California continues to be a first mover in privacy in the United States, enacting the US’s toughest and most comprehensive privacy legislation on Thursday, June 28, 2018. Unlike existing state and federal privacy legislation that has generally focused on specific sectors or privacy issues, the California Consumer Privacy Act of 2018 (AB 375), applies broadly to businesses that collect personal information about California consumers and aims to create significant new consumer privacy rights. In doing so, it creates significant new obligations for businesses.
The new law was a fast-tracked effort to stave off an aggressive California privacy ballot initiative (Ballot Initiative No. 17-0039). The Ballot Initiative’s primary sponsor Alistair Mactaggart agreed last week to withdraw his measure if lawmakers passed a comparable privacy bill before California’s June 28 deadline for finalizing propositions for California’s November General Election ballot. California lawmakers (lead by Assembly Member Ed Chau and Senators Bob Hertzberg and Bill Dodd) quickly introduced and cobbled together a bill in a matter of days, so that the bill’s language could be publicly available for the requisite 72 hours before it could be acted on by the Legislature. Within hours of this mandatory review period ending on June 28, both houses of the Legislature unanimously passed the Act and Governor Jerry Brown signed it into law. Later in the day, the California Secretary of State confirmed in a press release that the proponents had withdrawn the Ballot Initiative as agreed before it was certified for inclusion on the November ballot.
Amid the ongoing discussion surrounding “net neutrality,” the FTC’s role in overseeing broadband Internet access service (BIAS) has received increasing scrutiny following the recent passage of the FCC’s Restoring Internet Freedom Order (“RIF Order”). Several recent developments indicate that, although the Federal Communications Commission (FCC) will continue to have a shared role in monitoring broadband markets, the Federal Trade Commissions (FTC) will take the lead in investigating and bringing enforcement actions against Internet Service Providers (ISPs) for practices that raise anticompetitive concerns. Therefore, commercial stakeholders should pay careful attention to the potential for antitrust enforcement in broadband markets moving forward.
Our Washington D.C. communications team take a look at the US FTC’s role in monitoring broadband markets going forward and bringing actions against ISP’s for anti-competitive behaviour. To read the full article click here.
The buzz regarding the potential for artificial intelligence (“AI”) to revolutionise our lives is inescapable. Development of AI technology is a huge growth area, and investors are banking on an “AI boom” in everything from cybersecurity and healthcare. The capabilities and achievements of AI in some areas are certainly astonishing – self-driving cars are no longer theoretical but a reality, and AlphaGo is now arguably the strongest Go player in history. But the picture isn’t all rosy, which the Economist has recently described as a ‘Techlash’ against the digital giants. As with any technology, there are negative as well as positive effects of AI. Applications of AI in social media can help us find long-lost friends, but those same channels can be manipulated to disseminate fake news and influence our decisions. Are these and other similar worries matters of public concern that warrant a societal response? AI applications, whether it’s a smart city, logistics management or build to order (BTO) and just-in-time manufacturing can be optimised to increase efficiency but who should take responsibility when automated processes cause harm?
Richard Diffenthal and Helen McGowan of our London Tech Hub team talk to Karen Yeung, one of our Academics Advisory Panel members, about the case for regulating AI. To read the full article click here.
With the coming into effect of the GDPR on 25 May 2018, the modernisation of European privacy laws has reached a critical milestone. Businesses operating in Europe or targeting European customers now need to comply with the new regime. At stake are not only the consequences of non-compliance, but also the ability to take advantage of new technologies, data analytics and the immense value of personal information. From determining when European law applies to devising a workable cooperation strategy with national regulators, there are many intricate novelties to understand and address.
We have updated our guide “Future-proofing privacy,” which aims to be a useful starting point for organisations seeking to understand the GDPR and comply with it. Twenty-four authors from 10 European Hogan Lovells offices have contributed their knowledge, efforts, and advice to compile a unique resource of practical guidance. We have identified the key issues and explained why they matter. Crucially, we have approached the new framework with a practical mindset, providing concrete suggestions for actions to take now.
For Hogan Lovells’ Future-Proofing Privacy: A guide to complying with the EU Data Protection Regulation, click here.
“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy.
The job of the legal and compliance teams is to make sure that their company’s data projects do not breach applicable laws.
Their task is not easy because the number of laws regulating the processing of data – particularly personal data – are increasing multiplying worldwide.
However, a focus solely on data compliance can prevent broader thinking about data strategy, and how legal and regulatory teams can contribute to value creation.
Hogan Lovells’ “Getting to data nirvana” guide helps open the door to broader thinking about data strategy, by showing how regulatory, contract, IP, competition and litigation strategy can be proactively engineered to create data value.
After a long and intense debate – including several postponements – the Committee of Legal Affairs of the European Parliament (JURI) finally agreed on its position on the draft DSM copyright directive. Of course, the plenary is still required to hand down its final vote on JURI’s report. And the trilogue amongst the three legislative institutions is also to follow. However, we are very close to the long awaited position of the Parliament which is the necessary condition for the trilogue to start.
It is fair to say that the debate within and outside JURI has been controversial up until the last minute. Votes have been tight in regard to many provisions. Some parliamentarians have already indicated that they will continue to oppose the now agreed report in the plenary.
What is remarkable is the fact that we see some last-minute provisions that were not featured in previous drafts. For instance, a new Chapter 3a requires the Member States to grant to sport event organizers a sui generis right to the sport events they organize. Obviously, JURI’s report and the Parliament’s anticipated overall position will continue to give rise to plenty of debate.
