White & Case Technology Newsflash | White & Case LLP International Law Firm, Global Law Practice
White & Case Technology Newsflash

White & Case Technology Newsflash

The Technology Newsflash contains articles and timely updates on the latest technology, outsourcing and privacy legal issues and trends affecting businesses today. We encourage you to visit the site often as it is updated regularly. We welcome any questions about the topics covered here and those relating to our global capabilities.

Table of Contents

Current Issue

Quicksearch Links

2015 Issue

2014 Issue

2013 Issue

 

Current Issue

Cybersecurity Guidelines for Vehicles

The National Highway Traffic Safety Administration’s new cybersecurity guidelines are a step toward improved safety practices in the modern vehicle.

Businesses can refuse Subject Access Requests made for the dominant purpose of litigation

The High Court has ruled that a business that receives a Subject Access Request ("SAR") can refuse to disclose the requested information in some cases, if the dominant purpose of the SAR is litigation. This appears to mark a significant departure from existing case law and regulatory guidance on this issue.

UK to implement GDPR regardless of Brexit

The UK government has confirmed that it will implement the EU General Data Protection Regulation, notwithstanding the UK's decision to leave the EU. This announcement confirms that UK businesses will need to become GDPR compliant by 25 May 2018.

Disclosing personal data – new protections for regulated sector firms?

New protections are being proposed in the UK to allow regulated sector firms to share information regarding suspicions relating to money laundering and terrorist financing, in circumstances where law enforcement has been notified. Regulated sector firms are financial gatekeepers and greater sharing of information between these firms and law enforcement should bolster the existing anti-money laundering and counter-terrorist financing regime.

FCC Adopts Privacy Regulations for Broadband Internet Service Providers

The FCC has adopted privacy and security rules that establish specific requirements for how Broadband service providers may use and share customer information for commercial purposes.

EU-U.S. Privacy Shield challenged

Privacy advocacy group Digital Rights Ireland has launched a challenge in European courts against the EU-U.S. Privacy Shield scheme, claiming it does not adequately protect the privacy rights of EU citizens. The lawsuit is expected to take over a year to resolve, continuing the uncertainty surrounding transfers of personal data from Europe to the U.S., including for the hundreds of companies that have already signed up for certification under the scheme.

Court confirms that IP addresses are personal data in some cases

The Court of Justice of the European Union has held that IP addresses are "personal data" in certain circumstances. This decision is significant because it means that the collection and further processing of IP addresses may be subject to EU data protection law, creating potential compliance difficulties for businesses.

UK ICO recommends personal liability of directors for breaches of data protection law

At a recent Parliamentary meeting to discuss the draft Digital Economy Bill, the UK Information Commissioner recommended imposing personal liability and accountability upon company directors. If such liability is imposed, it will mark a radical departure from the current law, under which directors of companies generally have no personal liability or accountability for breaches of data protection law committed by their companies.

Electronic Frontier Foundation brings suit over anti-circumvention provisions in the DMCA

The Electronic Frontier Foundation argued that Section 1201 of the Digital Millennium Copyright Act ("DMCA") is overbroad and is in violation of the First Amendment.

New York's New Cybersecurity Rules: What Is Required?

The proposed cybersecurity rules require extensive cybersecurity protections; including cybersecurity programs, policies, personnel, risk assessments, trainings, and breach reporting within 72-hours.

UK ICO issues largest ever fine for a data breach

The UK Information Commissioner's Office has issued a record fine of £400,000 to a UK telecoms company, in connection with a data breach. The fine, and the related adverse publicity, serve as a stark warning to companies that fail to implement appropriate data security measures.

Accelerating the autonomous vehicle revolution

USDOT announces new policy for safe design, development and deployment of autonomous vehicles.

The European Digital Single Market Strategy and Related Copyright Law Implications: The Status Quo

The European Commission outlined specific initiatives to achieve a Digital Single Market by modernizing EU copyright rules, establishing a copyright regime that is more suited across jurisdictions.

