White & Case Technology Newsflash | White & Case LLP International Law Firm, Global Law Practice
White & Case Technology Newsflash

White & Case Technology Newsflash

The Technology Newsflash contains articles and timely updates on the latest technology, outsourcing and privacy legal issues and trends affecting businesses today. We encourage you to visit the site often as it is updated regularly. We welcome any questions about the topics covered here and those relating to our global capabilities.

Table of Contents

Current Issue

Quicksearch Links

2016 Issue

2015 Issue

2014 Issue

2013 Issue


Current Issue

A Slice of GDPR in California?

The recently passed California Consumer Privacy Act of 2018 (the "CCPA") is set to create significant compliance burdens for most businesses that collect personal information about California residents ("consumers").

Months after Berkheimer and Aatrix: Business as Usual

An early challenge to patent eligibility is a useful tool for any alleged infringer. Because of this, most alleged patent infringers, especially in software cases, begin their defense by considering whether the asserted patent satisfies the requirements of 35 U.S.C. § 101, as interpreted by the Supreme Court's decisions in Mayo and Alice. In a three-year period, between 2014 and 2017, District Courts evaluated patent eligibility in more than 400 opinions and, in many cases, determined ineligibility as a matter of law.

Social sharing and the US Video Privacy Protection Act: Perilous for online video content providers

The Video Privacy Protection Act of 1988 (18 U.S.C. § 2710) ('VPPA') regulates the disclosure of information about consumers’ consumption of video content, imposing prescriptive requirements to obtain consumers’ consent to such disclosure.

Law & Technology: Risks and Opportunities from the Tectonic Forces at Work

Rapid developments in information technology are changing how people work, consume, play and interact. Government policy will influence the direction of technological developments, and laws and regulations will undoubtedly need to change to address the new reality.

Mexican Fintech Law Becomes Effective

On March 10, 2018, the Law regulating Financial Technology Institutions ("Fintech Law") became effective along with certain reforms to other financial laws.

Everything your business should know about the impending GDPR

Businesses need to take a risk-based approach, focusing compliance efforts on their biggest vulnerabilities.

Sign and Submit by February 15, 2018: NYDFS Cybersecurity Certification Due Date Nears as Additional Compliance Requirements Close In

An overview of upcoming certification and compliance requirements under NYDFS Cybersecurity Regulation.

Videos: Why you need cybersecurity risk management

Best practices for incident preparedness and response.

European Fintech M&A: Key Issues for Strategic Investors

We examine key considerations for strategic investors involved in Fintech M&A.

Vendor Risk Management as Applied to Fintech Contracts

We examine key considerations for financial institutions engaging in the procurement of services from fintech.

Fintech: Cybersecurity Risk Management for Financial Institutions and Technology Vendors

We examine key cybersecurity issues concerning the development and deployment of financial technologies.

The Role of Regulation in Financial Innovation: Does Fintech Need Regulation to Flourish?

We discuss the important and continuing role that regulation is playing in the development and advancement of financial innovation and the “legitimising” of fintech.

PSD2 – the EU's Regulatory Response to Innovation in the Payments Sector

We examine the European Union’s developing regulatory landscape and PSD2’s impact on fintech businesses.

In re Micron Tech –Waiver and Improper Venue Challenges Post-TC Heartland

In its recent In re Micron Tech opinion, the Court of Appeals for the Federal Circuit answered one of the most hotly contested issues springing from the wake of TC Heartland—does the Supreme Court's TC Heartland opinion qualify as a change-of-law such that an alleged infringer who failed to raise the defense of improper venue pre-TC Heartland will not be adjudged to have waived the defense?

Federal Circuit Weighs In On Limiting Effect of Preambles

Georgetown decision highlights the fine line between limiting and non-limiting preambles, suggesting a need to cast a wide net in discovery.

Draft Fintech Law bill introduced in Mexico

On September 18, 2017, the Ministry of Finance and Public Credit (SHCP) submitted to the Mexican Federal Commission for Regulatory Efficiency (Comisión Federal de Mejora Regulatoria, COFEMER) the draft bill of the Law Regulating the Financial Technology Institutions (also known as, the "FinTech Law"), which was published on the Commission's website.

