The IoT sector has exploded over the past few years, and, even taking into account the globally inhibitive effects of COVID-19, this growth shows few long-term signs of abating. The buoyant, fast-paced IoT industry was the subject of a webinar, involving a panel of four partners from Hogan Lovells: Valerie Kenyon, Christelle Coslin, Matthias Schweiger, and Salomé Cisnal de Ugarte. Each gave their take on the state of play of IoT across the EU and explored the liability issues that potentially are coming down the line for IoT products. In this
In recent years, the Asia-Pacific (APAC) region has been a core hub of merger and acquisition (M&A) activity, emerging relatively unscathed from the COVID-19 pandemic which has otherwise taken a toll on investment activity in 2020. Despite global economic headwinds and growing geopolitical uncertainties, signs of recovery in APAC deal-making have begun to merge as ambitious investors in the region look for both shelter and new opportunities in a time of unprecedented challenges. As we move at a breakneck pace into the digital era, data becomes more of a critical
Our fourth annual Global Intellectual Property Outlook reflects on some of the biggest developments from 2019, and provides valuable insights on upcoming changes in 2020. From key decisions and the latest case law, to how emerging technology, policy and trade will impact your IP portfolio and strategy. The start to 2020 has been an unprecedented time for us all. As citizens, businesses, governments and regulators adjust to the new challenges presented by the global spread of COVID-19, and social distancing and remote working become the new norm, there is no
UK Government set to move forwards with regulation on consumer IoT device security The UK Government has just announced that it intends to draw up legislation aimed at ensuring that all consumer smart devices sold in the UK adhere to rigorous security requirements for the Internet of Things (“IoT“). Over the last couple of years, the Government has been considering the need to develop a robust regulatory framework governing the cybersecurity of consumer IoT devices, to ensure that these devices are sufficiently secure from cyber-threats. What will the new legislation
Recent developments reinforce the urgent need for general counsel and legal departments to deepen their focus on cybersecurity. In today’s environment, any organization can be the target of a cyberattack, regardless of industry, size, or geographic footprint. Indeed, in just the past few years, a variety of cyber adversaries have attacked financial institutions, social media sites, a movie studio, hospital systems, a peer-to-peer ridesharing company, the Democratic National Committee, hotel chains, city governments, educational institutions, telecommunications and energy utilities, prominent retailers, manufacturers, and even the mobile app of a well-known
Please join us for our October Events. October 15 Privacy + Security Forum Bret Cohen is a speaker on the panel “The Notice Trap: When and How to ‘Inform,’ Provide ‘Explicit Notice,’ and ‘Disclose’ Under the CCPA” at the Privacy + Security Academy’s Privacy + Security Forum. Location: Washington, D.C. October 15 Privacy + Security Forum Pete Marta is a speaker on the panel, “Best Practices for Preparing a Ransomware-Related Cyber Incident Response Plan,” at the Privacy + Security Academy’s Privacy + Security Forum. Location: Washington, D.C. October 15 Privacy + Security Forum Tim Tobin is a speaker on the
Please join us for our September events. September 11 Data and Privacy in the Autonomous Car Tim Tobin will speak on the webinar, “Data and Privacy in the Autonomous Car, What New Questions Might We Face?” presented by the Privacy + Security Forum. To register, please click here. Location: Webinar September 13 Medical Technology Executive Forum Paul Otto will speak on cybersecurity & patient safety at the Medical Device Manufacturers Association’s 12th Annual Medical Technology Executive Forum. Location: Palo Alto, California September 16 Association of Independent Research Institutes Annual Meeting Melissa
Tech, Data, Telecoms & Media, Mexico Introduction In 2014 the previous administration announced its commitment to creating a national cybersecurity strategy. This strategy formed part of the National Development Plan 2013-2018, which also provided for the national digital strategy – an initiative aimed at fostering digitisation in Mexico through: a digital government; open data; digital inclusion; enhanced digital skills; and IT-based health, educational and financial services.
The National Cyber Security Centre (NCSC), an organisation of the UK Government that provides cybersecurity advice and support for the public and private sector, published an article earlier this year relating to a recent large-scale global DNS hijacking campaign. The article discusses the risks and solutions for protecting organisations against such attacks, whereby the Domain Name System (DNS) records of websites are changed and visitors are subsequently redirected to malicious websites. In simple terms, the DNS is the service that helps internet users navigate to a domain name by correctly
On 17 July 2019 we hosted our most recent Innovation Lounge at our Washington, D.C. office. The Innovation Lounge is an associate networking event series which focuses not only on IP-issues, but on healthcare, regulatory issues, and privacy issues. Summer associates, in-house counsel, IP associates, and members of advocacy groups listened to a panel of C-level executives and directors from Appian, Genesys, Results Redefined, and Frontpoint address concerns over data privacy, the balance of innovation and regulation, the changing face of healthcare, and how in the not-so distant future, anyone could
Join us on Thursday 19 September for our Privacy and Cybersecurity KnowledgeShare in London. We’ll share our latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. Our all-day event will cover a lot of ground through incisive quick-fire presentations, Q&A panels and hands-on workshops. Topics will include: Nailing the basics – Fast insights into key issues such as lawful grounds for processing, people’s rights and DPIAs. Enforcement – What the risk-based approach truly means. Privacy challenges of the digital economy – AI,
Please join us for our June events. June 4 Privacy Breakfast Paul Otto and Tim Tobin are presenting at the Hogan Lovells Munich office’s privacy breakfast, “EU General Data Protection Regulation,” on privacy topics such as the California Consumer Privacy Act (CCPA), cybersecurity and data breaches, and sector-specific issues found in the life sciences and health care, automotive, and financial sectors. Click here to register. Location: Munich, Germany June 25-26 National Association of College and University Attorneys Bret Cohen and Stephanie Gold are presenting at the annual conference of the National Association of College and University Attorneys on the panel, “Focus
Please join us for our April events. April 2 Trust in data, no longer a luxury? Nicola Fulford and James Denvil will speak at the workshop,” Trust in data, no longer a luxury – Privacy, security, and consumer trust for 21st century,” at the Luxury Law London Summit. They will discuss some of the challenges of succeeding in a data-driven market that is undergoing global regulatory upheavals. Location: London April 4 Global TEC Forum Mark Brennan will speak on the panel, “California Breaks New Privacy Ground (Again): The California Consumer Privacy
Congress recently introduced a bipartisan proposal to enhance cybersecurity for the network of Internet-connected devices, known as the Internet of things (IoT).