New York Regulators Propose Stricter Cybersecurity Rules

Proposed NY state rules aimed at protecting consumers would require DFS-regulated institutions to implement and enforce cybersecurity programs.

EU: Injunctions against intermediaries available also in the offline world

The Court of Justice of the European Union has held that injunctions against intermediaries whose services are being used by third parties to infringe intellectual property rights are not limited to electronic commerce but may also be issued against providers of 'real-world services', such as letting or subletting pitches in a marketplace.

EU-US Privacy Shield: How to Certify

US organizations can now apply for Privacy Shield certification, and have until September 30 to take advantage of a nine-month grace period to bring existing third-party contracts into conformity.

Federal Circuit Expanding Interpretation of Step Two of the Test for Patent Eligibility

Bascom ruling suggests that a detailed step two analysis is crucial to intellectual property protection and may confer patent eligibility.

European Court of Justice Strengthens Rights of Authors, Performers and Phonogram Producers

A judgement issued by the Court of Justice of the European Union (CJEU) provides certain but no decisive copyright-related guidelines for businesses offering television or radio programs in their facilities for customers.

Unlocking the EU General Data Protection Regulation

A detailed Handbook designed to assist businesses in understanding and complying with the GDPR. The GDPR will impact almost every organisation that is based in the EU, as well as many organisations that do business in the EU, even if based abroad. It is extremely serious, wide-ranging and significantly raises the bar for compliance, with maximum fines of up to €20 million or 4% of annual global turnover.

EU-US Privacy Shield approved

The EU-US Privacy Shield has now been formally approved, providing a new mechanism for transferring personal data from the EU to the US, and reducing the legal uncertainty international businesses have been facing – at least for now.

Japan Patent Act Amendment: How to Compensate Inventors Now?

Recent amendment to Japan's Patent Act modifies the right of an employee inventor to "reasonable" compensation, but falls short of creating a bright-line rule on acceptable compensation.

Federal Circuit Provides Guidance on Patent Eligibility Determination

Federal Circuit confirms that the first step of the Alice inquiry is meaningful and not a mere formality.

US Supreme Court affirms Federal Circuit on IPR Claim Construction Standard and that IPR Institution Decisions are Final and Non-appealable

Yesterday, the U.S. Supreme Court affirmed the Federal Circuit in Cuozzo v. Lee  by confirming (i) the U.S. Patent and Trademark Office ("PTO") application of the broadest reasonable construction ("BRI") standard to claim construction in inter partes review ("IPR") proceedings, and (ii) that PTO decisions whether to institute IPR proceedings are final and may not be appealed pursuant 35 U.S.C.§ 314(d) of the Leahy-Smith America Invents Act ("AIA").   

Online Traders: New Obligation in EU for Provision of Link to Online Dispute Resolution (ODR) Platform

European online dispute resolution (ODR) platform, intended to resolve disputes between consumers and online traders, forces traders to modify websites to comply with new regulation or risk an infringement of unfair competition law.

New threats to transatlantic data flows as Model Clauses come under fire

The transfer of personal data from the EU to the US is continuing to come under attack in the EU, with Model Clauses now in the regulatory crosshairs. Consequently, organisations that do business on both sides of the Atlantic are facing an increasingly uncertain future.

New Players – Old Rules? The Current Debate on the Regulation of OTT Services in the EU and Germany

The EU regulator is considering to subject Over The Top ["OTT"] internet based services, which include messaging services, audio/video streaming applications and other services social media platforms, to its telecoms regulation. The current regulatory framework was designed for Electronic Communication Services ["ECS"]. As OTT services grow rapidly and compete with established ECS, the latter are calling for a level playing field in terms of regulation. The German regulator, holding that the existing regulatory framework for ECS is applicable to certain types of OTT services, is taking a different approach.

