Tag Archives: regulation

The new China cybersecurity inspection regulation broadens PSB authority

China’s new “Regulation on the Internet Security Supervision and Inspection by Public Security Organs” went into effect on November 1, 2018. It is the latest regulation passed by China’s Ministry of Public Security that executes China’s Cybersecurity Law, which took effect in June of last year. The regulation gives China’s Public Security Bureaus (PSBs) broad … Continue Reading

The dawn of crypto-asset regulation

Last month (September 2018), the House of Commons Treasury Committee issued a report on its inquiry into the regulation of crypto-assets. The inquiry examined, amongst other subjects, the role of digital currencies in the UK; the impact of distributed ledger (blockchain) technology; and how these should be regulated. The report recommends improvements to consumer and … Continue Reading

Proposal for a Regulation on the free flow of non-personal data in the EU

The European Commission has issued a proposal for a new Regulation on the free flow of non-personal data (“the Proposal”). Background The Commission adopted a Communication in January 2017 on “Building a European Data Economy”, in which its work on free flow of data was announced in the context of actions to enhance the data … Continue Reading

Implementing the GDPR: Reed Smith Webinar on Planning your Path to Compliance in 2017

We are hosting a webinar on January 30, 2017, to discuss the new obligations global organisations with interests in Europe will need to meet to comply with the GDPR. With just over 16 months to go until the Regulation will be enforced, it is vital that you understand the requirements and that you are able to … Continue Reading

New FAA Drone Rules

On June 21, 2016, the FAA issued its long-awaited regulations governing “Small Unmanned Aircraft,” or drone operation.  The regulations allow the use of drones weighing less than 55 pounds, traveling less than 100 mph groundspeed, and up to 400 feet above the ground, for a wide variety of purposes during daylight hours.  The regulations allow … Continue Reading

By jointly tackling Facebook, French regulators set an example to large international digital media companies – First prominent enforcement measure after the Safe Harbor invalidation

On February 8 and 9, 2016, the French Directorate-General for Competition, Consumer Affairs and Prevention of Fraud (the ‘DGCCRF’) and the French Data Protection Authority (the ‘CNIL’), through an obviously concerted action, have publicised regulatory enforcement measures they are undertaking against Facebook. The DGCCRF is requiring Facebook to re-write its Terms and Conditions on the … Continue Reading

New York Department of Financial Services Previews Upcoming Cybersecurity Regulations for Banks and Insurers

Anthony Albanese, the head of the New York Department of Financial Services, issued a letter to more than 20 federal and state regulators outlining proposed cybersecurity regulations for banks and insurance companies operating in New York. While the letter is a request for comment from fellow regulators, it represents a preview of several cybersecurity measures … Continue Reading

Regulations Released Implementing Malaysian Data Protection Act

This post was written by Cynthia O’Donoghue. The Minister of the Malaysian Communications and Multimedia Commission (the Minister) has announced by Gazette that Malaysia’s Personal Data Protection Act 2010 (the PDPA) will finally take effect as of 15 November 2013, introducing a privacy regime in Malaysia for the first time. To accompany this announcement, a … Continue Reading

UK ICO survey shows businesses unaware of data protection reform and its costs

The UK’s data protection authority, Information Commissioner’s Office (ICO), commissioned an independent survey investigating the understanding of the proposed EU data protection reform and associated costs. The survey involved 506 organisations, and one of the key findings is that as a general rule, businesses do not understand the implications of the proposed General Data Protection … Continue Reading

The first European Parliament vote on the new data protection regime will be delayed

This post was written by Cynthia O’Donoghue. The date of the first binding vote by the Civil Liberties, Justice and Home Affairs Committee (LIBE) on the proposed General Data Protection Regulation (Regulation), which was initially planned for April-May 2013, has been postponed a second time. During the meeting on May 6, LIBE decided to delay … Continue Reading

EU Presidency seeks political guidance on most contested aspects of the draft Data Protection Regulation

This post was written by Cynthia O’Donoghue. On 24 April 2013, the EU Presidency, currently held by Ireland, prepared a Note to the Committee of Permanent Representatives (COREPER) regarding the proposed General Data Protection Regulation (Regulation). The Note was leaked and published on Statewatch’s website. Statewatch is a civil liberties organisation. In the Note, the … Continue Reading

CNIL satisfied with draft European Parliament report on the new Data Protection Regulation

This post was written by Daniel Kadar. The French Data Protection Authority (DPA), the CNIL, has expressed its satisfaction on the draft report (the “draft Report”) released by the European Parliament on the new European Data Protection Regulation (the “Regulation”). One of the major points of concern for the CNIL was that the draft Regulation … Continue Reading

The Article 29 Working Party tackles the most contested elements of the new Data Protection Regulation

