On March 12, 2021, the French Council of State (Conseil d’Etat), the highest French administrative court, handed down a ruling (ordonnance des référés) allowing Doctolib, a company in charge of booking COVID-19 vaccination appointments, to rely on a U.S.-based health data host. In the present case, the servers of Doctolib – whose platform had been … Continue Reading
The German Federal Cabinet adopted the Telecommunications and Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz – TTDSG, available here) on February 10, 2021. The TTDSG, among other things, provides new rules on cookies and similar technologies (Cookies), introducing only two categories of Cookies: (1) strictly necessary Cookies and (2) consent-based Cookies. The legal basis of legitimate interests … Continue Reading
In this episode, Sarah Bruno and LiLing Poh discuss recent trends as organizations invest more in technology through the acquisition of new platforms or programs, or by working with a vendor to bring a product to market. Exploring a case study involving a global pharmaceutical company on the rollout of a health-related digital app, they … Continue Reading
The Virginia legislature, which adjourned its annual legislative session last week, passed the second state-level consumer data privacy law in the nation. The Virginia Consumer Data Protection Act (CDPA) was signed into law by Virginia Governor Ralph Northam on March 2, 2021, and will go into effect January 1, 2023. Virginia joins California as the … Continue Reading
The Winter 2021 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released: English version German version In this edition we cover the following topics: Strengthening fair competition – changes to the law against unfair competition Cologne Regional Court on the broad concept of the right to access … Continue Reading
Virginia’s governor, Ralph Northam, signed the Virginia Consumer Data Protection Act (CDPA) into law on March 2, 2021. The CDPA is set to take effect on January 1, 2023, and is the second most comprehensive consumer privacy law to be enacted in the United States behind the California Consumer Privacy Act (CCPA), recently amended by … Continue Reading
When the Maryland General Assembly overrode a gubernatorial veto on Friday, February 12, 2021, it became the first state in the U.S. to place a tax on digital advertising services. Much remains to be seen as both chambers of Maryland’s General Assembly consider amendments to the new law and challenges make their way through the … Continue Reading
In a recent Q&A with Tennessee Attorney General (AG) Herbert Slatery, the eight-year term AG discusses how he makes consumer protection, including privacy and cybersecurity issues, a top priority for Tennessee citizens and businesses. AG Slatery shares his thoughts on privacy on a multi-state state level, the prospect of standards of enforcement for technology companies, … Continue Reading
The Singapore government introduced a bill into parliament to amend the Electronic Transactions Act (ETA) (Cap. 88) (ETA) on January 4, 2021. The amendments set out in the Electronic Transactions (Amendment) Bill will be of relevance to the trade and commodities finance and fintech sectors as their primary object is to achieve recognition and equivalence … Continue Reading
In a recent Q&A with Colorado Attorney General (AG) Phil Weiser, the first term AG discusses how he makes data privacy and cybersecurity accessible and interesting to his Colorado constituents. AG Weiser also explains the role of Colorado’s interdisciplinary Data Privacy and Security Impact Team and how its implementation has benefitted the state. Lastly, AG … Continue Reading
The Fall 2020 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released: English version German version In this edition we cover the following topics: 1. Data transfers following Schrems II 2. German Supreme Court: Relationship between the GDPR and the German Act on the Protection of Copyrights … Continue Reading
The protection afforded by attorney-client privilege brings about a candid conversation between lawyers and clients. Privilege can attach to communications covering a variety of topics, from responding to a data subject access request (DSAR) to handling a security incident or managing complex and time consuming investigations on a multinational scale. Different privilege rules may apply … Continue Reading
The Interstate Treaty on Media (Medienstaatsvertrag – MStV) has finally been ratified by all 16 German federal states and can now enter into force. On 28 October 2020, the Parliament of Mecklenburg-Vorpommern – the last German federal state to ratify the MStV – adopted the Act ratifying the MStV. Ratification of the MStV by all … Continue Reading
In a recent Q&A with Nevada Attorney General (AG) Aaron Ford, the first term AG discusses Nevada’s new data privacy law (Senate Bill 220), which provides consumers with a right to opt out of the sale of their data. AG Ford also outlines his perspective on federal privacy law and his office’s data breach enforcement … Continue Reading
On September 9, Senator Reuven Carlyle (D-WA) presented an updated draft of the Washington Privacy Act (WPA), suggesting that the WPA will be up for consideration in Washington State’s 2021 legislative session. The next legislative session is scheduled to convene on January 11, 2021, at which point the fate of the WPA will again be in the … Continue Reading
The Personal Data Protection (Amendment) Bill (Bill) was introduced and read for the first time in Parliament on October 5, 2020 The Bill proposes significant changes to Singapore’s Personal Data Protection Act 2012 (PDPA). The amendments seek to keep Singapore’s data protection laws up to date with evolving technology developments, as well as global regulatory … Continue Reading
The German data protection authority of the federal state of Baden-Württemberg (LfDI BW) has issued detailed guidance (Guidance) on international data transfers this August and September. This is the first official guidance by a data protection authority following the decision of the Court of Justice of the European Union (CJEU) in the Schrems II case … Continue Reading
Smart contracts and digital assets are becoming increasingly common in a variety of industries. Nevertheless, is the law ready for them? Following the publication of the Legal statement on the status of cryptoassets and smart contracts by the LawTech Delivery Panel, the Law Commission has launched two projects to analyse how English law can be reformed … Continue Reading
On September 9, a federal judge in California dismissed claims brought by hiQ Labs, Inc. (hiQ) against LinkedIn Corp. (LinkedIn) that alleged that LinkedIn’s attempts to prevent hiQ from accessing public information on its website violated various antitrust laws. In an opinion that will continue to fuel debate over the relationship between antitrust and privacy, … Continue Reading
In a recent Q&A with Illinois Attorney General Kwame Raoul, the first term AG discusses potential changes to data breach laws in Illinois and whether his state could implement a privacy statue similar to the California Consumer Privacy Act (CCPA), the effectiveness of federal data breach legislation, and reasonable steps that businesses could take to … Continue Reading
The Dubai International Financial Centre (DIFC) enacted the DIFC Data Protection Law No. 5 of 2020 (the DP Law) July 1, 2020. The DP Law has been designed primarily to bring DIFC’s data protection legal regime in line with international best practices in data privacy laws, in particular the General Data Protection Regulation (GDPR), which … Continue Reading
An Economic Operator Registration and Identification (EORI) number, which is used to identify each economic operator in relation to its dealings with EU Customs authorities, will become mandatory for the filing, modification and extension of applications for action, which allow Customs authorities to enforce the customs surveillance of intellectual property rights within the EU on … Continue Reading
FRAND issues are at the heart of the most significant patent cases in Europe (in the UK, Germany and France – please see our previous alert here). After the Nokia vs Daimler decision last week by the Mannheim Court, and decision handed down in Sisvel v. Haier earlier in May by the German Supreme Court, … Continue Reading
Michael R. Pompeo, the U.S. Secretary of State, announced the “Clean Network Program” which aims to ban the so-called “untrusted” carriers, applications, mobile application stores, cloud service providers, operators of undersea cables connecting the United States and the global internet on August 5, 2020. Companies that are involved in these businesses, or entities that transact … Continue Reading