Car Wars: The Car of the Future—Legal Aspects in a Connected World

This article was previously published in a special edition of the German newspaper Handelsblatt. Buzzwords like "connectivity" and "autonomous driving" are the harbingers of a new era that we will be facing in the next 5 to 10 years.

Strict and far-reaching new EU data protection regime comes into force

The EU General Data Protection Regulation ("GDPR") is now in force, and the clock is officially ticking for businesses to bring their operations into line with its sweeping changes.

FCC Proposes Formal Privacy Regulations for Broadband ISPs

The US Federal Communications Commission has proposed new information privacy and security regulations for Broadband Internet service providers, currently in a period of public comment.

IP addresses may be subject to EU data protection laws

Under certain circumstances, dynamic IP addresses can be “personal data”. Businesses that process IP addresses should take note.

Defend Trade Secrets Act: A New Era in Intellectual Property Protection

On May 11, 2016, President Obama signed the Defend Trade Secrets Act of 2016 ("DTSA"), creating a federal private civil action for the misappropriation of trade secrets. The DTSA does not preempt state law but provides an additional forum for relief.

GDPR published – Enforcement begins on 25 May 2018

The General Data Protection Regulation (or “GDPR”) was officially published on 4 May 2016. Enforcement will begin on 25 May 2018, giving businesses just over two years to bring their operations into line with the sweeping changes introduced by the GDPR.

Employers vicariously liable for data breaches caused by rogue employees

The High Court has held that employers can be vicariously liable for data breaches caused by rogue employees. The decision highlights the importance to businesses of ensuring that data protection compliance requirements are properly addressed.

English court compels investigators to disclose information on data protection grounds

The High Court has ruled that a company conducting an investigation may be compelled to give effect to requests for information made under data protection legislation.

UK 'regulatory sandbox' to foster fintech innovation

The UK's Financial Conduct Authority ("FCA") will launch a 'regulatory sandbox' on 9 May 2016 to foster innovation in the UK financial services market. Unauthorised firms that successfully apply to the FCA will be able to obtain restricted authorisation to test innovative products or services in a live environment.

Significant concerns from EU Data Protection Authorities may delay the EU-US Privacy Shield

EU Data Protection Authorities met in Brussels last week to deliver their eagerly anticipated opinion on the proposed EU-US Privacy Shield.

European Parliament approves new EU data protection law

The European Parliament has voted on the General Data Protection Regulation (the "GDPR"). The vote marks the end of a four-year legislative process and makes the GDPR a reality.

TC Heartland Challenges the Status Quo on Patent Venue

The Federal Circuit is currently considering a challenge to patent venue rules that could lead to dramatic shifts in where patent infringement actions are filed.

Timeline for new EU-US data transfer mechanism becomes clearer

The progress of the EU-US Privacy Shield has been uncertain for the last few months. However, recent developments have clarified the situation somewhat.

NHTSA Reflects Willingness of US Regulatory Authorities to Embrace Autonomous Vehicles

The NHTSA has started to adapt the federal safety regulations for motor vehicles by interpreting traditional terms and standards to reflect emerging technology.

No consensus on Privacy Shield following debate on adequacy

The EU-US Privacy Shield remains a hotly debated issue and significant areas of disagreement remain between the European Commission, the European Parliament, privacy activists and businesses.

France anticipating the GDPR

A bill currently under discussion before the French Parliament should result in tightened sanctions against organizations found to be in breach of data protection law. New sanctions provided under the bill are a reflection of the forthcoming General Data Protection Regulation (the " GDPR").

FTC Settles with Data Brokers in Sale of Consumer Data Used for Illicit Purposes

The recent settlement in FTC v. Sitesearch suggests that whether subject to the FCRA or not, the FTC is examining companies that trade in consumer information with increased scrutiny.

New deal for transferring personal data from the EU to the US moves a step closer

Following the conclusion in early February of negotiations for the Privacy Shield (the replacement for Safe Harbor), the European Commission has published draft documents providing the full detail of the Privacy Shield program.

