Publications & Events

White & Case Technology Newsflash

Table of Contents







The Technology Newsflash contains articles and timely updates on the latest technology, outsourcing and privacy legal issues and trends affecting businesses today. We encourage you to visit the site often as it is updated regularly. We welcome any questions about the topics covered here and those relating to our global capabilities.



Getting the Deal Through - Technology M&A 2022

Global law firm White & Case LLP has contributed to the 4th edition of Technology M&A, published by Getting the Deal Through. The book covers key considerations for technology M&A transactions in various jurisdictions. Partner Arlene Arin Hahn and Associate Neeta Sahadev are Contributing Editors for the book and also co-authored the United States chapter.

Technology Industry Should Watch Closely as the Executive Branch and Lawmakers Set Their Sights on Antitrust

Calls for changes to antitrust law, and how antitrust laws should be applied to the conduct of large technology companies, have been heating up in recent years.  Now, the push for wide-scale changes to antitrust law has reached a boiling point.  Indeed, President Biden’s sweeping July 9, 2021 Executive Order on competition policy and a bipartisan package of proposed Bills may signal that at least some degree of federal and/or legislative change is on the horizon.

Judge Albright and Transfers of Patent Cases

Judge Alan Albright, one of the most active patent jurists, recently amended his standing orders to clarify inter-district transfers and venue discovery, adding predictability for parties that litigate in the Western District of Texas.

Germany: Significant reduction of GDPR fines

Nearly three years after the adoption of the General Data Protection Regulation (GDPR) and the countless fines issued by national data protection authorities, the first successful litigation challenging the value of a GDPR fine issued offers valuable insights for the future of GDPR litigation and data protection compliance more broadly.

Procedural Denials at the PTAB – Here to Stay?

Recently, the USPTO's Patent Trial and Appeal Board ("PTAB") has issued significantly more procedural denials of IPRs, including those based on the NHK Spring and Fintiv decisions. In response, petitioners have tried a variety of tactics to reduce the risk of a NHK Spring/Fintiv procedural denial. However, upcoming changes in USPTO leadership and policy may change this.

Smart Cities: Changing dynamic between private and public actors

Articles about smart cities address various facets, including connectivity, data, infrastructure, and transportation, etc. All these facets are linked by an overarching theme: the changing interaction between private and public actors due to the central role of the public actors in smart city projects.

Late-stage VC investment weathers the COVID-19 storm

Late-stage venture capital funding reached new heights in 2020 as investors continued to hunt for high-growth potential amid the pandemic.

US SPACs look beyond their backyard to Europe

Although most SPAC activity is concentrated in the US, the boom in listings spells opportunities for European firms.

TMT 2021: France chapter

White & Case partners Bertrand Liard, Clara Hainsdorf, Saam Golshani and Guillaume Vitrich have co-authored the France chapter of the Chambers 'TMT 2021' Global Practice Guide.

2020 in review: Patent litigation increases

Patent litigation is increasing. Specifically, the 13 percent rise in patent cases from 2019 indicates that the pandemic did not slow down litigants. This reverses the trend since 2015 of gradually decreasing numbers of new patent cases per year. Those involved in offensive and defensive patent cases should take note that the appetite to engage in patent litigation is increasing again.

Prepare for change: Technology and sustainability

Digitalisation and ESG are transforming the face of infrastructure. Here we explore how investors are reacting to the opportunities and challenges these forces present.

Federal Circuit reaffirms the lack of authority in the USPTO's § 101 Guidance

Because of the lack of clarity in § 101 eligibility jurisprudence, patent practitioners attempted to rely upon guidance from the USPTO. The USPTO's 2019 "Revised Patent Subject Matter Eligibility Guidance" attempted to offer insight into the frequently confusing landscape of § 101. However, the Federal Circuit subsequently held that the USPTO's Guidance had no binding authority. Now, once again in cxLoyalty, Inc. v. Maritz Holdings Inc., the Federal Circuit has reaffirmed that courts, patentees, patent holders, examiners and the PTAB itself may rely on the Guidance only at their peril, and that the Guidance has no authority in and of itself. No. 2020-1307 (Fed. Cir. Feb. 8, 2021).

Kalifa Review – Proposed Fintech Investment Reforms

On 26 February 2021, the Kalifa Review of UK Fintech published its much anticipated report on the state of the UK fintech industry. The report recognizes fintech's current importance to the UK economy and potential material opportunities in driving growth as part of Global Britain in a post-COVID environment, including potential investment reforms impacting Fintech investors and companies.

Fraud and abuse risks in digital health: What tech companies need to know about healthcare enforcement – Part II

For companies looking to monetize their hard-earned innovations in digital health, there is a minefield of potential healthcare enforcement to avoid. As discussed in Part I of this alert, such healthcare enforcement can lead to significant criminal and civil penalties. Common risk areas are well known to pharmaceutical, medical device and other traditional healthcare companies. However, the challenge for a technology company making its first foray into healthcare is both to appreciate these traditional healthcare compliance risks and to determine the unique ways these risks may map onto the uncharted landscape of digital health.

