On 26 March 2019 the EU Parliament voted to pass the draft Copyright Directive (“Directive”) into EU law. After adoption by the EU Council (representatives of Member State governments) and official publication, the EP’s adopted text will become EU law. Member States will then have until mid-2021 to implement it into their national laws. DSM Watch has already overviewed the … Continue Reading
New proposals to protect consumer privacy in the U.S. seem to be appearing every day. There are now more than 90 privacy proposals that federal, state, and local regulators and policymakers are considering as privacy continues to dominate the news cycle. Hogan Lovells partners Mark Brennan and Nicola Fulford led a panel of industry stakeholders at the INCOMPAS Policy Summit … Continue Reading
The Consumer industry is evolving at lightning speed, and the way consumer companies operate is shifting. From issues in supply chain to the digitalization of the consumer experience, companies are rapidly changing to keep up with consumer demands. Last year businesses in the consumer industry saw a wave of unprecedented disruption and transformation, and 2019 promises challenges of similar or … Continue Reading
Yesterday (26 March 2019) the EU Parliament voted to pass the draft Copyright Directive into EU law. After adoption by the EU Council (representatives of Member State governments) and official publication, the EP’s adopted text will become EU law. Member States will then have until mid-2021 to implement it into their national laws. DSM Watch has already overviewed the whole … Continue Reading
On 12 March 2019 at its Eighth Plenary Session, the European Data Protection Board (“EDPB”) adopted its Opinion 5/2019 on the interplay between the ePrivacy Directive (“ePD”) and the General Data Protection Regulation (“GDPR”). The Belgian Data Protection Authority had, on 3 December 2018, requested that the EDPB examine the overlap between the two laws and in particular the … Continue Reading
Members of Congress recently introduced a bipartisan proposal to enhance cybersecurity for the network of Internet-connected devices, commonly known as the Internet of things (IoT).
Senators Mark Warner (D-VA) and Cory Gardner (R-CO) and Representatives Robin Kelly (D-IL) and Will Hurd (R-TX) introduced the IoT Cybersecurity Improvement Act of 2019 and hope to establish baseline cybersecurity standards for IoT devices. … Continue Reading
The Mobile World Congress (MWC), whose latest edition took place in Barcelona from 25 to 28 February 2019, is the largest mobile communications event in the world where new devices, applications and the latest developments in wireless and mobile communications technologies are showcased. This has given rise to a substantial increase in recent years of the IP rights-related … Continue Reading
On 14 March 2019, the Dutch data protection authority (Autoriteit Persoonsgegevens, DPA) announced (in Dutch) its fining structure for violations of the European General Data Protection Regulation (GDPR) and the Dutch law implementing the GDPR (Implementation Act).
The GDPR sets two levels of administrative fines that may apply depending on which GDPR provisions have been infringed: The higher of €10 … Continue Reading
A Hogan Lovells study comparing of regulatory requirements in the European Union, United States, and China shows the complexity and uncertainty of the regulatory framework relevant to Internet of Things (IoT) in Europe. The number of telecoms regulatory constraints affecting IoT in the EU is almost twice as high as in the United States and China. Federal Communications Commission (FCC) … Continue Reading
On 7 March 2019, the Dutch Data Protection Authority published guidance (in Dutch) that it considers “cookie walls” to violate the GDPR. A cookie wall is a pop-up on a website that blocks a user from access to the website until he or she consents to the placing of tracking cookies or similar technologies.
Under current Dutch cookie law, functional … Continue Reading
The European Telecommunications Standards Institute (ETSI) has published a new standard for cybersecurity in relation to consumer IoT products. The standard builds on the UK’s Code of Practice for Consumer IoT Security, published in October last year. The Code of Practice was developed by the UK Government following publication of a draft code as part of the Secure by … Continue Reading
Last month, the smallsat community gathered in Silicon Valley for the 2019 Smallsat Symposium. The conference featured leading innovators, experts, and entrepreneurs in the industry who discussed their achievements and the expanding opportunities for funding, launch, and partnerships. Mike Safyan, VP Launch for Planet Labs, gave an inspiring keynote address describing Planet’s victories and challenges in its first … Continue Reading
Agreement on a compromise text for the new Copyright Directive was reached between Member State government representatives, EU Parliament representatives and the EU Commission last week (see our “Breakthrough” post). On 20 February 2019, EU Governments formally voted, by a majority, to approve that compromise text: Italy, Poland, Luxembourg, the Netherlands and Finland opposed it; Belgium and Slovenia abstained. … Continue Reading
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. Now that the dust of the immediate GDPR compliance rush is settling, the first details of fines imposed under the GDPR and the number of cases pending with Data Protection Authorities (DPAs) in Europe are being made … Continue Reading
Article 83 of the GDPR provides for two levels of administrative fines: a lower level – maximum of €10 million or 2% of the global turnover – for violations relating to record-keeping, data security, data protection impact assessments, data protection by design and default, and data processing agreements; and a higher level – maximum of €20 million or 4% of … Continue Reading
The Enforcement Bureau (“Bureau”) proposed a $20,000 penalty against Viaero Wireless (“Viaero”) for allegedly transmitting in the 3650-3700 MHz band without authorization.… Continue Reading
Hogan Lovells partner Winston Maxwell spoke at the executive roundtable on artificial intelligence and online hate speech, organised on January 31, 2019 by CERRE, the Centre on Regulation in Europe. The goal of the roundtable was to discuss what measures should be adopted to fight hate speech online and to look at the pros and cons of using machine-learning in … Continue Reading
The California Department of Justice has announced a March 8, 2019 deadline for submitting written pre-rulemaking comments on the California Consumer Privacy Act (CCPA). The March 8 deadline is an extension from the previously set end-of-February deadline.
Pursuant to section 1798.185(a) of the CCPA, the California Attorney General (AG) is obligated to solicit broad public participation and adopt regulations to … Continue Reading
Since publishing the original version of our guide to blockchain and data protection in September 2017, there has been considerable further commentary from academics, politicians and practitioners, some of which suggested that there is inherent incompatibility of blockchain systems with EU data protection law.
Hogan Lovells has published Demystifying the U.S. CLOUD Act, a detailed analysis of the impact of the Clarifying Lawful Overseas Use of Data Act (CLOUD Act) on non-U.S. businesses and individuals who use cloud storage solutions.
Demystifying the U.S. CLOUD Act was written by Hogan Lovells partners Winston Maxwell and Mark Brennan, and senior associate Arpan Sura.
The report … Continue Reading
Increasing numbers of initiatives, devices, and solutions related to the Internet of Things (IoT) are substantially impacting the development of cybersecurity and data privacy regulations throughout Asia. After the implementation of the General Data Protection Regulation (GDPR) in Europe, for example, Asian lawmakers are considering strengthening their own data protection laws. The region is also characterized by a push in … Continue Reading
HMRC announced today the introduction of their new Profits Diversion Compliance Facility (PDCF). This is a way for multinationals to take the initiative and explain their legal and operational structures before HMRC launch their next wave of full-scale “transfer pricing” investigations into corporates. The … Continue Reading
The federal government shutdown that began at midnight December 29, 2018 shows no sign of ending soon. The Federal Communications Commission tapped on-hand funds to continue operations uninterrupted but ran out of time – and money – last week.
The Brazilian General Data Protection Law (“Lei Geral de Proteção de Dados” or “LGPD”), passed by Congress on 14 August 2018, will come into effect on 15 February 2020. The new data protection law significantly improves Brazil’s existing legal framework by regulating the use of personal data by the public and private sectors. Very similar to the General Data Protection … Continue Reading