The administrative fines that have been imposed by the different European supervisory authorities since the GDPR took effect vary enormously. While the highest administrative fines imposed by the German authorities to date have been EUR 20,000 and EUR 80,000 and have therefore remained well below the possible maximum fine of EUR 20 million or 4 % of worldwide annual turnover, other countries’ supervisory authorities have already delivered higher fines ...
This is to inform you that, on March 18 2019, the Federal Law of the Russian Federation on “Introduction of amendments to the first, second part and Article 1124 of the third part of the Civil Code of the Russian Federation” (the “Law”) was adopted ...
This is to inform you that, on March 18 2019, the Federal Law of the Russian Federation on “Introduction of amendments to the first, second part and Article 1124 of the third part of the Civil Code of the Russian Federation” (the “Law”) was adopted ...
The Department of Health and Human Services Office of Civil Rights (OCR) Spring 2019 Cybersecurity Newsletter includes new recommendations regarding how HIPAA covered entities can prepare to defend against cybersecurity attacks such as advanced persistent threats (APTs) and zero-day vulnerabilities ...
Even before the General Data Protection Regulation (GDPR) came into force, there were discussions as to whether the use of tracking cookies, which make it possible to analyze the usage and browsing behavior of a user on the Internet and use it for interest-based advertising, requires prior consent (opt-in) of the user or whether a dissent solution (opt-out) is sufficient. The German data protection authorities are of the opinion that users must give their consent ...
In a recent decision by the Technology and Construction Court (TCC), Judge Stewart-Smith has clarified the position when determining whether two adjudications are “the same or substantially the same” when a party challenges jurisdiction under Para 9(2) of the Scheme for Construction Contracts. He stated that thedecisionreached in the first adjudication must be considered as well as the disputesreferredto adjudication in each ...
On 13 March 2019, the State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg (LfDI BaWü) published the latest version of his guidebook on employee data protection. In this brochure, the LfDI BaWü offers an insight into his work and explains his opinion regarding the various points of view surrounding employee data protection ...
Cloud computing and offshoring of data is no longer a taboo among banks. It is becoming a necessity and is the current definitive trend. However, the South African Reserve Bank (“SARB”) has issued a directive and guidance note detailing items banks must consider when electing to adopt cloud computing as a service or any offshoring of data ...
The implementation of cybercrime legislation is a pressing issue given that South Africa has one of the highest numbers of cybercrime victims in the world. In addition, a number of unsuspecting individuals and organisations alike fell prey to the scourge of cyber scams which seemed to spike quite rapidly in the past year. The Cybercrime Bill was adopted by the Portfolio Committee for Justice and Correctional Services in November 2018 and sent to the National Assembly for debate ...
The pervasiveness of the Internet of Things has spawned a recent fear that the devices are listening to the conversations of their users. For instance, the My Friend Cayla doll talks to children and answers their questions by connecting to the internet and using a combination of voice recognition software and Google searches to provide these responses ...
Gone are the days when a helicopter had to be hired to secure fantastic shots of a neighbourhood or local stadium in anticipation of a major public or private event. Drones have ushered in a new kind of photography and can be used in many instances and applications even in traditional industries like agriculture or last mile logistics. One of the primary functions of using drones is to capture, store and transmit data ...
Digital rights management (“DRM”) refers to the methods used by content owners to protect their digital content. A number of methods can be used to control and restrict access and usage of digital material. Popular DRM mechanisms include password protecting a digital file/content, as well as platform DRM, which is typically deployed by online streaming platforms and electronic databases to restrict access to content that users are required to pay for ...
It is no surprise that in this digital age, social media is more than a platform to connect with old school friends, share experiences or watch funny videos. Businesses have realised the value in leveraging social media platforms so as to directly connect with and market themselves and their businesses to existing and potential customers. Social media platforms allow businesses to increase their brand awareness and entrench themselves with their clients and secure their loyalty ...