Bărbulescu v. Romania clarifies an employers' rights to monitor the contents of their employees' private electronic communications

This ruling is aimed at providing a balance between the employer’s interests and employee’s rights under Article 8 of the ECHR.

EU Regulatory Agendas: EDPS Priorities 2016 and Article 29 Working Party Work Programme 2016 – 2018

The European Data Protection Supervisor and the Article 29 Working Party have both recently published their forward-looking work agendas, with both organisations expected to have significant influence on key regulatory developments during this period of unprecedented change in the European data protection landscape.

New restrictions on disclosures of personal data to non-EU courts will not apply in the UK

A controversial portion of the EU's forthcoming General Data Protection Regulation is a provision restricting the ability of EU businesses to comply with demands from non-EU courts for the production of documents containing personal data. Following a recent announcement by the UK government, these restrictions will not apply to businesses in the UK.

New WP29 Opinion on the application of EU data protection law to non-EU businesses

The EU’s Article 29 Working Party has published an Opinion that seeks to clarify the application of EU data protection law in relation to businesses based outside the EU.

Safe Harbor is dead, long live Safe Harbor!

US and EU announce a new framework to replace Safe Harbor and allow for international data transfers.

International Data Privacy: How to Navigate the Challenges

Guidance and checklist for fast growth companies on managing international data privacy issues.

Texas Takes a Stance Against Patent Trolls

States consider measures to protect their residents and business from abusive patent litigation.

FTC and Wyndham Settle Suit Regarding Wyndham's Alleged Cybersecurity Failures

The Third Circuit affirmed the FTC’s authority to pursue privacy-related claims, and the recent settlement provides some guidance as to reasonable privacy and data security practices.

New EU Directive on the Protection of Trade Secrets to Come

The new EU directive on trade secrets will be aimed at removing differing national levels of protection for trade secrets.

UK and EU Law Enforcement Investigatory and Data Sharing Powers: Developments and International Impact

Proposed UK legislation governing UK law enforcement investigatory powers will have a deep and far reaching impact on technology and communications businesses, and not just those in the UK.

[Back to Table of Contents]

 

Quicksearch Links

Search for financial technology (fintech)

Search for EU GDPR (European Union General Data Protection Regulation)

Search for EU-US Privacy Shield

All Technology Newsflash publications and events

[Back to Table of Contents]

 

2015 Issue

Introduction of new EU General Data Protection Regulation: final stages

EU-wide cybersecurity rules nearing final agreement

The self-driving car – a new legal frontier?

ITC Proposed Amendments to Section 337 Rules

Update 'EU-US Safe Harbor': Statement from the Article 29 Working Party

European Court of Justice invalidates 'EU- US Safe Harbor' pact

Trade Secrets Protection Bill Pending Before the Senate and Judiciary Committee

Transfer of Personal Data Under Japan's Amended Personal Information Protection Act

Court Invalidates Patent Claims After Refusing to Correct Alleged "Typos"

New French Act on Intelligence Services: Impacts on Technical Operators

Telemedicine or just a gadget for fitness addicts? Mobile Health Apps and the law

Europe's Highest Court Recently Delivered a Judgment Imposing Affirmative Duties on SEP Holders

Germany rolls out IT Security Act

Mobile health apps: Are they a regulated medical device?

Disparaging Trademarks and the Constitutionality of Refusing Registration Under the Lanham Act

Rejection of Oracle's claims for copyright infringement against one of its users and condemnation of the practice of aggressive audits

After Sales-Service: Don't Be Misled! — European Court of Justice Rules: Erroneous Information Provided by an Undertaking to a Consumer in the Context of After-Sales Service Is a Misleading Commercial Practice

A significant milestone in the path towards the adoption of the General Data Protection Regulation

House Committee Advances Patent Reforms Aimed to Curb Patent Litigation Abuses

Good-Faith Belief of Invalidity No Longer a Shield for Induced Infringement Claims