GDPR Guide to National Implementation: United Kingdom

A practical guide to national GDPR compliance requirements across the EEA

Fraud and abuse risks in digital health: What tech companies need to know about healthcare enforcement – Part I

Digital health is exciting, innovative and forward-looking. Investors have invested billions of dollars anticipating dividends from the next phase of the Big Data revolution: collecting and synthesizing millions of data points that, in turn, could feed into artificial-intelligence-enhanced diagnostics; improve monitoring during pharmaceutical clinical trials; promote everyday fitness tracking; and so much more.

A Whole New (Virtual) World

With increasing innovations and developments in technology, the virtual asset landscape is growing at an unprecedented rate. Virtual asset trading activities have risen dramatically in recent years and, with that, the risks associated with virtual assets have become more apparent: breaches in customer security; market manipulation; and the potential to use virtual assets in money laundering and terrorist financing. Governments are catching onto the need, and benefits, of developing regulatory frameworks in respect of this emerging market, and the virtual asset space is finding itself increasingly subject to regulatory scrutiny.



Infrastructure M&A remains robust despite COVID uncertainty

The energy transition and a growing need for efficient digital infrastructure are two trends fueling infrastructure dealmaking in 2020

Ongoing Appeals May Shape How Juries and Courts Determine Patent Royalties

A patent holder that prevails in a patent infringement suit is entitled to either lost profits or a reasonable royalty. A reasonable royalty calculation often implicates the infringing product's revenues (the "royalty base"). The smallest saleable patent-practicing unit ("SSPPU") is a legal doctrine that restricts the royalty base that a patent holder can use in its reasonable royalty calculation. Two recent cases may shape the application of this doctrine in the patent infringement context and the SEP licensing context. Both patent holders and patent-practicing organizations should take note of and monitor developments.

AI in the boardroom: opportunities and challenges

Artificial intelligence (AI) is increasingly transforming business processes and strategies across industry sectors. Companies are figuring out how to take advantage of AI, focusing primarily on customers' needs and experience. However, AI could also be a powerful tool to enhance internal decision-making processes and governance through advanced analytical models and robust risk-management methods.

Before the Dust Settles: The California Privacy Rights Act Ballot Initiative Modifies and Expands California Privacy Law

Hot on the heels of the California Attorney General's rulemaking process for the California Consumer Privacy Act ("CCPA"), California voters have passed a ballot initiative to expand and create new privacy rights for consumers. Most of the California Privacy Rights Act ("CPRA") will not take effect until January 1, 2023, giving weary businesses some lead time for their compliance efforts. In this client alert, we set out the key changes for businesses to be aware of as they look forward to meeting their obligations under the CPRA. 

EnergyTech: New markets and new business opportunities

The energy market has been dominated by major energy companies for a long time. New market opportunities and digitalization could lead to a higher market penetration of startups.

CFPB Seeks Comments on Highly Anticipated Consumer Access to Financial Information Rulemaking

The Bureau of Consumer Financial Protection (CFPB or Bureau) has formally commenced its long-awaited rulemaking process to implement section 1033 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act).

Spain targets BigTech with new Tax on Digital Services

The Spanish Official Gazette published last October 16th legislation enacting a new indirect Tax on Certain Digital Services to be levied on On-line Advertising and Intermediation Services, as well as on Data Transfers realized in Spain by major Technological companies. The new tax is a unilateral response to the current lack of international consensus and falls, at 3%, on previously not taxable events. It will enter into force next January 16th 2021.

OCC Finalizes True Lender Rule, Attempting to End Uncertainty around Bank-Fintech Partnership Models

The Office of the Comptroller of the Currency (OCC) issued a final rule that creates a bright-line test to determine when a national bank or federal savings association (bank) makes a loan and is the "true lender," including in the context of bank-fintech partnerships.

The European Commission starts two new studies into the mobile payment sector

The mobile payments sector is on regulatory tenterhooks following the increase in the use of mobile wallets and the entry of new competitors, including tech companies, in the sector. The European Commission ("EC") just announced two new studies in the mobile payments sector. The sector is also subject to scrutiny at EU Member State level, while the US and Chinese antitrust regulators are closely monitoring developments.

USPTO publishes report on public views on artificial intelligence and IP Policy – US IP law adequate for now, until artificial general intelligence is reached?

As artificial intelligence (AI) evolves, it becomes imperative to examine whether the current intellectual property (IP) legal frameworks, in the US and abroad, are adequate to address issues specific to AI. The United Kingdom Intellectual Property Office (UKIPO), European Patent Office (EPO) and the United States Patent and Trademark Office (USPTO) have all recently had the opportunity to weigh in on the issue of whether an AI machine can be named as the inventor on a patent application.

