New BIPA Ruling: Dismissal of Claims Against Samsung Over its Face App Data -
On July 24, 2024, a federal judge in Illinois dismissed the case GT v. Samsung Electronics America, Inc., in which a putative class of Samsung...more
8/19/2024
/ Biometric Information Privacy Act ,
Data Protection ,
Enforcement ,
European Commission ,
European Parliament ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Illinois ,
Information Commissioner's Office (ICO) ,
Informed Consent ,
Minor Children ,
Personal Information ,
Settlement ,
Social Media ,
State Data Privacy Laws ,
Tracking Systems ,
UK
The Labour Party has indicated an intention to implement specific regulation in relation to AI in the UK. However, the manifesto on which the party has won power, did not propose any general AI legislation. New legislation...more
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach -
On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
6/14/2024
/ Annual Reports ,
Artificial Intelligence ,
Breach Notification Rule ,
Colorado ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
New Legislation ,
NYSE ,
Popular ,
Securities and Exchange Commission (SEC) ,
UK
FTC Settles with Rite Aid on its Use of AI and Processing of Biometric Information -
The Federal Trade Commission (“FTC”), on December 19, 2023, announced that it had reached a settlement with Rite Aid Corporation (“Rite...more
1/19/2024
/ Artificial Intelligence ,
Biometric Information ,
COPPA ,
Data Brokers ,
Data Retention ,
Enforcement Actions ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
FTC Act ,
Inventors ,
Notice of Proposed Rulemaking (NOPR) ,
Opt-In ,
Patents ,
Rite Aid ,
Sensitive Personal Information ,
Settlement ,
UK
EU AI Act: Political Agreement Reached on Terms of Landmark Legislation -
Negotiators for the European Council and the European Parliament have reached political agreement on the provisions of the EU Artificial...more
12/15/2023
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Compliance ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
EU ,
Federal Trade Commission (FTC) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Neglect ,
New Legislation ,
UK
The UK has approved the UK-U.S. Data Bridge facilitating flows of personal data to U.S. entities that have self-certified to the EU-U.S. Data Privacy Framework (‘DPF’), provided that those entities extend their DPF...more
9/25/2023
/ Compliance ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Personal Data ,
Privacy Framework ,
Safe Harbors ,
Schrems I & Schrems II ,
UK ,
UK GDPR
FTC Finalizes Settlement with 1Health.io For Allegations It Failed to Protect Customers’ DNA Data -
On September 6, 2023, the Federal Trade Commission’s agreement with the genetic testing firm 1Health.io Inc. – formerly...more
9/25/2023
/ Background Checks ,
California ,
California Consumer Privacy Act (CCPA) ,
Consent Agreements ,
Consumer Reporting Agencies ,
Data Brokers ,
Data Collection ,
Data Security ,
Data-Sharing ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
FTC Act ,
Gramm-Leach-Blilely Act ,
Information Commissioner's Office (ICO) ,
Law Enforcement ,
New Legislation ,
Personal Data ,
Personal Information ,
Privacy Policy ,
Settlement ,
UK ,
UK GDPR
WorldCoin is a cryptocurrency project which uses iris scanning technology to issue a “World ID” as a digital identifier. Privacy concerns over WorldCoin have been voiced by several data protection authorities worldwide....more
8/23/2023
/ Artificial Intelligence ,
Biometric Information ,
CNIL ,
Cryptocurrency ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data Security ,
Data Storage ,
EU ,
General Data Protection Regulation (GDPR) ,
HMRC ,
Information Commissioner's Office (ICO) ,
Popular ,
UK
In 2020, the UK Government asked the Law Commission to review the legal status of digital assets in England and Wales, with the aim of making the UK an attractive jurisdiction for crypto development and investment. The Law...more
The Department of Health and Social Care in the United Kingdom has published a proposed update to its policy regarding access to National Health Service (NHS) data for research purposes. The proposed update focuses on the...more
The International Institute for the Unification of Private Law (UNIDROIT) has adopted draft Principles on Digital Assets and Private Law (the “Principles”). These Principles comprise legislative guidance and best practices in...more
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P -