The fallout from the Illinois Supreme Court’s January 25, 2019, opinion in Rosenbach v. Six Flags Entertainment Corp., 19 IL 12316, continues.Rosenbach settled the dispute of who qualifies as an “aggrieved person” under the Illinois Biometric Information Privacy Act (“BIPA”), and in doing so opened the floodgates for this litigation to proliferate ...
On January 19, 2019, federal Magistrate Judge Kandis Westmore of the Northern District of California denied the Government’s application for a search warrant that sought: “all digital devices” present at a California residence; (Order at 3), and “any individual present at the time of the search to press a finger (including thumb) or utilize other biometric features…for the purposes of unlocking the digital devices found in order to permit a search of
We would like to inform you of the new rules of audits/inspections of companies processing personal data approved by the Decree of the Russian Government dated February 13, 2019 No. 146 «On Approving the Rules on Arranging and Exercising Control over Compliance of Personal Data Processing» («Decree»). The Russian Data Protection Authority (DPA) is entitled to investigate companies’ compliance with data protection laws ...
Corporations and governments are ferreting out and squirreling away voluminous, detailed and private information about each and every one of us – and they are not afraid to use it. Should we be worried? Singapore’s Health Minister recently revealed that confidential details of 14,200 HIV-positive people, stolen from a government public health database, had been leaked online by a disgruntled US citizen who had been in a romantic relationship with a local doctor ...
Senate Bill 273 goes into effect on March 20, 2019, and creates new requirements for Ohio insurance companies, including health insurance plans, to develop and implement specific information security programs to safeguard nonpublic business and personal information. Senate Bill 273 is based upon the National Association of Insurance Commissioners’ Insurance Data Security Model Law (also referred to as "MDL-668") ...
When a scion of the investment banking world gets into crypto it is probably worth taking notice. JP Morgan Chase, America's largest bank, has just grabbed everyone's attention with the launch of its very own cryptocurrency, the JPM Coin. JP Morgan intends the internally developed crypto asset to be used in its wholesale payment system, which currently sees daily volumes in the region of $6 trillion ...
The Financial Conduct Authority (FCA) recently launched a consultation on its proposed guidance on cryptoassets (CP19/3) which can be read in fullhere. The move comes as part of the UK Cryptoasset Taskforce's wider look into the regulation of the cryptoasset market. The consultation follows a report published in October 2018 by the Taskforce, which consists of the Bank of England, HM Treasury and the FCA. Our discussion of that report can be readhere ...
In its decision from February 7, 2019, the Bundeskartellamt prohibited Facebook from the further processing of user data which it has generated from so-called third party sources. In order to make use of these personal data in future, Facebook will need the consent of the data subject as defined by the General Data Protection Regulation (GDPR). It remains to be seen whether this will be granted by the majority of users. 1 ...
The General Data Protection Regulation (GDPR) provides for a significant increase of the maximum possible fine for legal infringements compared to previous data protection legislation. Fines of up to 20 million euros or 4 percent of the worldwide annual turnover, whichever is higher, can be imposed (Art. 83 para. 5 GDPR). Yet, the first few months after the introduction of the GDPR in May 2018 were uneventful in this regard. That is now changing, however ...
The President of Mexico, Andrés Manuel López Obrador, has passed an executive order whereby he proposed the creation of the “Logistic Center for the Distribution and Transportation of Petroleum Products” (the “Center”), as a decentralized administrative entity separate from the Ministry of Energy, with technical, operational and management autonomy ...
On December 28, 2018, the Department of Health and Human Services (HHS), in partnership with the Health Sector Coordinating Council (HSSC), published the “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” (HICP Publication), which is a four-volume publication designed to provide voluntary cybersecurity practices to health care organizations of all types and sizes, ranging from local clinics to large health care systems ...
The US tech giant, Google is fined EUR 50 million by France's data protection regulator, CNIL, for failing to comply with its General Data Protection Regulation (GDPR) obligations. This is the biggest GDPR fine yet to be issued by a European regulator and the first time that one of the tech giants has been found in breach with the new regulations that came into force in May 2017 ...