Europe again has the technology sector in its target zone

For many years, the European Commission (the Commission) has been the global leader in applying antitrust law to the technology sector. This year is no exception. Indeed, there have been a number of new European enforcement initiatives in 2020, with the technology sector a primary focus of the Commission's enforcement activity right now.

New US antitrust implications for your supply chain

Antitrust litigation in the US continues to focus on competitor interactions. Companies that participate in multiple levels of a supply chain must consider how to engage with their competitors and even whether that engagement should take place in the first place.

A new "rocket docket" for patent litigation in the US

Over the past two years, many technology companies have become patent infringement defendants in the US District Court for the Western District of Texas (the "Western District"). This includes many corporations with operations in and around Austin, Texas, a growing US technology hub.

Recent Uptick in Patent Litigation Likely Due to Coronavirus and Legal Developments

Companies with strong patent portfolios and those subject to infringement actions should note that patent litigation is on the rise.

Regulation of Artificial Intelligence in Europe and Japan

Enterprises around the world are rapidly incorporating artificial intelligence (AI) into existing and new products and processes. This effort is not just to improve such offerings and services, but to achieve a qualitatively higher level of capability not possible before. It is clear that AI carries the potential for many new opportunities, across all industries, but it is also already recognized that it brings numerous risks as well.

Online gaming M&A levels up

The online gaming industry has flourished amid stay-at-home orders.

CBM Review – Last Call

Covered Business Method ("CBM") review ends in mid-September, and you have one last chance to take advantage.

Federal Circuit Directs Transfer Out of the Western District of Texas Finding Clear Abuse of Discretion in Judge Albright's Denial

White & Case LLP's John Scheibeler and Demarcus Williams summarize recent decision from the U.S. Court of Appeals for the Federal Circuit Directing Transfer Out of the Western District of Texas Finding Clear Abuse of Discretion.

New expansion of foreign direct investments control regime in France and the impact on French biotech companies

In line with the increased protectionism around foreign direct investments (FDI) in the past few years, the economic impact of COVID-19 led to a worldwide rapid expansion of existing regulations. The countries justify such expansion by the need to protect the expertise and intellectual property (especially in connection with the health/biotech sector) of homegrown companies from opportunistic takeovers in a context of depreciated valuations.

UK Micromobility Trials Launched

New UK regulations offer new opportunities for micromobility sector. The United Kingdom's Department for Transport ("DfT") has announced that new regulations for rental e-scooters will come into force on 4 July 2020. 

Technology M&A remains resilient in the face of COVID-19 crisis

Technology dealmaking has continued apace in 2020 as M&A investors take advantage of the sector's resilience to transact

Technology sector shows resilience during lockdowns

Remote working, online shopping and telemedicine have shielded the technology sector from the worst effects of COVID-19 lockdowns

The Japan Fair Trade Commission ("JFTC") published Market Research Reports re: Fintech and Financial Services

The JFTC published two reports ("Reports") including the "Report on Cashless Payment Services using QR Codes, etc." ("Cashless Payment Report" or "Report") and "Report on the Household Account Book Services, etc." ("Household Account Book Report") on April 21, 2020 based on the market research ("Research") conducted on Fintech and Financial Services from October 2019 to March 2020.

Accelerating change: From smart city to smart society

The COVID-19 pandemic has revealed some of the shortcomings of major cities in times of crisis. As the world searches for ways to make urban areas more resilient, smart city initiatives offer some of the answers.

Supreme Court clarifies rules for remedies in trademark litigation

Willful infringement is no longer required for trademark owners to recover infringers' profits. In Romag Fasteners v. Fossil Group, the Supreme Court resolved a longstanding circuit split. The unanimous opinion has important practical implications for trademark litigants and licensees.

Launch of the Future Fund: Funding for the UK's fast-growth companies

On 20 April 2020, the Chancellor of the Exchequer announced a scheme aimed at providing support to the UK's most innovative and fastest-growing companies. Below we provide an overview of the scheme and highlight some key questions being asked in respect of the scheme. 

The UK tax opportunities for corporate and fintech startups

For anyone wondering where to base their financial technology (fintech) startup, the UK should feature high on the list of jurisdictions to consider.

Vendor performance during social isolation

Every industry is at a critical juncture in evaluating how to successfully continue business operations in a period of unprecedented disruption. We have received a number of inquiries from clients, in particular those who rely on third-party vendors to service critical parts of their technology infrastructure, as to how to ensure performance of these services and how to mitigate the risk that vendors will seek to be excused from performing their contractual obligations

Unlocking Platform Technology to Combat Health Pandemics

The World Health Organization (WHO) has urged countries to trace and track every COVID-19 case. Tracking the spread of the virus is essential to effective mitigation of this health pandemic.

Silicon Valley's Home Court: Patent Trends in the Northern District of California

This update briefly summarizes 2019 trends in patent litigation from the Northern District of California, which remains an important and frequent venue for technology litigation.

EU's new Digital Strategy for the next five years – will Europe become a trusted digital player?