This post was written by Cynthia O’Donoghue. The Article 29 Working Party (“Art. 29 WP”), which has already released two opinions (WP191 and WP199) regarding the draft General Data Protection Regulation (“Regulation”), issued a statement and two accompanying annexes addressing some of the most heavily debated elements. This statement addresses relaxation of rules for the … Continue Reading

EU member states argue for watering down the proposed Data Protection Regulation

The proposed new EU General Data Protection Regulation may need to be watered down. The far-reaching proposed draft, which was published in January 2012, aims to unify and strengthen the data protection laws across the 27 EU countries. However, the Financial Times reports that a memo drafted by the Irish presidency admits that “several member … Continue Reading

European Parliament Committee on Industry, Research and Energy publish opinion on the proposed General Data Protection Regulation

This post was written by Cynthia O’Donoghue. Following the lead of the Committee on Civil Liberties, Justice and Home Affairs (LIBE), which already released its draft report (see our prior blog) 20 February, the European Parliament Committee on Industry, Research and Energy (ITRE Committee) published its Draft Opinion on the proposed General Data Protection Regulation. … Continue Reading

UK Information Commissioners Office presents article-by-article analysis of the proposed new General Data Protection Regulation

Following the publication of its “further thoughts” on the European Commission’s proposed new data protection framework, the ICO has now published an in-depth, article-by-article analysis of the proposed General Data Protection Regulation (the Regulation). The ICO pointed out that this is an important opportunity to get the framework correct, as it is likely to remain … Continue Reading

Rapporteur Jan Philipp Albrecht presents report on the European Commission’s proposed Data Protection Regulation

This post was written by Cynthia O’Donoghue. On January 10, 2013, Jan Philipp Albrecht, the rapporteur to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (“LIBE”), presented his draft report (the “Report”) proposing amendments to the European Commission’s proposed Data Protection Regulation (the “Proposed Regulation”). Albrecht’s amendments to what was already a … Continue Reading

Art. 29 Working Party seeks refined definition of ‘personal data’ in the proposed General Data Protection Regulation

This post was written by Cynthia O’Donoghue. In its second opinion on the proposed Data Protection Regulation, the Article 29 Working Party suggests that a natural person can be considered identifiable when, within a group of persons, he or she can be distinguished from other members of the group and consequently be treated differently. They … Continue Reading

Article 29 Working Party adopts a “general positive stance” in its Opinion on the new EU Data Privacy Regulation and Directive

This post was written by Cynthia O’Donoghue. In the Article 29 Working Party’s Opinion on the new EU data protection reforms, the Working Party has carefully studied both the Regulation and the Directive, and has given its first general reaction. The Working Party welcomed the provisions intended to clarify and strengthen the rights of individuals, including … Continue Reading

EU Working Party on Information Exchange and Data Protection gives its first consideration of the General Data Protection Regulation and Directive

This post was written by Cynthia O’Donoghue. On 23 and 24 February 2012, the General Secretariat to the EU presented the proposed Data Protection Regulation to the EU Working Party on Information Exchange and Data Protection (DAPIX), stating that the new proposals were motivated by the European Commission’s (EC) desire to stimulate growth across the … Continue Reading

U.S. lawyers urge courts to respect EU data privacy laws – ‘Hobson’s Choice’ just got harder!

This post was also written by Nick Tyler and Regis Stafford. The American Bar Association (ABA) this week passed an important resolution urging all courts in the U.S. to: “consider and respect…the data protection and privacy laws of any…foreign sovereign, and the interests of any person who is subject to, or benefits from such laws, with … Continue Reading

EU Commission sends draft EU General Data Protection Regulation and Directive on Criminal Investigations and Judicial Proceedings to the European Parliament

This post was written by Nick Tyler.  The European Commission today completed its task of reforming the EU Data Protection Directive by sending a draft Regulation to the European Parliament. The draft Regulation contains comprehensive reforms and seeks to harmonise data protection laws across the 27 EU Member States, and to enhance EU citizens’ privacy protections … Continue Reading

US wades into debate on revision to EU Data Protection Directive

This post was also written by Nick Tyler.  The U.S. Federal Trade Commission (FTC) has waded into the political debate with an Informal Note on the draft EU Data Protection Regulation as reported by Statewatch. In addition, Digital Civil Rights in Europe has reported that the U.S. Department of Commerce engaged in significant lobbying of the European … Continue Reading

Connecticut’s Muscular New Vision for Government Oversight of Data Security Breach Notifications

This post was also written by Diane Bettino. Nearly every state in the U.S. has a statute requiring notifications upon discovery of a data security breach.  Most of these laws do not mandate notification to any state authority. T hose few state laws that compel governmental notice are usually satisfied with contemporaneous notice, or notice … Continue Reading
LexBlog