Employee monitoring – avoiding pitfalls in a changing landscape

Recent developments in case law and regulatory guidance have emphasised the need for employers to be cautious when implementing systems to monitor employees.

eSports coming to the fore for policymakers in Europe

Regulatory considerations to sustain the rapidly growing eSports industry.

Seeking consent under the General Data Protection Regulation

TMT analysis: How should businesses go about obtaining valid consent to the processing of personal data?

Blockchain's Steady March to Legitimacy

Virtual currency and blockchain are steadily becoming part of mainstream financial services. In recent weeks, developments in corporate law, securities regulations, financial crimes enforcement and state legislation have moved these technologies ever closer to full legitimacy.

Compliance Deadline Looms on State Cybersecurity Regulation

The new law requires strong governance. NACD principles can help.

Police Body Worn Cameras: What Prosecutors Need to Know

White & Case and the Prosecutor's Center for Excellence (PCE) release report providing guidance for prosecutors on police body-worn camera technology and related issues for criminal investigations and prosecutions.

Germany Permits Automated Vehicles

Germany's bill legalizing automated vehicles on public roads creates a solid legal framework for highly and fully automated vehicles.

Innovation drives dealmaking: Outlook for M&A in Israel

Investors continue to flock to Israel, as innovation and technological advancements create fertile ground for M&AInvestors continue to flock to Israel, as innovation and technological advancements create fertile ground for M&A.

Car Sharing Act - New Benefits for Car Sharing Offerings in Germany

Germany incentivizes car sharing companies to promote eco-friendly driving solutions.

Supreme Court's Lexmark Decision Exhausts Patents

The U.S. Supreme Court's ruling in Impression Products, Inc. v. Lexmark International, Inc. alters the scope of the patent exhaustion defense.

Officer and director checklist: Complying with the global reach of the New York Department of Financial Services Cybersecurity Regulation

What follows is a useful checklist to help officers and directors adequately monitor and oversee their company's Cybersecurity Regulation compliance efforts.

EU regulators welcome stricter rules on cookies and direct marketing

The European Commission has published a draft Regulation regarding cookies and electronic direct marketing. EU regulators have publicly welcomed the proposal, which has potentially significant consequences for all businesses that engage in online commerce or electronic direct marketing.

Swiss-U.S. Privacy Shield: Key Similarities, Key Distinctions with the EU-U.S. Approach

The U.S. International Trade Administration will begin accepting self-certifications for the Swiss-U.S. Privacy Shield on Wednesday, April 12th. While rooted in the same principles as the EU-U.S. Privacy Shield, the Swiss-U.S. Privacy Shield contains several distinctions and important requirements for organizations seeking to transfer Swiss personal data to the United States.

Privacy Shield: Recent Developments

The Article 29 Working Party has released new procedural documentation regarding Privacy Shield and individuals' complaints about misuse of their personal data. This comes against a backdrop of concern that a recent US Presidential Order may undermine certain protections offered by Privacy Shield.

The dangers of direct marketing: Seeking consent or asking for trouble?

The UK Information Commissioner's Office has issued fines to two businesses for unlawfully sending emails to individuals to ask about their marketing preferences. These cases emphasise the fact that "marketing" in this context is a very broad concept, and is not limited to sales and promotional activities.

Subject Access Requests: "not an obligation to leave no stone unturned"

The English Court of Appeal has ruled in two recent cases that subject access requests are generally valid, and businesses must comply with such requests, even if they are made for collateral purposes, such as collecting information for use in litigation. However, the court also clarified that the subject access regime only requires businesses to conduct a reasonable and proportionate search – not an exhaustive search.

Defamation and data protection claims can be brought in parallel

The English Court of Appeal has confirmed in a recent case that data protection claims may be brought hand-in-hand with defamation claims. The case provides a reminder to businesses that the use of data protection as a weapon in litigation is growing ever more commonplace.

NYDFS Cybersecurity Regulations Compliance Guide: Applicability, Exemptions and Penalties

As discussed in our March 1, 2017 update, the New York Department of Financial Services ("NYDFS") issued final regulations that require New York banks and insurance companies, as well as other financial services companies that are supervised by the NYDFS—including New York state-licensed branches and agencies of non-US banks—to establish and maintain a cybersecurity program designed to protect consumers' private data and ensure the safety and soundness of New York's financial services industry ("Cybersecurity Regulations").