The European Commission launched the digital single market as early as 2015 to deliver its main legislative proposals, among them proposals for boosting e-commerce, ePrivacy, IP protection, the harmonization of digital rights, harmonized VAT rules and cybersecurity. While the EU Treaties do not contain any special provisions or information and communication technologies, the EU is allowed to take relevant actions within the framework of sectoral and horizontal policies, such as industrial policy; competition policy; trade policy; the trans-European networks; research and technological development and space; the approximation of laws for improving the establishment and the functioning of the internal market; the free movement of goods; the free movement of people, services and capital; education, vocational training, youth and sport. All these are among the key elements for a digital Europe.

Key Regulatory Developments Impacting the California Lending and Payments Space

The State of California is home to almost 40 million consumers and the world's fifth largest economy. It represents a key exposure to most financial services companies' US footprint. In recent years nonbank financial services companies have been subject to increased scrutiny by the California state legislature and the Department of Business Oversight ("DBO"), which regulates and supervises the financial services industry. As a result, companies that operate, or intend to operate, in California must often navigate a complex regulatory landscape, subject to swift change and transformation.

Getting the Deal Through - Technology M&A 2020

Global law firm White & Case LLP has contributed to the 2nd edition of Technology M&A, published by Getting the Deal Through. The book covers key considerations for technology M&A transactions in 16 jurisdictions. Partner Arlene Arin Hahn and Associate Neeta Sahadev are Contributing Editors for the book and also co-authored the United States chapter.

Federal Circuit Alters Landscape for Design Patent Litigation

Intellectual property litigants may be increasingly addressing design patents. Design patent litigation may be getting lengthier, and this may result in the filing of more design patent cases.

The end of the e-book's secondhand market - Court of Justice of the European Union forbids resale without rights holders' consent

In a constantly growing number of sectors, the acquisition process is shifting more and more towards digital. This also applies to the book market. Whereas in the past, mainly physical books were sold and purchased, today e-books are gaining more and more importance. The differences between e-books and physical books, particularly in the secondhand market, have recently been addressed by the Court of Justice of the European Union.

Connected and Autonomous Vehicles – a cross-jurisdictional comparison of regulatory developments

Connected and autonomous vehicles ("CAVs") are expected to become a reality on roads across modern economies in the near future. In 2018, the EU estimated that, provided a sufficient regulatory and enabling framework is in place, CAVs could be available on a commercial basis by 2020, and commonplace by 2030. Estimates in the US are similar. On a financial level, forecasts have suggested that by 2050, the global CAVs industry could be worth upwards of $7 trillion, and that the CAV taxi market might be worth more than $2 trillion per year by 2030.

New Guidelines re: Application of ASBP to Transactions between Digital Platforms and Consumers

The Japan Fair Trade Commission ("JFTC") issued "Guidelines Concerning Abuse of Superior Bargaining Position in Transactions between Digital Platform Operators and Consumers that Provide Personal Information, etc." ("Guidelines") on December 17, 2019.

DSK Calculation Model

On 25 May 2018, the European General Data Protection Regulation (GDPR) entered into force. The GDPR is intended to harmonize data protection regulations within the EU, whereby member states are entitled to supplement or modify certain provisions of the GDPR through opening clauses. A violation of the GDPR can be punished with fines of up to EUR 20 million or four percent of the company's total worldwide annual turnover pursuant to Article 83 (5) GDPR. The calculation model is designed to facilitate a comprehensible, transparent and case-by-case procedure for imposing such fines.



Can Late IPR Petitions Be Appealed? Analyzing the Supreme Court's Oral Argument in Thryv, Inc. v. Click-to-Call Technologies

On December 9, 2019, the Supreme Court heard oral arguments in Thryv, Inc. v. Click-to-Call Technologies, Case No. 18-916. The case involves the proper application of Section 315(b) of the American Invents Act (AIA) to determine whether an application for an inter partes review (IPR) is time-barred from an appeal. The issue is whether a party can appeal a Patent and Trial Appeal Board (PTAB) ruling of a time bar, or whether it is unappeable. The time bar of Section 315(b) prevents an IPR petition from being filed more than one year after the patent owner had served the petitioner with a complaint for patent infringement.

Considering Legal Implications of Open Sourcing Patents for Sustainable Vehicles

In April 2019, Toyota announced it would provide royalty-free patent licenses for its vehicle electrification technology. Toyota joins Tesla as the latest auto manufacturer to leverage its intellectual property to increase adoption of new technologies—particularly where there is little dispute over the need to develop sustainable mobility options to combat rising emissions. 

Game over for loot boxes?

The findings of the UK's Immersive and Addictive Technologies Inquiry may significantly impact the economics of video game companies.

Self-Driving Cars: Balancing Safety and Data Privacy Considerations

Empowered by technology that continues to grow at an exponential rate, automotive and tech companies around the world are racing to bring autonomous vehicles to the road. In this race, companies face the challenge of balancing the large amounts of data saved every second on an AV with the pressing public need for increased safety on our roads.