Free Wi-Fi: German Court Seeks Clarification in Luxembourg

Copyright levies on memory cards for mobile phones: another landmark decision from the CJEU (Case C-463/12)

House Passes Cyber Sharing Bills and Congress is Focusing on Data Protection

Council of Europe: Recommendation on the Processing of Personal Data in the Context of Employment

IBM sentenced to pay 6.5 million as contractual damages

Update: Germany's Draft Bill on IT Security

White House Re-Introduces Consumer Privacy Bill of Rights Act

The Supreme Court's New Standard of Appellate Review for Claim Construction

The case law of the German courts of lower instance for patent law and utility model law since the year 2013

President Obama Issues Executive Order on Cybersecurity Information Sharing

UPDATE: German Government Proposes New Law Entitling Consumer Protection Organizations to Enforce Data Protection Law

Developments in Privacy and Cybersecurity Legislation

EU Data Protection – Proposal on Co-Operation Procedure to Harmonize Common Opinions on Contractual Clauses

SDNY Clarifies Scope of Contractual Exclusions of Consequential Damages Under New York Law

[Back to Table of Contents]

 

2014 Issue

The Use of First and Last Names as Meta Tags is not Subject to the French Data Protection Act

Are Dynamic IP Addresses "Personal Data"? German Federal Court of Justice seeks advice from the European Court of Justice

California Passes New Data Protection Laws, Effective January 1, 2015

AIPPI's resolution on "IP Licensing and Insolvency": Will this re-ignite legislative initiatives in Germany?

Align by Design: Global Privacy Authorities Weigh in on the Internet of Things

California Passes Student Data Privacy Law

Federal Court Rules Business Method Patent Invalid Post-Alice

Recent Amendments to the Procedure of Personal Data Processing in Russia

Adoption of a new European legal framework applicable to cross-border electronic identification and e-signatures

Massive Online Security Breach – Are You Reactive or Proactive?

The revised PSI Directive – European Commission publishes guidelines on re-use of public sector information

Germany's Draft Bill on IT Security

UPDATE: Germany to Tighten Data Protection Laws: Consumer Protection Associations and Trade Associations shall be Granted Right to take Businesses to Court

Supreme Court Rules Abstract Ideas Implemented on Computer Not Patent-Eligible

New York AG Reports that Data Breaches Cost New York Businesses over $1B Last Year

European Commission's Actions to Better Protect and Enforce Intellectual Property Rights

Supreme Court Issues Ruling on Aereo and the Public Performance Right

German Federal Court of Justice Decides on Deletion of Unused Domains and Typosquatting

Fees for Recording IP Security Agreements with the USPTO and USCO

California Attorney General Issues Privacy Policy Guide

How does French case law deal with bundled software?

California AG Provides Important Guidance on Do-Not-Track Legislation and Disclosures

Copyright Holders Cannot Prevent Links to Freely-Available Content from Being Posted Online

Second Circuit Adopts Plaintiff-Friendly "Discovery Rule" for Copyright Infringement Claims

EU Data Protection – Draft Ad hoc contractual clauses "EU data processor to non-EU sub-processor"

New Bill Would Create a Private Right of Action for Targets of Trade Secret Misappropriation under Federal Law

FCC Warns ISPs May be Regulated as Utilities

Biotronik A.G. v. Conor Medsystems: Be Sure to Expressly Exclude Lost Profits in Drafting New York Law Contracts

Supreme Court Issues Two "High-Octane" Decisions to Address Abusive Patent Litigation Practices

3D Printing—implications on Intellectual Property Rights ("IP rights")

In for a Penny, in for a Pound

Germany's Draft Bill on Combating Late Payment in Commercial Transactions: Potential Consequences for Businesses on Both the Legal and Operational Level

EU High Court Strikes Down Data Retention Law

Cloud Services and Export Control: What You Don't Know Can Hurt You

Anti-Patent Troll Legislation: What is Proposed and What it Could Mean

CNIL Expanded Investigative Powers

Intent-to-Use Trademark Applications and Security Agreements

The Garcia v. Google Controversy and What It Means for Content Owners and Users

Germany to Tighten Data Protection Laws: Consumer Protection Associations shall be Granted Right to take Businesses to Court

Intellectual Property Infringement on the Internet: What Court to Call?

