Archives: Regulatory

Subscribe to Regulatory RSS Feed

A summary of the proposed European regulation on digital operational resilience

The European Commission is considering amending the existing rules for the financial sector regarding digital operational resilience, with a view to unifying and strengthening the legal framework in this area. The proposed change to legislation would amend the existing Network and Information Security (NIS) Directive and create a new regulation on digital operational resilience, known … Continue Reading

A summary of the obligations, scope and effect of the proposed European regulation on artificial intelligence

On April 21, 2021, a draft proposed European regulation on artificial intelligence (AI) (Regulation) was released following the European Commission’s white paper “On Artificial Intelligence – A European approach to excellence and trust”, published in February 2020. The regulation shows that the European Union is seeking to establish a legal framework for AI by laying … Continue Reading

FTC loses powerful enforcement tool in consumer protection and antitrust matters due to Supreme Court decision

In a ruling on April 22, 2021, the United States Supreme Court unanimously held that § 13(b) of the Federal Trade Commission Act (the Act) does not authorize the Federal Trade Commission (FTC) to seek, or a court to award, equitable monetary relief such as restitution or disgorgement. The FTC previously used § 13(b) as a … Continue Reading

Connecticut AG William Tong shared compliance insight on data privacy-related matters

In a recent Q&A conducted by Divonne Smoyer and Karen Lee Lust with Connecticut Attorney General (AG) William Tong published in the IAPP Privacy Advisor, the AG discusses how he has continued Connecticut’s role as a privacy leader among the states, partnering with the U.S. Federal Trade Commission on data privacy-related matters and other compliance … Continue Reading

Proposed rule would impose new notification requirements on banks and their service providers when a cybersecurity incident occurs

A new proposed federal rule, “Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers,” could impose accelerated notification requirements on banking organizations and their service providers when notification incidents (as defined in the proposed rule) occur. The Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal … Continue Reading

Final rules on the new operational resilience framework published by the FCA and PRA

On March 29, 2021, the Financial Conduct Authority (FCA) published final rules that will create a new operational resilience framework for banks, building societies, solvency II firms, recognized investment exchanges, enhanced scope senior managers and certification regime firms, and those authorized or registered under the Payment Services Regulations 2017 or Electronic Money Regulations 2011. The … Continue Reading

Aftermath of Schrems II decision in France: The French Council of State provides significant clarification on the U.S. based data host to provide services in the French health care sector

On March 12, 2021, the French Council of State (Conseil d’Etat), the highest French administrative court, handed down a ruling (ordonnance des référés) allowing Doctolib, a company in charge of booking COVID-19 vaccination appointments, to rely on a U.S.-based health data host. In the present case, the servers of Doctolib – whose platform had been … Continue Reading

A new recipe for Cookies – The new German Telecommunications and Telemedia Data Protection Act

The German Federal Cabinet adopted the Telecommunications and Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz – TTDSG, available here) on February 10, 2021. The TTDSG, among other things, provides new rules on cookies and similar technologies (Cookies), introducing only two categories of Cookies: (1) strictly necessary Cookies and (2) consent-based Cookies. The legal basis of legitimate interests … Continue Reading

Tech Law Talks: Technology transactions trends in 2021

In this episode, Sarah Bruno and LiLing Poh discuss recent trends as organizations invest more in technology through the acquisition of new platforms or programs, or by working with a vendor to bring a product to market. Exploring a case study involving a global pharmaceutical company on the rollout of a health-related digital app, they … Continue Reading

Keep an eye on the Commonwealth: Virginia passes comprehensive data privacy law, empowers Attorney General as chief enforcer

The Virginia legislature, which adjourned its annual legislative session last week, passed the second state-level consumer data privacy law in the nation. The Virginia Consumer Data Protection Act (CDPA) was signed into law by Virginia Governor Ralph Northam on March 2, 2021, and will go into effect January 1, 2023. Virginia joins California as the … Continue Reading

Get your Update on IT & Data Protection Law in our Newsletter (Winter 2021 Edition)

The Winter 2021 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released: English version German version In this edition we cover the following topics: Strengthening fair competition – changes to the law against unfair competition Cologne Regional Court on the broad concept of the right to access … Continue Reading

Nation’s second comprehensive consumer data privacy law enacted in Virginia

Virginia’s governor, Ralph Northam, signed the Virginia Consumer Data Protection Act (CDPA) into law on March 2, 2021. The CDPA is set to take effect on January 1, 2023, and is the second most comprehensive consumer privacy law to be enacted in the United States behind the California Consumer Privacy Act (CCPA), recently amended by … Continue Reading