NYS Department of Financial Services Cybersecurity Regulation Goes Live: Now What?

Understand what's required under NY State's first-of-its kind cybersecurity regulation, and why their divergence from a cost-benefit approach to cybersecurity risk assessment is raising questions.

Privileged information is generally safe from Subject Access Requests

Subject Access Requests ("SARs") are an increasingly popular weapon in litigation, because they can be used to provide a cheap and quick form of pre-action disclosure. However, courts have confirmed that information subject to legal professional privilege ("LPP") does not need to be disclosed in response to a SAR, unless the person making the SAR has a "prima facie case" that the party relying on LPP is doing so to hide some form of wrongdoing.

Data Privacy in a Time of Reaction: "Big Data" versus "The People"

This newsflash considers trends and developments in data privacy and cyber security in the wider global macroeconomic, political and social context.

IP addresses and personal data: Did CJEU ask the right questions?

The Court of Justice of the European Union has declared that IP addresses are personal data in many circumstances – but were the right questions asked, and will the GDPR change the outcome?

New EU Guidelines on Data Protection Officers

The EU's Article 29 Working Party has published new Guidelines on the role of Data Protection Officers under the General Data Protection Regulation. Data Protection Officers are seen as a cornerstone of data protection compliance, and many businesses will be subject to a mandatory obligation to appoint a Data Protection Officer.

[Back to Table of Contents]


Quicksearch Links

Search for financial technology (fintech)

Search for EU GDPR (European Union General Data Protection Regulation)

Search for EU-US Privacy Shield

All Technology Newsflash publications and events

See also: California Consumer Privacy Act Guide

[Back to Table of Contents]


2016 Issue

Investigatory Powers Act 2016 cast into doubt by new EU ruling

Further Challenges to EU-US Privacy Shield and EU Data Exports

Investigatory Powers Act 2016 becomes law

New DMCA Exemption Allows Consumers to Hack Their Own Vehicles

Cybersecurity Guidelines for Vehicles

Businesses can refuse Subject Access Requests made for the dominant purpose of litigation

UK to implement GDPR regardless of Brexit

Disclosing personal data – new protections for regulated sector firms?

FCC Adopts Privacy Regulations for Broadband Internet Service Providers

EU-US Privacy Shield challenged

Court confirms that IP addresses are personal data in some cases

UK ICO recommends personal liability of directors for breaches of data protection law

Electronic Frontier Foundation brings suit over anti-circumvention provisions in the DMCA

New York's New Cybersecurity Rules: What Is Required?

UK ICO issues largest ever fine for a data breach

Accelerating the autonomous vehicle revolution

The European Digital Single Market Strategy and Related Copyright Law Implications: The Status Quo

New York Regulators Propose Stricter Cybersecurity Rules

EU: Injunctions against intermediaries available also in the offline world

EU-US Privacy Shield: How to Certify

Federal Circuit Expanding Interpretation of Step Two of the Test for Patent Eligibility

European Court of Justice Strengthens Rights of Authors, Performers and Phonogram Producers

Unlocking the EU General Data Protection Regulation

EU-US Privacy Shield approved

Japan Patent Act Amendment: How to Compensate Inventors Now?

Federal Circuit Provides Guidance on Patent Eligibility Determination

US Supreme Court affirms Federal Circuit on IPR Claim Construction Standard and that IPR Institution Decisions are Final and Non-appealable

Online Traders: New Obligation in EU for Provision of Link to Online Dispute Resolution (ODR) Platform

New threats to transatlantic data flows as Model Clauses come under fire

New Players – Old Rules? The Current Debate on the Regulation of OTT Services in the EU and Germany

Car Wars: The Car of the Future—Legal Aspects in a Connected World

Strict and far-reaching new EU data protection regime comes into force

FCC Proposes Formal Privacy Regulations for Broadband ISPs

IP addresses may be subject to EU data protection laws

Defend Trade Secrets Act: A New Era in Intellectual Property Protection

GDPR published – Enforcement begins on 25 May 2018

Employers vicariously liable for data breaches caused by rogue employees

English court compels investigators to disclose information on data protection grounds

