve their cybersecurity. The potential damage resulting from a cybersecurity attack is ever increasing as the world becomes more and more … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Partially Releases 2018 Data Privacy Inspection Plans

Two weeks ago, certain territorial divisions of the Russian Data Protection Authority, Roskomnadzor, published their 2018 plans for conducting inspections of local companies’ compliance with Russian data privacy requirements, including with Russia’s data localization requirement. The inspection plans contain a number of prominent multi-national and Russian companies.

Within such inspections, Roskomnadzor assesses the compliance of the entity with Russian … Continue Reading

Posted in Data Protection & Privacy Bret Cohen

U.S. Supreme Court Takes Microsoft Corp. v. United States in Law Enforcement Access Row

Last Monday, the Supreme Court granted certiorari in the Microsoft search warrant case, a case in which Microsoft challenged the U.S. government’s right to use the warrant process to obtain certain emails stored overseas.  Some view the upcoming decision as signaling the level of access the U.S. government will have to the growing troves of data U.S.-based technology companies … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation, Technology Winston Maxwell

Should we regulate artificial intelligence?

Hogan Lovells partner Winston Maxwell spoke on October 12, 2017 at a conference on artificial intelligence organized by the French think tank “Le Club des Juristes”. What follows is an English version of his prepared remarks.

Artificial intelligence (“AI”) permits valuable new applications for society. Autonomous vehicles will increase safety and reduce pollution. Voice recognition could make computer keyboards obsolete. … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy

Managing Workforce Cyber Risk in a Global Landscape: A Legal Review

Whether malicious or inadvertent, workforce actions cause or contribute to over half of cyber attacks experienced by organizations. Protecting against such “insider” cyber risks can be challenging, especially given the global web of privacy, communications secrecy, and employment laws that may be implicated by monitoring workforce use of IT resources.

Harriet Pearson and James Denvil, lawyers in the Hogan Lovells … Continue Reading

Posted in Data Protection & Privacy, Technology Falk SchoeningChristian Ritz

Big Data and digital markets remain in the focus of competition authorities – German FCO continues to lead the way

On 6 October, the German Federal Cartel Office (“FCO”) launched its new series of papers on “Competition and Consumer Protection in the Digital Economy”. The first paper deals with “Big Data and Competition”. The same day, a “real-life example” of competition enforcement in Big Data became public. The EU Commission confirmed unannounced inspections in “a few Member States” concerning Continue Reading

Posted in Cybersecurity, Data Protection & Privacy

Former FTC Chairwoman Edith Ramirez Joins Hogan Lovells Privacy and Cybersecurity Practice

Hogan Lovells has announced that Edith Ramirez, the former Chairwoman of the US Federal Trade Commission (FTC), has joined the firm as a partner and will play an active role in Hogan Lovells’ Privacy and Cybersecurity practice. She will also co-head the firm’s Antitrust, Competition and Economic Regulation (ACER) practice.

Ramirez will co-lead the global antitrust practice alongside Suyong … Continue Reading

Posted in Data Protection & Privacy Dr. Wolf-Tassilo Böhm

New Case Law on Restrictions for Employee Monitoring in the Workplace in Germany

According to the German Federal Labor Court, Germany’s highest court for employment disputes, German employers are not allowed to monitor employees in the workplace without a concrete suspicion of a criminal violation or, in some cases, a serious breach of duty (judgment dated July 27, 2017, case ref. 2 AZR 681/16). This means that employer monitoring of an employee’s computer … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russian Data Protection Authority Publishes Privacy Policy Guidance

On 31 July, the Russian data protection authority, Roskomnadzor, issued guidance for data operators on the drafting of privacy policies to comply with Russian data protection law. Russia’s 2006 privacy law – Federal Law No. 152-FZ of 27 July 2006 “On Personal Data” (Personal Data Law) – requires, among other things, that Russian data operators must adopt a privacy policy … Continue Reading

Posted in Data Protection & Privacy

South Korea Joins APEC Cross-Border Privacy Rules System

On Monday, June 12, South Korea became the latest country approved to officially join the Asia-Pacific Economic Cooperation’s (APEC) Cross-Border Privacy Rules (CBPR) system.  It is the fifth APEC economy to participate in the system, joining the United States, Canada, Japan, and Mexico.  To date, twenty companies—including Apple, Cisco, HP, IBM, Rackspace, and Workday—have been certified under CBPR.

As businesses … Continue Reading