Archives: Regulatory

Subscribe to Regulatory RSS Feed

Protection of children’s online space: ICO issues code of practice on age-appropriate design

The UK Information Commissioner’s Office (ICO) issued a consultation on a draft code of practice for designing age-appropriate access for children accessing online products and services provided by information society services (ISS). The consultation closes on 31 May 2019. The draft code sets out principles for any online service accessed by children under the age … Continue Reading

Council of Europe issues recommendation on processing health-related data

The Council of Europe (CoE) recently issued its recommendation to member states on the protection of health-related data (Recommendation). The Recommendation guides member states to ensure that their law and practice reflect the principles of processing health-related data. The recommendations stem from Convention 108 which was the first international treaty in the field of data … Continue Reading

Germany finally implements the Trade Secrets Directive!

With Germany finally implementing the Trade Secrets Directive into their national law, know-how theft cases are becoming more frequent.  Whilst questions have been raised around adequate protection for whistle blowers and journalists, many see the new laws as a positive move towards better know-how protection in Germany. For more information, and to read Frankfurt IP … Continue Reading

New SEC guidance provides some clarity for digital asset issuers

On April 3, 2019, the U.S. Securities and Exchange Commission (SEC) took their first step towards providing greater clarity on the key question of how to evaluate whether transactions involving issuance or sales of digital tokens are sales of securities subject to U.S. securities laws and regulations. The guidance was released in two parts: First, … Continue Reading

Cooperation and consistency? Nine months in, the EDPB reflects on GDPR

The European Data Protection Board (EDPB) has published a report (Report) assessing the implementation and enforcement of the General Data Protection Regulation (EU) 2016/679 (GDPR). The Report focusses on how the cooperation and consistency mechanisms are being used by EU supervisory authorities (SAs). Cooperation mechanism Where cases involve cross-border processing, SAs cooperate through: Mutual assistance; … Continue Reading

ENISA tackles AI head on

The European Union Agency for Network and Information Security (ENISA) recently published its report on ‘Security and privacy considerations in autonomous agents’. Artificial intelligence (AI) and complex algorithms offer unlimited opportunities for innovation and interaction, but they also bring a number of challenges that should be addressed by future policy frameworks at the EU level – … Continue Reading

European Banking Authority issues revised Guidelines on Outsourcing arrangements

The European Banking Authority (EBA) issued its revised Guidelines on Outsourcing arrangements (Guidelines) at the end of Feb 2019. The revised guidelines are the first wholesale update since 2006 when the guidelines applied exclusively to credit institutions. They now apply to a broader range of in-scope financial institutions (FIs). To review the full article on … Continue Reading

Is the Dutch GDPR fining matrix setting the tone for the ICO’s future fining policy?

The Dutch Data Protection Authority (DPA) released its GDPR fining policy on 14 March 2019, becoming the first EU Member State supervisory authority to set out a structure for calculating administrative fines for failing to comply with the GDPR. Four categories of fines plus an aggravating category The legal maximum monetary fine that can be … Continue Reading

TCPA violations of debt collectors could make the loan owner liable

The Ninth U.S. Circuit Court of Appeals majority opinion, reversed the grant of summary by the District Court that a loan owner could be liable for its debt collectors’ tactics that violate the TCPA, effectively closing the window on creditors using a No Vicarious Liability defense for claims arising from its debt collectors. The dissent … Continue Reading

Singapore introduces new law to combat the spread of fake news

On 1 April 2019, the Protection from Online Falsehoods and Manipulation Bill was tabled in Singapore’s Parliament. The bill aims to stem the communication of false statements of fact, enable the detection and control of information manipulation, and promote the transparency of online political advertisements. Any person or organisation that spreads online falsehoods with malicious … Continue Reading

Involved in AI? The ICO wants to hear from you.

The Information Commissioner’s Office (ICO) is inviting organisations to help develop a framework for future auditing of artificial intelligence (AI). A team from the ICO’s Technology Policy and Innovation Directorate will develop the framework. The framework is intended to help regulators ensure AI applications are transparent, fair and appropriately risk assessed. As well as the … Continue Reading

In privacy we (anti)trust: Regulators worldwide consider competition law as tool for consumer protection

On February 26, 2019, the Federal Trade Commission’s (FTC) Bureau of Competition announced a new Technology Task Force, which will monitor anticompetitive conduct in U.S. technology markets “to ensure consumers benefit from free and fair competition.” With the consumer protection agency already a chief arbiter of privacy enforcement in the tech sector, the new task … Continue Reading