Navigating Privacy and Cyber Incident Notification and Disclosure Requirements

Fulfilling a company's data breach and cybersecurity incident notification and disclosure requirements is an increasing challenge. Companies operating across industry sectors and around the world must satisfy a wide range of statutory, regulatory and contractual requirements, often with differing thresholds, timelines and formats. This article offers six steps companies should consider when navigating this complex process.

Israel steps on the gas in the autotech race

The convergence of technology with other sectors has been the driving force behind much of Israel's tech boom in the past decade. And in 2017, Intel's acquisition of Mobileye, a developer of ADAS (advanced driver assistance systems), for US$15 billion thrust Israel's automotive technology (autotech) industry firmly into the spotlight.

Dashcams and autonomous vehicles: Dodging legal landmines in the EU

The development of autonomous vehicles has attracted significant attention in recent years. The technologies being used in order to enable vehicles to navigate without human assistance include established navigation tools such as GPS, and less well-known innovations in the field of navigation, such as LiDAR, which uses light to measure the distances to nearby objects. One technology that has been making great strides is the use of AI-driven automated object recognition through video data. The development of this technology requires the collection of a vast volume of video data, taken from all manner of driving scenarios, in order to train the AI systems to accurately recognize pedestrians, stationary objects, other vehicles, and so on.

Recent Developments in IP Protection in China

The National People's Congress of China (NPC) adopted the new Foreign Investment Law (FIL) on March 15, 2019, with a view toward unifying and streamlining the foreign investment framework into China. One of the main emphases under the FIL is to further strengthen protections of the foreign investors' intellectual property rights under Chinese law. In particular, the FIL calls for stricter protections against intellectual property infringement and further encourages "voluntary and fair" technology collaboration between foreign investors and Chinese parties. The FIL also seeks to prohibit Chinese government agencies from "forcing" a foreign investor to commit to technology transfers in China as a condition of investment.

Huawei espionage concerns reach UK

The UK 5G debate is emblematic of protectionist sentiments in the technology sector.

CCPA 100-Day Compliance Checklist: It's Not Just About the Privacy Policy

With only 100 days left in 2019 as of the date of this publication, the California Consumer Privacy Act (CCPA) will be here before you know it. As we have described previously, the CCPA applies to a wide range of for-profit companies (and potentially their subsidiaries) that do business in California.

hiQ's preliminary injunction affirmed. A green light for data scraping or not?

As we have previously discussed, claims under the Computer Fraud and Abuse Act (CFAA) are commonly asserted as a means of protecting online data from unwanted scraping activity. The scope and application of the CFAA, however, have been subject to significant, and sometimes conflicting, judicial consideration. Last week's highly anticipated decision of the United States Court of Appeals for the Ninth Circuit in hiQ Labs, Inc. v. LinkedIn Corp. marks the latest decision in this evolving judicial narrative. 

The European strategy of regulation on artificial intelligence

On 12 February 2019, the European Parliament adopted a Resolution on a comprehensive European industrial policy on artificial intelligence (AI) and robotics1. After describing AI as "one of the strategic technologies of the 21st century", the European Parliament presented several recommendations to the Member States. This Resolution underlines the need to close the European gap with North America and Asia-Pacific, and promotes a coordinated approach at the European level "to be able to compete with the massive investments made by third countries, especially the US and China". 

Patent transfer considerations: Takeaways from Lone Star Silicon Innovations LLC v. Nanya Tech. Corp.

In a recent decision, the United States Court of Appeals for the Federal Circuit further clarified the "all substantial rights" doctrine related to patent infringement and assignment. The court held that Lone Star Silicon Innovations LLC's (Lone Star) patent transfer agreement with Advanced Micro Devices (AMD) did not result in the transfer of "all substantial rights" necessary to bring a patent infringement case under 35 U.S.C. § 281. Nos. 2018-1581, 2018-1582, 2019 U.S. App. LEXIS 16077, *1,*18 (Fed. Cir. May 30, 2019). Further, the court vacated and remanded the case for the district court to consider whether AMD, as the patentee, should be joined as a party under Federal Rule of Civil Procedure (FRCP) 19. 

SEC Proposes Amendments to Modernize Disclosures; Considers Requiring Human Capital Resources Disclosure

On August 8, 2019, the Securities and Exchange Commission ("SEC") proposed amendments to crucial disclosure requirements under Regulation S-K, including Item 101 (Description of Business), Item 103 (Legal Proceedings) and Item 105 (Risk Factors) as part of its ongoing initiative to update and modernize its disclosure.

Don't worry – it's publicly available on the internet!

Due diligence considerations with respect to licensing data and acquiring data-dependent businesses.

New York Continues State's Charge to Protect Consumers' Personal Information

New York recently amended its existing data breach notification law to expand the data breach notification obligations of persons and businesses (and state agencies) and impose specific data security requirements on persons and businesses to protect its residents' personal information. Under SB 5575 or the "Stop Hacks and Improve Electronic Data Security Act" ("SHIELD Act"), New York continues a growing trend of regulators and lawmakers to increase consumer privacy and data security protections.