On 14 March 2019, the Dutch data protection authority (Autoriteit Persoonsgegevens, DPA) announced (in Dutch) its fining structure for violations of the European General Data Protection Regulation (GDPR) and the Dutch law implementing the GDPR (Implementation Act). The GDPR sets two levels of administrative fines that may apply depending on which GDPR provisions have been infringed: The higher of €10 million or 2% of global revenue and the higher of €20 million or 4% of global revenue. At both levels, the GDPR sets maximums for administrative fines and calls on
The European Telecommunications Standards Institute (ETSI) has published a new standard for cybersecurity in relation to consumer IoT products. The standard builds on the UK’s Code of Practice for Consumer IoT Security, published in October last year. The Code of Practice was developed by the UK Government following publication of a draft code as part of the Secure by Design report published by the Government in March 2018 and after consultation with industry, consumer associations, and academics. The UK Code is voluntary but the UK Government was keen to work
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. Now that the dust of the immediate GDPR compliance rush is settling, the first details of fines imposed under the GDPR and the number of cases pending with Data Protection Authorities (DPAs) in Europe are being made public. In Germany, DPAs are investigating a broad range of non-compliance issues and showing a tendency toward increasing their enforcement activities, to the point that we expect an announcement of
2018 posed new opportunities and challenges for IP-rich businesses, with major new legislation introduced in Europe to govern trademark and trade secret protection; significant and transformational case law in the U.S., and the confirmation of new planned IP-specific legislation for several jurisdictions in Asia. We’re here to help you keep abreast of these changes and understand how they impact you. Our third annual Global IP Outlook reflects on some of the major developments in intellectual property law and emerging and growing industries. Regardless of your industry or specialism the Outlook
Increasing numbers of initiatives, devices, and solutions related to the Internet of Things (IoT) are substantially impacting the development of cybersecurity and data privacy regulations throughout Asia. After the implementation of the General Data Protection Regulation (GDPR) in Europe, for example, Asian lawmakers are considering strengthening their own data protection laws. The region is also characterized by a push in a number of jurisdictions towards data localization requirements driven more by “cyber sovereignty,” national security considerations, and protectionist impulses than data protection considerations. Restrictions on the collection and free use
Late last month, California Governor Jerry Brown signed the first US Internet of Things (IoT) cybersecurity legislation: Senate Bill 327 and Assembly Bill 1906. Starting on January 1, 2020, manufacturers of regulated connected devices are required to equip such devices with “reasonable security features” designed to protect a connected device and any information it holds from “unauthorized access, destruction, use, modification, or disclosure.” This legislation was prompted by what the bill’s sponsor viewed as a “lack of security features on internet connected devices undermin[ing] the privacy and security of California’s consumers.”
Please join us for our October 2018 Privacy and Cybersecurity Events. October 3 Data Privacy on Steroids Harriet Pearson will speak on a panel at the Minority Corporate Counsel Association Conference. It is entitled “Data Privacy on Steroids: Sweeping New Data Privacy/Security Regulation in the EU and California, and What it Means for American Business.” Location: New York City
This is the third installment in Hogan Lovells’ series on the California Consumer Privacy Act. What personal information do you have about California consumers and households? The California Consumer Privacy Act of 2018 (“CCPA”) provides a series of new compliance obligations and operational challenges for companies doing business in California. A vital first step for any company subject to the CCPA and looking to forge a practical path forward is to inventory the personal information (“PI”) that the company collects, stores, and shares with others. As part of our ongoing
Groundbreaking. Watershed. Unprecedented. We have heard the California Consumer Privacy Act of 2018 (CCPA) called all these things and more since its enactment on June 28, 2018. Our experience to date has confirmed the compliance challenge ahead for organizations that engage with the residents of the world’s fifth-largest economy. We will explore the ramifications for businesses of this seminal legislation in this multi-part series, The Challenge Ahead, authored by members of Hogan Lovells’ CCPA team. Each post will provide analysis of key legal issues implicated by the CCPA along with practical takeaways.