The story so far
The legislative process we specifically look at here took off in 2016 (COM(2016) 593) as part of the Commission’s Digital Single Market Strategy. The initial proposal included a whole set of individual measures including new exceptions for text and data mining, new negotiation mechanisms and royalty adjustment opportunities, most of which could be agreed upon in the course of the earlier legislation process. However, three measures have been the particular subject of intense scrutiny and comment: Article 3a (text and data mining), Article 11 (a neighboring right for press publishers) and Article 13 (obligations for online content sharing service providers).
The respective issues were not only debated in professional journals and copyright blogs but in general newspapers all over the European Union. Just recently, on 13 June 2018, the Special Rapporteur of the United Nations for the protection of freedom and expression, David Kaye, has weighed in with a comprehensive letter addressed to the Commission outlining his concerns about the compatibility of the upcoming copyright rules with international treaties and requesting a response within 60 days.
In one of the most significant antitrust cases in recent years, AT&T won the right to merge with Time Warner when Judge Richard Leon ruled in their favor yesterday.
AT&T and Time Warner announced their merger in October 2016. The merging parties touted the synergies that they could achieve by combining AT&T’s distributional power with Time Warner’s unique content.
After an extensive review of the merger, the U.S. Department of Justice (DOJ) filed a complaint to block the deal in the District Court of the District of Columbia on 20 November 2017. The trial began on 19 March 2018 and continued for the next six weeks.
In opposing the transaction, the DOJ primarily relied on the theory that AT&T would use Time Warner’s “must have” content as leverage to extract higher affiliate fees from rival distributors, thereby harming competition in the content distribution market. This is somewhat different from the traditional “foreclosure” analysis in vertical deals, which focuses on the extent to which the acquirers’ competitors cannot compete effectively without access to the target’s product. The DOJ also argued that AT&T would act to deter new, virtual distributors by restricting their access to popular Time Warner content. Finally, the DOJ contended that the merged entity could restrict the use of HBO as a promotional tool by other distributors. This “vertical” theory of harm is not new, but the U.S. antitrust enforcement agencies had not challenged a merger on this theory in 40 years before this complaint was filed.
In rejecting the government’s theories of harm, Judge Leon found that the government ultimately “failed to meet its burden to establish that the proposed transaction is likely to lessen competition substantially.” Below are some key takeaways from the opinion.
This edition features a total of 14 articles which capture various significant TMT developments in Greater China. These developments cover an extraordinary breadth of topics and demonstrate a strong increase in the nuance and complexity of TMT law and practice in the region.
Cybersecurity in China remains a hot topic. The Cyber Security Law is already in place but the question is how this law is going to be interpreted and implemented. In this edition, we will look at various draft/trial measures which provide further insight on key topics such as critical information infrastructure and security review of network products. We will also look at closely related topics concerning data localisation and cryptography.
There is no doubt that China offers huge potential for technology businesses. The Huawei v. Samsung case is an excellent example of how China has become a new arena for global patent and FRAND disputes. The market is also opening up for areas such as cloud service providers and, more generally, the sharing economy. An important part to these developments is IP and e-commerce, and we will look at how China is establishing new laws and regulations (and courts) to brace itself for these challenges.
Turning to Hong Kong, the Securities and Futures Commission remains very much on the forefront in leading market discussions on cybersecurity standards and online advisory platforms in Hong Kong. We will take you through the details of those discussions, as well as the Hong Kong government’s recent proposal to launch a statutory “do-not-call” register to put a tighter control on person-to-person telemarketing calls (cold calls or otherwise). We are pleased to present you this edition, which we hope will help you navigate through all these new developments.
Click here to view the brief in full.
In the most recent program part of the Internet of Things Webinar (IoT) Series, speakers Lisa Ellman, Gretchen West, and Matt Clark held a close lens to the exciting topic of unmanned aircraft systems (UAS) or so-call “drones.”
As one of the most evolving subjects in the IoT space, audience members were given an insightful and comprehensive look at the significant legal and regulatory issues surrounding the use of commercial drones.
The speakers leveraged their diverse industry knowledge and experience to touch on key points, including:
- The opportunities and benefits of commercial drones
- How businesses can successfully navigate rapidly evolving UAS legal and policy frameworks
- Drone security issues and what to expect from the federal government
- What’s next of the UAS legislative, regulatory, and policy fronts
To hear more on this topic, please access the full webinar recording using this link
The Supreme Court handed down its much anticipated judgment in Cartier International AG v British Telecommunications Plc today. The Judges held unanimously that rights-holders should bear the costs of implementing website-blocking injunctions. In doing so, the Supreme Court reversed the Court of Appeal majority judgment. Although the case concerned blocking sites selling counterfeits, the judgment is not limited to online trade mark infringement. It will also apply in cases where ISPs (who are not caching or hosting) are required to block access to infringing copyright content.
The background to the case is that in 2014 Arnold J ordered the five major UK ISPs to block a number of websites that were advertising and selling counterfeit goods. He also held that the ISPs should bear the costs of the implementation of the blocking order. According to Arnold J, with one possible exception, it was the first occasion on which an application for a website-blocking order had been made in Europe in order to combat trade mark infringement. See our earlier blog on the first instance decision here. The ISPs appealed, both in relation to the blocking order and in relation to the costs. The Court of Appeal dismissed the appeals. The ISPs then appealed to the Supreme Court on the point of whether they should be required to bear the costs of implementing the blocking order.
Today, the Supreme Court unanimously reversed the Court of Appeal’s judgment, to make rights-holders responsible for paying the costs of complying with blocking injunctions incurred by ISPs who act as mere conduits, and who are therefore legally innocent.