Design patents: a growing trend in the hardware space

We are in 2019. Aesthetics matter. Products that look good sell better. Hardware companies are investing increasing amounts of resources into design teams that create sleek and modern products that allow customers to feel like they own the technology of the future. A portfolio of design patents adds both a sword and a shield to a company's arsenal, allowing greater protection for investment into product design than other traditional options, such as copyright and trademark, could afford alone. At the same time, the legal landscape surrounding design patents is in flux since Apple v. Samsung, 137 S. Ct. 429 (2016). The US Supreme Court's decision did not merely push design patents to the forefront of academics' attention—it sparked a legal regime shift, with tangible, significant and developing implications for how companies can and should protect their technologies and designs.

International Comparative Legal Guide to Data Protection 2019 published

ICLG has published its Guide to Data Protection, which covers 42 jurisdictions, with White & Case providing the contributing editors, and the country chapters for the UK and the U.S.

Germany's Draft Bill on IT Security 2.0 – Extended BSI Authorities, Stricter Penalties and New Obligations on Providers

On March 27, 2019, the German Federal Ministry of the Interior (GMI) proposed a new bill (the "Draft Bill") for a so-called IT Security Act 2.0 (IT-SiG 2.0). In an effort to take a front-runner role in Europe, Germany has enacted a comprehensive IT security law in 2015. 

Tech M&A: Regulation moving up the menu?

CMA investigation into Amazon/Deliveroo and Paypal/iZettle deals highlights the regulator's increased interest in technology transactions.

Current antitrust focus on technology platforms should take into account recent Supreme Court decisions in Pepper and American Express

Technology products are increasingly characterized by their ability to facilitate interconnectedness. More and more, tech innovators find themselves subject to increasing scrutiny under global competition laws when they succeed.

Does your deal have a Section 8 Antitrust problem?

The renewed interest in taking a fresh look at how antitrust can apply to tech has generated any number of "Hipster Antitrust" theories of harm. With the US Federal Trade Commission announcing a new Tech Task Force this spring, the FTC has signaled it will be actively shaping this issue. Last week, the FTC took another step in this direction with a blog indicating that one area of focus will be on deals resulting in interlocking boards of once-complementary companies.

Congress attempts to remove ambiguity in favor of patent holders

The basic building block of obtaining a patent starts with the determination of patent eligibility under § 101 of the Patent Act (35 U.S.C. § 101). Section 101 states that "any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof" is patent-eligible. However, courts have long recognized certain "judicial exceptions" to this general rule of patent eligibility. In Alice and Mayo, the Supreme Court established the current test for "judicial exceptions," which states that claims directed to "a law of nature, natural phenomenon, or abstract idea" are not patent-eligible alone. Alice Corp. Pty. Ltd. v. CLS Bank Int'l, 573 U.S. 208 (2014); Mayo Collaborative Servs. v. Prometheus Labs., Inc., 566 U.S. 66 (2012). To clarify how patent examiners apply the Alice/Mayo test, the USPTO has issued several sets of guidance, including the "2019 Revised Subject Matter Eligibility Guidance."

Connected cars merge with payment technology

As connected cars proliferate, auto, tech and financial companies will form alliances that raise familiar legal issues in new contexts

Supreme Court Clarifies Effects of Bankruptcy on Trademark Licenses

On May 20, 2019, the Supreme Court held in Mission Products Holdings, Inc. v. Tempnology, LLC that a debtor-licensor's rejection of a trademark license agreement does not "deprive the licensee of its rights to use the trademark." This holding resolves a longstanding circuit split in the Federal Courts of Appeal about the effects of bankruptcy on trademark licenses.

FTC v. Qualcomm

On May 21, 2019, the United States District Court for the Northern District of California found that Qualcomm violated the Federal Trade Commission (FTC) Act, in an antitrust decision significant to licensing standard-essential patents (SEPs) under fair, reasonable and non-discriminatory (FRAND) terms.

Connected devices: Challenges for both technology providers and consumers

Privacy and the development of technology are competing interests that are sometimes in conflict. These considerations often present a challenging balancing exercise for technology companies developing innovative products as well as companies and individuals that elect to use those new products. The market is seeing more political debate, legislation and litigation that focus on these issues. It is no longer a discussion that is only occurring within technology companies.

Another FRAND Decision in Europe: Clarity or Confusion?

In July 2015, the Court of Justice of the European Union ("ECJ") issued Huawei v. ZTE, a seminal decision detailing how holders of Standard Essential Patents ("SEPs") must license its SEPs on fair, reasonable, and nondiscriminatory (FRAND) terms.

Supreme Court Clarifies the Rules for Enforcing Copyrights

On March 4, 2019, the Supreme Court issued two unanimous opinions that clarify when copyright owners can sue for infringement and what costs they can recover from infringers. In Fourth Estate v., the Court held that a copyright owner may file an infringement complaint when the U.S. Copyright Office registers a copyright. In Rimini Street v. Oracle USA, the Court held that that courts cannot make unconstrained cost awards to prevailing parties in copyright cases.

