Tag Archives: Regulatory

Cooperation and consistency? Nine months in, the EDPB reflects on GDPR

The European Data Protection Board (EDPB) has published a report (Report) assessing the implementation and enforcement of the General Data Protection Regulation (EU) 2016/679 (GDPR). The Report focusses on how the cooperation and consistency mechanisms are being used by EU supervisory authorities (SAs). Cooperation mechanism Where cases involve cross-border processing, SAs cooperate through: Mutual assistance; … Continue Reading

Involved in AI? The ICO wants to hear from you.

The Information Commissioner’s Office (ICO) is inviting organisations to help develop a framework for future auditing of artificial intelligence (AI). A team from the ICO’s Technology Policy and Innovation Directorate will develop the framework. The framework is intended to help regulators ensure AI applications are transparent, fair and appropriately risk assessed. As well as the … Continue Reading

e-Privacy meets GDPR – the European Data Protection Board shines some light

The European Data Protection Board (EDPB) published an opinion (Opinion) on the interplay between the ePrivacy Directive (Directive 2002/58/EC) and the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). The Opinion responds to questions submitted by the Belgian data protection authority, specifically: whether data protection authorities (DPAs) are competent to regulate processing that triggers both … Continue Reading

Regulating digital services – UK parliament weighs in

The Select Committee on Communications of the House of Lords (Committee) published a report discussing UK regulation of ‘digital services facilitated by the internet’. We summarise some of the key recommendations of the report, which was published on 9 March 2019: 1. A central regulatory body called the Digital Authority should be set up to … Continue Reading

Highlighting the “SEC” in cybersecurity: Continued regulatory focus on preparedness and response

In recent months, the U.S. Securities and Exchange Commission (“SEC”) has emphasized cybersecurity as both an enforcement priority and corporate responsibility, demonstrating its continued focus on the need for issuers to have sufficient measures in place, including up-to-date compliance and incident response programs in order to maintain the integrity of the capital market system. The … Continue Reading

FTC’s PrivacyCon Highlights Consumer Privacy Perceptions and Targeting

The Federal Trade Commission is currently the most aggressive enforcement agency on privacy and data security. The agency kicked off 2016 with PrivacyCon on January 14, which put the spotlight on academic research on consumer privacy and security. The conference, which drew 400 attendees to Southwest D.C. and 1,500 more streaming online, showcased 19 papers … Continue Reading

The FTC Clarifies Native Advertising Enforcement Guidance

As publishers increasingly rely on more modern methods of native advertising – that is, ads designed to look and feel similar to a platform’s editorial content – as a source of revenue, the FTC has taken steps to clarify when native advertising may cross the line and become deceptive to consumers. Recently, the FTC published … Continue Reading

FTC Settlement with Snapchat – What Happens on Snapchat Stays on Snapchat?

Last Thursday, the Federal Trade Commission (FTC) announced that messaging app Snapchat agreed to settle charges that it deceived consumers with promises about the disappearing nature of messages sent through the app. The FTC case also alleged that the company deceived consumers over the amount of personal data the app collected, and the security measures … Continue Reading

FERC Issues Order to Investigate Possible Violations of its Cyber Security Protocols for the Electric Grid

This post was also written by Amy Mushahwar. The Federal Energy Regulatory Commission (FERC) issued an order on July 20, 2012 to investigate whether any Authorized Certification Authorities (ACAs) had violated the North American Energy Standards Board (NAESB) Public Key Infrastructure (PKI) Standards, which outline various security requirements and specifications for the electric grid.1  The Order requires all … Continue Reading
LexBlog