The Maryland digital advertising tax and what it means for you

When the Maryland General Assembly overrode a gubernatorial veto on Friday, February 12, 2021, it became the first state in the U.S. to place a tax on digital advertising services. Much remains to be seen as both chambers of Maryland’s General Assembly consider amendments to the new law and challenges make their way through the … Continue Reading

Tenn. Attorney General Slatery on state and federal consumer privacy in 2021 and beyond

In a recent Q&A with Tennessee Attorney General (AG) Herbert Slatery, the eight-year term AG discusses how he makes consumer protection, including privacy and cybersecurity issues, a top priority for Tennessee citizens and businesses. AG Slatery shares his thoughts on privacy on a multi-state state level, the prospect of standards of enforcement for technology companies, … Continue Reading

Amendments to the Electronic Transactions Act offer new opportunities for trade and commodities finance and fintechs in Singapore

The Singapore government introduced a bill into parliament to amend the Electronic Transactions Act (ETA) (Cap. 88) (ETA) on January 4, 2021. The amendments set out in the Electronic Transactions (Amendment) Bill will be of relevance to the trade and commodities finance and fintech sectors as their primary object is to achieve recognition and equivalence … Continue Reading

A discussion with Colorado Attorney General Phil Weiser on Colorado’s data privacy law and consumer protection

In a recent Q&A with Colorado Attorney General (AG) Phil Weiser, the first term AG discusses how he makes data privacy and cybersecurity accessible and interesting to his Colorado constituents. AG Weiser also explains the role of Colorado’s interdisciplinary Data Privacy and Security Impact Team and how its implementation has benefitted the state. Lastly, AG … Continue Reading

Get your Update on IT & Data Protection Law in our Newsletter (Fall 2020 Edition)

The Fall 2020 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released: English version German version In this edition we cover the following topics: 1. Data transfers following Schrems II 2. German Supreme Court: Relationship between the GDPR and the German Act on the Protection of Copyrights … Continue Reading

Comparing legal privilege when dealing with privacy issues in England and Wales and the United States

The protection afforded by attorney-client privilege brings about a candid conversation between lawyers and clients. Privilege can attach to communications covering a variety of topics, from responding to a data subject access request (DSAR) to handling a security incident or managing complex and time consuming investigations on a multinational scale. Different privilege rules may apply … Continue Reading

Germany’s next steps in digitization: Finally, the new Interstate Treaty on Media has been ratified by all German federal states

The Interstate Treaty on Media (Medienstaatsvertrag – MStV) has finally been ratified by all 16 German federal states and can now enter into force. On 28 October 2020, the Parliament of Mecklenburg-Vorpommern – the last German federal state to ratify the MStV – adopted the Act ratifying the MStV. Ratification of the MStV by all … Continue Reading

Nevada Attorney General Aaron Ford talks to Reed Smith about Nevada’s new data privacy law, consumer protection, and data breaches

In a recent Q&A with Nevada Attorney General (AG) Aaron Ford, the first term AG discusses Nevada’s new data privacy law (Senate Bill 220), which provides consumers with a right to opt out of the sale of their data. AG Ford also outlines his perspective on federal privacy law and his office’s data breach enforcement … Continue Reading

Is the third time the charm for the Washington Privacy Act?

On September 9, Senator Reuven Carlyle (D-WA) presented an updated draft of the Washington Privacy Act (WPA), suggesting that the WPA will be up for consideration in Washington State’s 2021 legislative session. The next legislative session is scheduled to convene on January 11, 2021, at which point the fate of the WPA will again be in the … Continue Reading

Singapore’s amended Personal Data Protection Act to come into force before year end

The Personal Data Protection (Amendment) Bill (Bill) was introduced and read for the first time in Parliament on October 5, 2020 The Bill proposes significant changes to Singapore’s Personal Data Protection Act 2012 (PDPA). The amendments seek to keep Singapore’s data protection laws up to date with evolving technology developments, as well as global regulatory … Continue Reading

First official guidance on international data transfers post Schrems II – German data protection authority publishes checklist and action items on international data transfers

The German data protection authority of the federal state of Baden-Württemberg (LfDI BW) has issued detailed guidance (Guidance) on international data transfers this August and September. This is the first official guidance by a data protection authority following the decision of the Court of Justice of the European Union (CJEU) in the Schrems II case … Continue Reading

The Law Commission is looking at smart contracts and digital assets: Is the law ready?

Smart contracts and digital assets are becoming increasingly common in a variety of industries. Nevertheless, is the law ready for them? Following the publication of the Legal statement on the status of cryptoassets and smart contracts by the LawTech Delivery Panel, the Law Commission has launched two projects to analyse how English law can be reformed … Continue Reading
LexBlog