State Attorneys General and the data economy: lead, protect, enforce

With the passage of the California Consumer Privacy Act but no clear federal consumer privacy law on the imminent horizon, state Attorneys General (AGs) continue to investigate and analyze how best to protect their consumers. To further that goal, the National Association of Attorneys General hosted a panel entitled Emerging Issues in the Data Economy … Continue Reading

Regulating digital services – UK parliament weighs in

The Select Committee on Communications of the House of Lords (Committee) published a report discussing UK regulation of ‘digital services facilitated by the internet’. We summarise some of the key recommendations of the report, which was published on 9 March 2019: 1. A central regulatory body called the Digital Authority should be set up to … Continue Reading

FCA and ICO strengthen cooperation in renewed memorandum of understanding

On 18 February 2019, the Information Commissioner’s Office (ICO) and the Financial Conduct Authority (FCA) updated their Memorandum of Understanding (MoU) with an aim to reinforce and develop their cooperation, collaboration, and information and intelligence sharing. Cooperation and information sharing The ICO and FCA have set out what matters they will communicate with each other … Continue Reading

Court changes course in enforcement action against cryptocurrency company

The United States District Court for the Southern District of California recently changed course in an enforcement action brought by the U.S. Securities and Exchange Commission (SEC) against cryptocurrency company Blockvest, LLC and its founder. In doing so, the court granted the SEC’s request to preliminarily enjoin the defendants from violating the securities laws and … Continue Reading

German Interstate Treaty on Gambling under revision: Additional sports betting licenses may be available soon

Recently, a draft for the 3rd Amendment to the German Interstate Treaty on Gambling (Staatsvertrag zum Glücksspielwesen in Deutschland – “GlueStV”) has been published (“3rd Amendment”). The draft for the 3rd Amendment is available in German here. Proposed changes under the draft for the 3rd Amendment The key changes under the proposed 3rd Amendment are … Continue Reading

New guidelines for building management corporations in Singapore

On 11 March 2019, the Personal Data Protection Commission of Singapore (PDPC) issued a set of advisory guidelines for management corporations of strata title plans (MCSTs), which were developed in consultation with Singapore’s Building and Construction Authority. The guidelines provide guidance to MCSTs on complying with Singapore’s Personal Data Protection Act (PDPA), and some key … Continue Reading

Preemption, enforcement and consumer choice, oh my! The House and Senate explore a federal privacy law

On February 26 and 27, 2019, the House Subcommittee on Consumer Protection and Commerce, and the Senate Committee on Commerce, Science, and Transportation, respectively, held hearings to explore the potential passage of a national privacy law. In both houses, members of Congress and the panelists agreed that the federal government should enact legislation to protect … Continue Reading

EU agrees to new rules that ensure transparency and fairness for trading practices on online platforms

On February 14, 2019 the European Commission, European Parliament and Council of the European Union agreed to implement new rules designed to ensure a fair, transparent and predictable business environment to the benefit of both end consumers and entrepreneurs using third-party online platforms for their business. The Council and European Parliament will adopt these new … Continue Reading

Misappropriation of trade secrets in Germany – the recent Supreme Court decision

Germany is a leading jurisdiction for patent litigation, yet it is still not popular for those bringing trade secrets disputes. Frankfurt partner Dr Anette Gärtner has published a case comment, “German Federal Supreme Court: Hohlfasermembranspinnanlage II — Enforcement of Claims for Misuse of Trade Secrets”, looking at the recent Supreme Court decision regarding the misappropriation … Continue Reading

California Attorney General proposes expanded CCPA Private Right of Action following State Assembly Hearing on possible 2019 amendments to the landmark privacy law

BREAKING: California Attorney General Xavier Becerra (AG) announced a proposed series of amendments to the California Consumer Privacy Act (CCPA) that would: Expand consumers’ private right of action to include all alleged violations of their rights under the CCPA; Eliminate businesses’ 30-day opportunity to “cure” alleged violations prior to being subject to civil enforcement by … Continue Reading

Singapore considers introduction of data portability

On 25 February 2019, Minister for Communications and Information announced that Singapore is considering, as part of an ongoing review of the Personal Data Protection Act (PDPA), introducing a data portability requirement that would confer greater control and rights by data subjects over the movement of their personal data across service providers. In connection with … Continue Reading

Risks and considerations when storing crypto-assets

Following the sudden death of its co-founder and CEO, Gerald Cotten, in December 2018, Quadriga, Canada’s largest cryptocurrency exchange, is unable to gain access to about $145 million of bitcoin and other digital assets. Quadriga reports that Cotton stored the digital assets in a “cold wallet” on his encrypted laptop and repeated attempts by his … Continue Reading
LexBlog