On January 21, 2019, Google was fined nearly $57 million (approximately 50 million euros) by France’s Data Protection Authority, CNIL, for an alleged violation of the General Data Protection Regulation (GDPR).[1] CNIL found Google violated the GDPR based on a lack of transparency, inadequate information, and lack of valid consent regarding ad personalization. This fine is the largest imposed under the GDPR since it went into effect in May 2018 and the first to be imposed on a U.S ...
The Brexit Withdrawal Agreement negotiated between the European Union and the United Kingdom envisaged that during the United Kingdom's transitional period data protection legislation would have been treated in the same way as with the countries of the European Economic Area. This would have allowed a transfer of personal data from the European Union to the United Kingdom without additional measures to ensure adequate levels of data protection ...
Shepherd and Wedderburn, as a collection of individuals and as a business, has put diversity and inclusivity at the heart its organisational culture and values. The business case for fostering diversity and inclusivity in the workplace is compelling ...
In a landmark decision, the European Union Intellectual Property Office (‘EUIPO’) has ruled that McDonald’s, one of the world’s largest fast food chains, will lose its EU trade mark for “Big Mac” ...
The Court of Justice of the European Union (ECJ) must currently clarify whether and how website operators can legally integrate the so-called "Like" button of Facebook on their website (Case C-40/17). A German online retailer had integrated the "Facebook Like" button into their online shop. Due to the functionality of the "Facebook Like" button, personal information was transmitted to Facebook Ireland each time the website was visited, including the IP address ...
The Financial Services Authority (“OJK”) recently issued OJK Regulation No 37/POJK 04/2018 on equity crowdfunding services. This will allow offers of shares for sale by an issuer directly to investors through an open information technology system (“POJK37/2018”). POJK 37/2018 applies to offers of shares through a Crowdfunding ServicesProvider’s system ...
Under its Article 88(1), the GDPR allows Member States to draw up their own rules for the area of employee data protection. Germany has taken advantage of this option with Section 26 of the Federal Data Protection Act (BDSG). The first sentence of Section 26(1) already applies while the decision to establish an employment relationship is made and hence it needs to be taken into account early in the application process ...
The Financial Services Authority issued OJK Regulation No. 37/ POJK 04/2018, on 31 December 2018 on equity crowdfunding services (the “Crowdfunding Services”) which allow offers of shares for sale by an issuer directly to investors through an open information technology system (“POJK 37/2018”). POJK 37/2018 applies to offers of shares through a Crowdfunding Services Provider’s system ...
To protect and stimulate creators to increase innovation and encourage entrepreneurship, Norwegian authorities are changing the law. In 2018 we received several proposals towards strengthening the rights of those who create new ideas or build their business on intellectual property. Looking back at 2018, we see a year in which the Norwegian intellectual property (IP) legislation has been in movement. Technology is developing fast, and so must the law protecting technology ...
Software is becoming the main part of an increasingly amount of products set on the market; a trend which will become more and more evident in the years to come. This fact challenges the legal landscape and interpretation of product liability laws, and contract makers must pay attention to potential new risks imposed on the parties. If a product causes damages to a third party, complex questions may arise with respect to liability and the chain of causation ...
PSD2 came into effect in the European Union on January 13, 2018. PSD2 is important as it aims to further harmonise the EU payments market and break the banks' de facto monopoly on the provision of payment services and the use of their customer data. Below is a review of developments to date as they relate to transposing PSD2 into Norwegian law, including an update on the most recent developments ...
Most companies go to great lengths to protect and maintain their intellectual property (IP). These companies recognize the value of their IP and work towards its development, sustainability and commercialization. IP strategy customary includes where and when to file patent applications, how to choose a brand name and register it, how to protect and enforce copyrights, protect trade secrets, etc ...
The ePrivacy Regulation was actually supposed to enter into force on May 25, 2018 jointly with the EU General Data Protection Regulation. Now it is expected to go into effect in 2019 at the earliest. It has new provisions in store, particularly for online marketing. The ePrivacy Regulation is intended to replace the current European ePrivacy Directive (2002/58/EC) and the Cookie Directive (2009/136/EC) ...
One of the key provisions of the Dodd-Frank Act rollback law signed by President Trump on May 24, 2018, hasn’t met its early promise for U.S. community banks. Recently proposed rules to implement simplified capital requirements have fallen short of the industry’s expectations when the bank deregulation law was enacted in May ...
The online retail sector has seen a considerable increase in intervention by the competition authorities both on a national level and in Brussels. Most recently, in December 2018, the European Commission fined the clothing company Guess € 39.8 million for applying online sales and advertising restrictions ...
The IRS recently issued proposed regulations to implement changes to the rules for hardship distributions from 401(k) plans made by the Bipartisan Budget Act of 2018 (“BBA”) that will take effect on January 1, 2019. The proposed changes will make hardship distributions more widely available and will ease administration of hardship distributions for plan sponsors ...
I. Introduction According to a Bitkom study from September 2018, German industry has incurred a total loss of 43 billion euros as a result of cyberattacks over the past two years. Seven out of ten industrial companies have been victims of such attacks during this period. At EU level, there has recently been a growing discussion on how to face this mounting danger ...
As an eventful 2018 comes to a close, we look ahead to 2019 and our “Top 10 List” of key issues U.S. financial institutions, non-banks providing financial services, and financial technology (fintech) entities should plan for and watch throughout the upcoming year. The first five items on the list are discussed below, and the remainder of our list will follow shortly in another post ...
Over the last several years, the emphasis on privacy and data protection has grown significantly. With the amount of data collected by companies and technology skyrocketing, the need to protect personal information has been at the forefront of states’ legislative agendas. While all 50 states now have breach notification statutes, states are now taking a closer look at issues such as tracking online behavior and the use of biometric data ...
Executives and in-house counsel should be aware that traveling with sensitive data can lead to its seizure—with potentially severe consequences worldwide. Recently, Parliament in the United Kingdom seized from a traveling executive a USB drive containing data that had been produced in a United States lawsuit between Six4Three, a software company, and Facebook. Put simply, that data was in the wrong place at the wrong time ...
In December of 2018, the coalition partners finalised their governing plan for the next 5 years in a coalition agreement (“Coalition Agreement”) which was signed the same day. The Coalition Agreement confirms the ambition, amongst others, to pursue a responsible, sustainable and innovative financial policy based on sound public finances ...
In December of 2018, EU Court of Justice Advocate General Campos Sánchez-Bordona concluded that the United Kingdom may unilaterally withdraw its intention to leave the European Union before 29 March 2019 and therefore remain in the EU. This is so long as the revocation notice is made before the formal conclusion of a withdrawal agreement and it respects the UK’s constitutional requirements ...
In February of this year, the Securities Exchange Commission issued its updated Statement and Guidance on Public Company Cybersecurity Disclosures. In April, the SEC issued an Order that, among other things, levied a $35 million fine against Yahoo! Inc. for failing to properly report a 2014 data breach. These actions support the view that the SEC is consciously committing attention and resources to cybersecurity issues affecting public companies ...
The UAE federal government has recently issued a raft of important legislation. The raft addresses and updates areas of law that are key to businesses in the jurisdiction. Amongst this legislation is Federal Decree-Law 14 of 2018 concerning the central bank and the organisation of financial institutions and activities (the New Banking Law) ...
