Archives: Regulatory

Subscribe to Regulatory RSS Feed

The UK FCA Publish Discussion Paper on Distributed Ledger Technology

The UK FCA Publish Discussion Paper on Distributed Ledger Technology Regulators globally are focused on understanding industry consumers’ views on distributed ledger technology’s (DLT) potential risks and opportunities. On 10 April 2017, the UK Financial Conduct Authority (FCA) published a discussion paper DP17/3 on DLT, and followed it with a speech at the Innovate Finance … Continue Reading

Launching New Multistate Assessment Tool for Data Breach Notification Obligations

Nearly every state in the United States requires notification when certain personal information is lost, stolen, or misused. However, the many state laws vary in subtle but crucial respects, making it difficult to get to a bottom line quickly. Reed Smith’s Information Technology, Privacy & Data Security practice is thrilled to release a first-of-its-kind tool … Continue Reading

Impact of online sales restrictions on EU and German competition enforcement

In the course of its E-commerce Sector Inquiry (Sector Inquiry) launched in May 2015, the European Commission gained an insight into the standard business practices engaged in by producers of consumer goods when distributing their products online. The Sector Inquiry, which formed part of the Commission’s wider Digital Single Market Strategy, was recently completed, with … Continue Reading

European Commission Fines Facebook US$122 Million for Providing Inaccurate Information in WhatsApp Merger Review

The European Commission has imposed a fine of EUR110 million (US$122 million) on Facebook for providing misleading or incorrect information to the European Commission when it filed the acquisition of WhatsApp for merger approval in 2014. In the notification, Facebook stated that it would be unable to establish a reliable automated matching between Facebook users’ … Continue Reading

Importance of State AGs in Privacy in the United States – Interview of CT AG George Jepsen by Professor Danielle Citron at IAPP Privacy Bar Section Forum

Notwithstanding potential changes to privacy regulation at the federal level, state attorneys general (AGs) will continue to be robust and influential privacy policymakers and enforcers in the United States – that was the key takeaway of an interview by University of Maryland Law Professor Danielle Citron of Connecticut Attorney General George Jepsen at the IAPP … Continue Reading

Data Privacy and Security Legal Reform, and Plaintiffs’ Bar White Paper the Focus of IAPP Panel

A panel on legal reform in the area of privacy and data security at this week’s IAPP Summit provided an opportunity for a discussion between businesses and regulators, as well as for the launch of a white paper on the activities of the plaintiffs’ bar in this area that Reed Smith prepared for the U.S. … Continue Reading

Germany’s approach against criminal content on social networks faces resistance by stakeholders

On 5 April 2017, the German Federal Minister of Justice’s new bill aimed at improving enforcement of rights in social networks (Entwurf eines Gesetzes zur Verbesserung der Rechtsdurchsetzung in sozialen Netzwerken; Netzwerkdurchsetzungsgesetz – NetzDG, the Bill; see our previous blog) has, in a slightly revised version, been adopted by the Federal Cabinet (Bundeskabinett) and is now … Continue Reading

State Attorneys General Gather to Discuss Privacy Enforcement

A panel at a meeting of the National Association of Attorneys General highlighted data breaches and privacy in the context of new technology, signalling that state regulators are focused on consumer protection in this area. The panel at the Southern Regional Meeting in Charlottesville on April 4 was devoted to emerging technologies, privacy concerns, and … Continue Reading

Recent Open Meeting Foreshadows FCC Commissioners’ Views if ACA Decision Is Remanded

As the cherry blossoms prepare to bloom in Washington, D.C., our thoughts turn toward wondering when the D.C. Circuit will hand down its ruling in ACA International, et al v. FCC (Case No. 15-1211). This case, you will recall, is the consolidation of a number of appeals challenging the July 10, 2015, Order in which … Continue Reading

German Federal Minister of Justice introduces new bill against criminal content on social networks

On 14 March 2017, the German Federal Minister of Justice, Heiko Maas, announced a new bill aimed at improving the application of the law to social networks (Entwurf eines Gesetzes zur Verbesserung der Rechtsdurchsetzung in sozialen Netzwerken; Netzwerkdurchsetzungsgesetz – NetzDG, the Bill). The Bill strengthens the rights of individuals who are affected by ‘hate speech’ … Continue Reading