Illinois Supreme Court Rules: "Aggrieved" Person Does Not Require Separate, "Actual" Injury for Biometric Information Privacy Act Claim

On January 25, 2019, the Supreme Court of Illinois held in Rosenbach v. Six Flags Entertainment Corp. that an "aggrieved" person entitled to seek damages and injunctive relief under Illinois' Biometric Information Privacy Act ("BIPA"), need not allege actual or separate injury beyond a violation of the individual's rights under BIPA. BIPA, an Illinois state law, is currently the only biometric privacy law that provides the opportunity for a private individual to bring an action in court. This holding overturns a lower appellate court decision, and aligns with recent holdings in the Northern District of California.

Does your compliance program address UK exposure?

Tech companies of U.S. origin tend to have compliance programs focused on U.S. laws, including the Foreign Corrupt Practices Act (the "FCPA") and relevant tax and labor laws. 

"No deal" Brexit Plan of Action

As the approach of Brexit draws inexorably closer, the continued lack of certainty around what any Brexit withdrawal deal will look like, or indeed whether a deal will be agreed at all, is causing increasing concern among the business community.


[Back to Table of Contents]



The SEC Launches FinHub – New Resource for Public Engagement on FinTech Matters

On October 18, 2018, the US Securities and Exchange Commission (the "SEC" or the "Commission") announced its launch of a new "strategic hub for innovation and financial technology" the Commission is calling FinHub.

Mexican Fintech Law Secondary Regulation Becomes Effective

On September 10, 2018, enabling regulations were published on the Federal Official Gazette to regulate the Law Regulating the Financial Technology Institutions ("Fintech Law").

A Slice of GDPR in California?

The recently passed California Consumer Privacy Act of 2018 (the "CCPA") is set to create significant compliance burdens for most businesses that collect personal information about California residents ("consumers").

Months after Berkheimer and Aatrix: Business as Usual

An early challenge to patent eligibility is a useful tool for any alleged infringer. Because of this, most alleged patent infringers, especially in software cases, begin their defense by considering whether the asserted patent satisfies the requirements of 35 U.S.C. § 101, as interpreted by the Supreme Court's decisions in Mayo and Alice. In a three-year period, between 2014 and 2017, District Courts evaluated patent eligibility in more than 400 opinions and, in many cases, determined ineligibility as a matter of law.

Social sharing and the US Video Privacy Protection Act: Perilous for online video content providers

The Video Privacy Protection Act of 1988 (18 U.S.C. § 2710) ('VPPA') regulates the disclosure of information about consumers’ consumption of video content, imposing prescriptive requirements to obtain consumers’ consent to such disclosure.

Law & Technology: Risks and Opportunities from the Tectonic Forces at Work

Rapid developments in information technology are changing how people work, consume, play and interact. Government policy will influence the direction of technological developments, and laws and regulations will undoubtedly need to change to address the new reality.

Mexican Fintech Law Becomes Effective

On March 10, 2018, the Law regulating Financial Technology Institutions ("Fintech Law") became effective along with certain reforms to other financial laws.

Everything your business should know about the impending GDPR

Businesses need to take a risk-based approach, focusing compliance efforts on their biggest vulnerabilities.

Sign and Submit by February 15, 2018: NYDFS Cybersecurity Certification Due Date Nears as Additional Compliance Requirements Close In

An overview of upcoming certification and compliance requirements under NYDFS Cybersecurity Regulation.

Videos: Why you need cybersecurity risk management

Best practices for incident preparedness and response.


[Back to Table of Contents]



• European Fintech M&A: Key Issues for Strategic Investors
• Vendor Risk Management as Applied to Fintech Contracts
• Fintech: Cybersecurity Risk Management for Financial Institutions and Technology Vendors
• The Role of Regulation in Financial Innovation: Does Fintech Need Regulation to Flourish?
• PSD2 – the EU's Regulatory Response to Innovation in the Payments Sector
• In re Micron Tech –Waiver and Improper Venue Challenges Post-TC Heartland
• Federal Circuit Weighs In On Limiting Effect of Preambles
• Draft Fintech Law bill introduced in Mexico
• Employee monitoring – avoiding pitfalls in a changing landscape
• eSports coming to the fore for policymakers in Europe
• Seeking consent under the General Data Protection Regulation
• Blockchain's Steady March to Legitimacy
• Compliance Deadline Looms on State Cybersecurity Regulation
• Police Body Worn Cameras: What Prosecutors Need to Know
• Germany Permits Automated Vehicles
• Innovation drives dealmaking: Outlook for M&A in Israel
• Car Sharing Act - New Benefits for Car Sharing Offerings in Germany
• Supreme Court's Lexmark Decision Exhausts Patents
• Officer and director checklist: Complying with the global reach of the New York Department of Financial Services Cybersecurity Regulation
• EU regulators welcome stricter rules on cookies and direct marketing
• Swiss-U.S. Privacy Shield: Key Similarities, Key Distinctions with the EU-U.S. Approach
• Privacy Shield: Recent Developments
• The dangers of direct marketing: Seeking consent or asking for trouble?
• Subject Access Requests: "not an obligation to leave no stone unturned"
• Defamation and data protection claims can be brought in parallel
• NYDFS Cybersecurity Regulations Compliance Guide: Applicability, Exemptions and Penalties
• NYS Department of Financial Services Cybersecurity Regulation Goes Live: Now What?
• Privileged information is generally safe from Subject Access Requests
• Data Privacy in a Time of Reaction: "Big Data" versus "The People"
• IP addresses and personal data: Did CJEU ask the right questions?
• New EU Guidelines on Data Protection Officers 