California's Shine the Light Law: A Heightened Pleading Requirement

NIST Issues Cybersecurity Framework

How to Secure Information Systems: The Growing Complexity of the Legal Landscape

Do Not Forget to Lock the Backdoor: Adopting a Holistic Approach to Cybersecurity

Study of the European Parliament on the Protection of Creator's Rights in a Changing Environment

Old Law, New Fit: Evergreen Notice Requirements for IP Service Agreements

Know Your Subcontractors: Recent FTC Settlement Highlights the Importance of Validating Subcontractor Data Protection Practices

US Supreme Court to Review Indefiniteness Standard under Section 112 of the Patent Act

FTC Settles U.S.-E.U. Safe Harbor Complaints Against Twelve Companies

EU Copyright Rules – Changes on the horizon?

Trademark Infringement by Use of AdWords? Legal Risks by Using AdWords Despite European Court of Justice (ECJ) Rulings

Distributing Earnings Call Information to the Public Is Fair Use

The Proposed Directive on Trade Secrets in the EU

The Case Law of the German Courts of Instance (Instanzgerichte) for Patent Law and Utility Patent Law Since the Year 2011

Addition of "No-Charge" Limitation During Prosecution Costs Inventor His Patent

French Courts Ordered to Block and Delist 16 Streaming Websites

[Back to Table of Contents]

 

2013 Issue

Federal Judge Rules NSA Data Collection Program Is Likely Unconstitutional

Major Changes to Defamation Law in the UK to Take Effect 1 January 2014

"Perfecting" Security Interests in United States Patents, Trademarks and Copyrights 

Hacking Back: For Now, Be Vigilant Rather Than a Vigilante

Prospects on Germany's Digital Landscape in the Next Four Years: What Does the Coalition Agreement Say on Technology?

Big Data: The Big Picture

Changes in Consumer Law for Distance Contracts in the EU

E-Commerce: Consider the Enhanced Consumer Protection Clauses

Software License Audits – How to prepare, how to react

FTC Denies Application for Proposed Social Network-Based COPPA Consent Verification

In Sourcing and Licensing Agreements Governed by New York Law, Think Twice About a Gross Negligence Carve-out to a Limitation on Liability

The Landgericht Düsseldorf’s (Düsseldorf District Court) decision to refer "LTE standard"

Securing Patent Value for Israeli Medical Technology Companies

CLS Bank v. Alice Corp. Further Muddies §101 Patent Eligibility

Federal Legislation Introduced Regarding Mobile Application Privacy

State court ruling creates new uncertainty for DMCA safe harbors

ECJ dismisses Spanish and Italian challenge to EU-wide unitary patent system, but obstacles remain

The Trademark Clearinghouse: What You Need to Know

Federal Circuit Announces Review of Appellate Standard for Claim Construction

Supreme Court Interprets Copyright "First Sale" Doctrine

Congress Takes Action to Allow Unlocking of Mobile Phones

FTC Announces Settlement with Social Networking App and Issues Staff Report Regarding Mobile Device Privacy Disclosures

President Obama Issues New Executive Order on Improving Cybersecurity

New HIPAA Rule Imposes Data Security and Privacy Obligations Directly Upon Vendors and Contractors of Covered Entities

U.S. Department of Health and Human Services Announces First HIPAA Breach Settlement Involving Fewer than 500 Patients

Amendments to the Economic Espionage Act Broaden Trade Secret Protection

FTC Amends COPPA Rule and Previews Future Enforcement Policies

[Back to Table of Contents]

 

This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.
© 2016 White & Case LLP