FTC’s FinTech Forum continues focus on emerging technologies including AI and Blockchain Technologies

The Federal Trade Commission continues its efforts to be the leading federal regulator in the areas of privacy and data security.  Its latest FinTech Forum highlights emerging issues relating to blockchain, machine learning, and related tools that increasingly influence how sensitive information about consumers is collected, used, shared and secured.  These programs help inform the … Continue Reading

Vizio Settlement with FTC May Signal Future Direction of Agency Enforcement

The Federal Trade Commission’s recent settlement with VIZIO, Inc., may have created a new definition of “sensitive information” that includes viewing data, but the opinion of Acting Chairperson Maureen Ohlhausen may provide further insight on how the agency will act under the new administration. On February 6, the FTC settled charges with VIZIO, one of the … Continue Reading

OMB Federal Agency Data Breach Guidelines – Considerations for Industry

Earlier in February, the Executive Office of Management and Budget (“OMB”) issued Memorandum M-17-12 to federal agencies to set out guidelines and procedures for preparing for or responding to a breach involving the release of personally identifiable information (“PII”). The OMB’s suggested framework specifically aims to “[assess] and mitigate the risk of harm to individuals … Continue Reading

NIS Directive to be implemented in UK despite Brexit

In January, the UK government confirmed that it will be implementing the EU’s Network and Information Security Directive (NIS Directive) regardless of Brexit. EU countries have until 9 May 2018 to implement the Directive into their national laws. Given Brexit, the UK government confirmed in its Cyber Security Regulation and Incentives Review that details of the … Continue Reading

“Do as I say, not as I do”: A business specialising in blocking unsolicited marketing calls is fined for making unsolicited marketing calls

“Do as I say, not as I do” It is difficult to miss the irony of the ICO’s first-awarded fine for nuisance calls since taking over the Telephone Preference Service (TPS), as reported in our earlier blog in December. IT Protect Ltd., a Bognor Regis firm in the business of selling a call-blocking device that … Continue Reading

EU Commission publishes its proposals for new e-Privacy Regulation

On 10 January, the EU Commission proposed a new Regulation on Privacy and Electronic Communications (“proposed Regulation”) to replace Directive 2002/58 (known as the “ePrivacy Directive”). The proposed Regulation The proposed Regulation aims to align the rules that apply to electronic communications services with the forthcoming General Data Protection Regulation (GDPR).… Continue Reading

NIST Publishes Introduction to Privacy Engineering and Risk Management to Assist Agencies and Organizations in Designing Privacy-Compliant Systems

On January 4, 2017, the National Institute of Standards and Technology (“NIST”) published the final version of NIST IR 8062 “An Introduction to Privacy Engineering and Risk management in Federal Systems.”  The report introduces the concept of applying systems engineering practices to privacy and provides a new model for conducting privacy risk assessments on systems. … Continue Reading

FDA Releases Guidance on Cybersecurity and Medical Devices

The FDA represents the latest federal agency to show a focus on cybersecurity issues with the release December 28 of new guidance. While the prospect of network-enabled medical devices increasingly offers the promise of improved care and patient treatment, evolving technology and new-found connectivity present emerging security considerations as well. The Food and Drug Administration … Continue Reading

ICO to assume Telephone Preference Service responsibility

Effective 30 December 2016, the Information Commissioner’s Office (‘ICO’) will be responsible for recording and maintaining the Telephone Preference Service (‘TPS’) register. The TPS is a free service offered to the public, which records a list of those individuals who have expressly opted out of receiving direct marketing materials. Marketers and other organisations (including charities, … Continue Reading

New California AG Appointed with Possibilities for Privacy Enforcement

With the election of current California Attorney General Kamala Harris to the U.S. Senate, Governor Jerry Brown was tasked with appointing her replacement. On December 1, he announced that his pick is U.S. Representative Xavier Becerra, head of the House Democratic caucus. Becerra was first elected to the House in 1992 and has also served … Continue Reading

Preparing for the GDPR: what you need to know

Data protection procedures will require an overhaul for any company that offers goods and services, or tracks individuals, in the EU under the European General Data Protection Regulation (GDPR) to take effect from 25 May 2018. Given the changes in compliance requirements that the GDPR entails, it is vital that you use 2017 to audit … Continue Reading
LexBlog