On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
10/14/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Algorithms ,
Anti-Discrimination Policies ,
Artificial Intelligence ,
Biden Administration ,
Broker-Dealer ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Foreign Trade Regulations ,
Gramm-Leach-Blilely Act ,
Hackers ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Investment Adviser ,
Investment Companies ,
Privacy Framework ,
Regulation S-P ,
Request For Information ,
Right of Access ,
Securities and Exchange Commission (SEC) ,
Subject Access Request (SAR) ,
Title V ,
U.S. Commerce Department ,
Uber ,
UK ,
UK GDPR
The UK Court of Appeal has issued its judgment in one of the latest hearings in Neurim Pharmaceuticals v Generics (UK) relating to Neurim’s insomnia drug, Circadin. The Court of Appeal ruled that an exclusive licensee has...more
4/13/2022
/ Appeals ,
Corporate Counsel ,
Exclusivity ,
Intellectual Property Protection ,
IP License ,
Patent Infringement ,
Patent Litigation ,
Patents ,
Pharmaceutical Industry ,
Pharmaceutical Patents ,
Standing ,
UK
A recent UK Court of Appeal decision highlights ongoing uncertainty regarding the jurisdictional reach of the GDPR and invites intervention from the Information Commissioner’s Office. ...more
1/25/2022
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
EU Data Protection Laws ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Jurisdiction ,
Personal Data ,
UK
The value of the global medicinal cannabis market is projected to reach US$62.7 billion by 2024, with over US$22 billion of that market generated by Europe and an estimated excess of £2 billion likely to be generated in the...more
6/29/2021
/ Cannabis-Related Businesses (CRBs) ,
Financial Conduct Authority (FCA) ,
Investment ,
Investment Funds ,
Investors ,
London Stock Exchange ,
Marijuana ,
Marijuana Related Businesses ,
Medical Marijuana ,
Popular ,
UK
The European Commission has issued new Standard Contractual Clauses designed to facilitate international transfers of personal data in compliance with the GDPR. The new provisions better reflect the variety of global data...more
Other recent notable industry transactions: Thermo Fisher Scientific Inc. completed the acquisition of Henogen SA, Novasep's viral vector manufacturing business in Belgium for approximately €725 million in cash....more
The National Institute for Health and Care Excellence public consultation -
The National Institute for Health and Care Excellence (“NICE”) has commenced a public consultation on its technology evaluation process when...more
Key Takeaways -
A new draft EU Regulation aims to encourage the sharing and re-use of data and foster a data-driven economy that shares the benefits of Big Data whilst respecting individuals’ rights in personal data and...more
The new EU-UK Trade and Cooperation Agreement (the “Trade Agreement”) came into effect on 1 January 2021. There are now two versions of the GDPR: the existing EU regime (the “EU GDPR”) and the new ‘UK GDPR’ which applies an...more
The Information Commissioner’s Office (ICO), the UK’s data protection authority, has recently published updated guidance on an individual’s right to access their personal data. This OnPoint considers the key issues arising...more
The United Kingdom (“UK”) left the European Union (“EU”) on 31 January 2020 and entered into a transition period that is due to end on 31 December of this year. During this period, the UK remains subject to EU laws and rules,...more
In anticipation of Brexit, the U.S. Department of Commerce (“DOC”) has published steps it expects to be taken by businesses that rely on Privacy Shield to transfer personal data from the UK to the U.S....more
1/15/2019
/ EU ,
EU-US Privacy Shield ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
UK ,
UK Brexit ,
x
Further to our previous OnPoint “No Deal” Brexit and its Implications for Data Protection, the European Commission has given an update on its “no deal” Brexit contingency planning in a communication published on November 13,...more
The prospect of the UK leaving the European Union without a formal agreement in place seems increasingly possible. Businesses need to increase their preparations for a "no deal" scenario and these preparations should include...more
10/8/2018
/ Binding Corporate Rules ,
Consent ,
Data Protection ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses ,
UK ,
UK Brexit