The European Commission is considering amending the existing rules for the financial sector regarding digital operational resilience, with a view to unifying and strengthening the legal framework in this area.

The proposed change to legislation would amend the existing Network and Information Security (NIS) Directive and create a new regulation on digital operational resilience, known

On April 21, 2021, a draft proposed European regulation on artificial intelligence (AI) (Regulation) was released following the European Commission’s white paper “On Artificial Intelligence – A European approach to excellence and trust”, published in February 2020. The regulation shows that the European Union is seeking to establish a legal framework for AI by laying

“2018 was the year that people have woken up to the importance of privacy and have begun to bite back at big tech”.

This was the view expressed by James Dipple-Johnstone, Deputy Commissioner (Operations) at the UK Information Commissioner’s Officer (ICO), during his recent speech at the Institute of Directors in London.

The speech focused on the ICO’s regulation of tech giants in the digital age. It highlighted the many benefits of big tech and big data, indicating that their influence and importance is only likely to grow. However, his speech also stressed that there are deep public concerns about the business models of some tech giants and their increasingly opaque uses of personal data.Continue Reading Regulating the tech giants

In September 2017, we published a blog that outlined the Commission’s proposal for a framework on this subject (you can view our blog here). In June 2018, we further reported that the European Parliament, Council of the European Union and the European Commission had reached a political agreement on the rules for the free

China’s new “Regulation on the Internet Security Supervision and Inspection by Public Security Organs” went into effect on November 1, 2018. It is the latest regulation passed by China’s Ministry of Public Security that executes China’s Cybersecurity Law, which took effect in June of last year. The regulation gives China’s Public Security Bureaus (PSBs) broad

Last month (September 2018), the House of Commons Treasury Committee issued a report on its inquiry into the regulation of crypto-assets. The inquiry examined, amongst other subjects, the role of digital currencies in the UK; the impact of distributed ledger (blockchain) technology; and how these should be regulated. The report recommends improvements to consumer and anti-money laundering protections (AML) when dealing in crypto-assets. The improvement will be achieved in part by extending the Financial Services and Markets Act (Regulated Activities) Order 2000 (RAO) to crypto-assets and associated activities.

‘Crypto-assets’, not ‘cryptocurrencies’

As a point of protocol, the report employs the term ‘crypto-assets’ instead of the more commonly used ‘cryptocurrencies’ on the basis that they do not demonstrate the functions of a conventional currency, such as a medium of exchange or store of value.

Crypto-asset concerns

The report also identifies a number of inherent problems with crypto-assets. It identifies the inherent risks to investments due to volatile crypto-asset markets, when compared to conventional fiat currencies. Related to this is the vulnerability of crypto-assets to market manipulation given that the exchanges currently sit outside of market abuse regulations.

There is also increased scope for hacking, which would inevitably lead to the theft of the crypto-assets. The Committee suggests that such risks were exacerbated by the lack of a deposit insurance scheme (such as the UK Financial Services Compensation Scheme) to compensate investors in the event of a hack. Investors themselves have also caused losses, particularly where they have lost their passwords and have, therefore, been barred from accessing the exchange.

The Committee believes that investors and consumers are further let down by the irresponsible nature of promoters, whose advertisements are often misleading (and in some cases initial coin offerings have used celebrities to advertise the offering). The Financial Conduct Authority (FCA) is powerless in mitigating this, as crypto-assets, conveniently (!) fall outside of its remit.

Crypto-asset platforms were widely considered to provide opportunities for money laundering and other criminal enterprises because exchanges allow anonymous access and are not governed by the AML regulation.

Each of the above concerns is underpinned by the absence of a secure regulatory environment that affords investors and consumers sufficient safeguards.Continue Reading The dawn of crypto-asset regulation

The European Commission has issued a proposal for a new Regulation on the free flow of non-personal data (“the Proposal”).

Background

The Commission adopted a Communication in January 2017 on “Building a European Data Economy”, in which its work on free flow of data was announced in the context of actions to enhance the data economy. The Commission then launched a public consultation and dialogue with stakeholders to gather further evidence on the issues restricting the free flow of data.

The Commission has identified the main obstacles that preclude free flow of data in the Digital Single Market as follows:

  • Unjustified data localisation restrictions by Member States’ public authorities
  • Legal uncertainty about legislation applicable to cross-border data storage and processing
  • A lack of trust in cross-border data storage and processing linked to concerns among Member States’ authorities about the availability of data for regulatory scrutiny purposes
  • Difficulties in switching service providers (such as cloud) because of vendor lock-in practices. The Proposal is intended to address these obstacles and remove barriers to data mobility. This is important for the data economy because removing data localisation restrictions is expected to generate additional growth of up to 4% GDP by 2020 (as estimated by Deloitte in one of the support studies). It will also drive down the cost of data services, providing customers greater flexibility in organising their data management and data analytics, while expanding their use and choice of providers.

In practice, these obstacles mean that a business may not be or feel free to make full use of cloud services, choose the most cost-effective locations for IT resources, switch between service providers, or port its data back to their own IT systems. The Commission considers that with the principle of free flow of non-personal data, businesses can avoid duplication of data at several locations, may feel more confident to enter new markets, and scale-up their activities more easily.

The Proposal is intended to address these obstacles and remove barriers to data mobility. This is important for the data economy because removing data localisation restrictions is expected to generate additional growth of up to 4% GDP by 2020 (as estimated by Deloitte in one of the support studies). It will also drive down the cost of data services, providing customers greater flexibility in organising their data management and data analytics, while expanding their use and choice of providers.
Continue Reading Proposal for a Regulation on the free flow of non-personal data in the EU

We are hosting a webinar on January 30, 2017, to discuss the new obligations global organisations with interests in Europe will need to meet to comply with the GDPR. With just over 16 months to go until the Regulation will be enforced, it is vital that you understand the requirements and that you are able

On June 21, 2016, the FAA issued its long-awaited regulations governing “Small Unmanned Aircraft,” or drone operation.  The regulations allow the use of drones weighing less than 55 pounds, traveling less than 100 mph groundspeed, and up to 400 feet above the ground, for a wide variety of purposes during daylight hours.  The regulations allow