[Back to Table of Contents]



• Investigatory Powers Act 2016 cast into doubt by new EU ruling
• Further Challenges to EU-US Privacy Shield and EU Data Exports
• Investigatory Powers Act 2016 becomes law
• New DMCA Exemption Allows Consumers to Hack Their Own Vehicles
• Cybersecurity Guidelines for Vehicles
• Businesses can refuse Subject Access Requests made for the dominant purpose of litigation
• UK to implement GDPR regardless of Brexit
• Disclosing personal data – new protections for regulated sector firms?
• FCC Adopts Privacy Regulations for Broadband Internet Service Providers
• EU-US Privacy Shield challenged
• Court confirms that IP addresses are personal data in some cases
• UK ICO recommends personal liability of directors for breaches of data protection law
• Electronic Frontier Foundation brings suit over anti-circumvention provisions in the DMCA
• New York's New Cybersecurity Rules: What Is Required?
• UK ICO issues largest ever fine for a data breach
• Accelerating the autonomous vehicle revolution
• The European Digital Single Market Strategy and Related Copyright Law Implications: The Status Quo
• New York Regulators Propose Stricter Cybersecurity Rules
• EU: Injunctions against intermediaries available also in the offline world
• EU-US Privacy Shield: How to Certify
• Federal Circuit Expanding Interpretation of Step Two of the Test for Patent Eligibility
• European Court of Justice Strengthens Rights of Authors, Performers and Phonogram Producers
• Unlocking the EU General Data Protection Regulation
• EU-US Privacy Shield approved
• Japan Patent Act Amendment: How to Compensate Inventors Now?
• Federal Circuit Provides Guidance on Patent Eligibility Determination
• US Supreme Court affirms Federal Circuit on IPR Claim Construction Standard and that IPR Institution Decisions are Final and Non-appealable
• Online Traders: New Obligation in EU for Provision of Link to Online Dispute Resolution (ODR) Platform
• New threats to transatlantic data flows as Model Clauses come under fire
• New Players – Old Rules? The Current Debate on the Regulation of OTT Services in the EU and Germany
• Car Wars: The Car of the Future—Legal Aspects in a Connected World
• Strict and far-reaching new EU data protection regime comes into force
• FCC Proposes Formal Privacy Regulations for Broadband ISPs
• IP addresses may be subject to EU data protection laws
• Defend Trade Secrets Act: A New Era in Intellectual Property Protection
• GDPR published – Enforcement begins on 25 May 2018
• Employers vicariously liable for data breaches caused by rogue employees
• English court compels investigators to disclose information on data protection grounds
• UK 'regulatory sandbox' to foster fintech innovation
• Significant concerns from EU Data Protection Authorities may delay the EU-US Privacy Shield
• European Parliament approves new EU data protection law
• TC Heartland Challenges the Status Quo on Patent Venue
• Timeline for new EU-US data transfer mechanism becomes clearer
• NHTSA Reflects Willingness of US Regulatory Authorities to Embrace Autonomous Vehicles
• No consensus on Privacy Shield following debate on adequacy
• France anticipating the GDPR
• FTC Settles with Data Brokers in Sale of Consumer Data Used for Illicit Purposes
• New deal for transferring personal data from the EU to the US moves a step closer
• Bărbulescu v. Romania clarifies an employers' rights to monitor the contents of their employees' private electronic communications
• EU Regulatory Agendas: EDPS Priorities 2016 and Article 29 Working Party Work Programme 2016 – 2018
• New restrictions on disclosures of personal data to non-EU courts will not apply in the UK
• New WP29 Opinion on the application of EU data protection law to non-EU businesses
• Safe Harbor is dead, long live Safe Harbor!
• International Data Privacy: How to Navigate the Challenges
• Texas Takes a Stance Against Patent Trolls
• FTC and Wyndham Settle Suit Regarding Wyndham's Alleged Cybersecurity Failures
• New EU Directive on the Protection of Trade Secrets to Come
• UK and EU Law Enforcement Investigatory and Data Sharing Powers: Developments and International Impact 


[Back to Table of Contents]

This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.
© 2021 White & Case LLP