The UK Department for Culture, Media and Sport published draft Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 (Draft Security Regulations). These regulations fall under the Product Security and Telecommunications Infrastructure Act 2022 (PSTIA) which come into effect on 29 April 2024 and which you can read about in our earlier blog. Part 1 of the PSTIA establishes a regulatory framework that imposes security requirements on manufacturers, importers, and distributors of these products. The Draft Security Regulations outline the specific security requirements for manufacturers.Continue Reading Navigating the Path to Compliance: Takeaways from the New Draft Security Regulations for Connected Devices
From Smartphones to Alarm Systems: UK Mandates Minimum Security for Connected Devices
The UK’s new Product Security and Telecommunications Infrastructure Act 2022 will take effect on 29 April 2024, and will require manufacturers to implement minimum-security standards on all consumer products with internet or network connectivity, such as smartphones, smart meters, CCTV cameras, smart speakers, games consoles, smart doorbells, and medical devices and wearables before they can be made available for purchase.Continue Reading From Smartphones to Alarm Systems: UK Mandates Minimum Security for Connected Devices
Countdown to compliance: The DMA to apply to digital gatekeepers from May 2, 2023
Digital Markets Act: Developments since its proposal
Following the European Commission’s initial proposal of the Digital Markets Act (DMA) in December 2020, its adoption by the European Parliament in March 2022 and the entry into force on November 1, 2022, the DMA will finally apply from May 2, 2023. The DMA contains a list of obligations and prohibitions, subject to fines, that core platform services (CPS) provided by so-called gatekeepers must comply with in their daily operations. CPS should therefore be assessed at an early stage regarding whether or not they fall within the scope of regulation of the DMA.
As is set out in the following, the DMA poses significant business challenges for (potential)
gatekeepers, which should be addressed in a legally sound, comprehensive and systematic manner in order to prevent disruptions to the relevant businesses. Continue Reading Countdown to compliance: The DMA to apply to digital gatekeepers from May 2, 2023
Takeaways from ICO’s “Privacy in the product design lifecycle” guidance
On 13 March 2023, the Information Commissioner’s Office (‘ICO’) published new guidance, ‘Privacy in the product design lifecycle’, to help technology professionals, such as UX designers, product managers and software engineers, keep data protection considerations at the forefront of their products and services. The guidance describes how to tackle privacy issues arising at each stage of the design and development process, as summarised below.Continue Reading Takeaways from ICO’s “Privacy in the product design lifecycle” guidance
Get your update on IT & data protection law in our newsletter (Winter 2023 edition)
The winter 2023 edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:
German versionContinue Reading Get your update on IT & data protection law in our newsletter (Winter 2023 edition)
Get your Update on IT & Data Protection Law in our Newsletter (Fall 2022 Edition)
The Fall 2022 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:
English version
German versionContinue Reading Get your Update on IT & Data Protection Law in our Newsletter (Fall 2022 Edition)
The CMA’s shares its thoughts on a ‘pro-innovation’ approach to regulating artificial intelligence
The Competition & Markets Authority (‘CMA’) published its response to the Department for Digital, Culture, Media & Sport (‘DCMS’) policy paper on establishing a pro-innovation approach to regulating artificial intelligence (AI) on 29 September 2022. This is in parallel with the coming into force of the new National Security & Investment Act 2021, under which the UK government is scrutinising transactions that use AI to produce goods, services and technology with the potential to track individuals, objects and events.
In its response, the CMA commented on the need to (i) adopt a risk based approach to the regulation of AI, (ii) consider whether existing regulatory powers are appropriate, and (iii) encourage collaboration between regulators.Continue Reading The CMA’s shares its thoughts on a ‘pro-innovation’ approach to regulating artificial intelligence
EU Commission proposes Cyber Resilience Act to bolster the EU’s cyber security rules.
The European Commission published a proposal for a Cyber Resilience Act on 15 September 2022 (the ‘Regulation’), which aims to:
- ensure that cyber security is considered during the development of hardware and software products and is continuously improved throughout that product’s life cycle; and
- improve transparency so that users can take cybersecurity into account when selecting and using a product with digital elements.
UK Financial Services and Markets Bill – what it means to technology providers and users in the financial services sector
The UK Financial Services and Markets Bill (“FSMB”) and the accompanying explanatory notes were published on 20 July. The FSMB signals upcoming reforms to the regulatory landscape in the UK financial services sector, including issues and challenges brought about by the adoption of technologies and digital assets.Continue Reading UK Financial Services and Markets Bill – what it means to technology providers and users in the financial services sector
Get your Update on IT & Data Protection Law in our Newsletter (Summer 2022 Edition)
The Summer 2022 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:
German versionContinue Reading Get your Update on IT & Data Protection Law in our Newsletter (Summer 2022 Edition)