UK 'regulatory sandbox' to foster fintech innovation

Significant concerns from EU Data Protection Authorities may delay the EU-US Privacy Shield

European Parliament approves new EU data protection law

TC Heartland Challenges the Status Quo on Patent Venue

Timeline for new EU-US data transfer mechanism becomes clearer

NHTSA Reflects Willingness of US Regulatory Authorities to Embrace Autonomous Vehicles

No consensus on Privacy Shield following debate on adequacy

France anticipating the GDPR

FTC Settles with Data Brokers in Sale of Consumer Data Used for Illicit Purposes

New deal for transferring personal data from the EU to the US moves a step closer

Bărbulescu v. Romania clarifies an employers' rights to monitor the contents of their employees' private electronic communications

EU Regulatory Agendas: EDPS Priorities 2016 and Article 29 Working Party Work Programme 2016 – 2018

New restrictions on disclosures of personal data to non-EU courts will not apply in the UK

New WP29 Opinion on the application of EU data protection law to non-EU businesses

Safe Harbor is dead, long live Safe Harbor!

International Data Privacy: How to Navigate the Challenges

Texas Takes a Stance Against Patent Trolls

FTC and Wyndham Settle Suit Regarding Wyndham's Alleged Cybersecurity Failures

New EU Directive on the Protection of Trade Secrets to Come

UK and EU Law Enforcement Investigatory and Data Sharing Powers: Developments and International Impact

[Back to Table of Contents]


2015 Issue

Introduction of new EU General Data Protection Regulation: final stages

EU-wide cybersecurity rules nearing final agreement

The self-driving car – a new legal frontier?

ITC Proposed Amendments to Section 337 Rules

Update 'EU-US Safe Harbor': Statement from the Article 29 Working Party

European Court of Justice invalidates 'EU- US Safe Harbor' pact

Trade Secrets Protection Bill Pending Before the Senate and Judiciary Committee

Transfer of Personal Data Under Japan's Amended Personal Information Protection Act

Court Invalidates Patent Claims After Refusing to Correct Alleged "Typos"

New French Act on Intelligence Services: Impacts on Technical Operators

Telemedicine or just a gadget for fitness addicts? Mobile Health Apps and the law

Europe's Highest Court Recently Delivered a Judgment Imposing Affirmative Duties on SEP Holders

Germany rolls out IT Security Act

Mobile health apps: Are they a regulated medical device?

Disparaging Trademarks and the Constitutionality of Refusing Registration Under the Lanham Act

Rejection of Oracle's claims for copyright infringement against one of its users and condemnation of the practice of aggressive audits

After Sales-Service: Don't Be Misled! — European Court of Justice Rules: Erroneous Information Provided by an Undertaking to a Consumer in the Context of After-Sales Service Is a Misleading Commercial Practice

A significant milestone in the path towards the adoption of the General Data Protection Regulation

House Committee Advances Patent Reforms Aimed to Curb Patent Litigation Abuses

Good-Faith Belief of Invalidity No Longer a Shield for Induced Infringement Claims

Free Wi-Fi: German Court Seeks Clarification in Luxembourg

Copyright levies on memory cards for mobile phones: another landmark decision from the CJEU (Case C-463/12)

House Passes Cyber Sharing Bills and Congress is Focusing on Data Protection

Council of Europe: Recommendation on the Processing of Personal Data in the Context of Employment

IBM sentenced to pay 6.5 million as contractual damages

Update: Germany's Draft Bill on IT Security

White House Re-Introduces Consumer Privacy Bill of Rights Act

The Supreme Court's New Standard of Appellate Review for Claim Construction

The case law of the German courts of lower instance for patent law and utility model law since the year 2013

President Obama Issues Executive Order on Cybersecurity Information Sharing

UPDATE: German Government Proposes New Law Entitling Consumer Protection Organizations to Enforce Data Protection Law

Developments in Privacy and Cybersecurity Legislation

EU Data Protection – Proposal on Co-Operation Procedure to Harmonize Common Opinions on Contractual Clauses

SDNY Clarifies Scope of Contractual Exclusions of Consequential Damages Under New York Law

[Back to Table of Contents]


2014 Issue

The Use of First and Last Names as Meta Tags is not Subject to the French Data Protection Act

Are Dynamic IP Addresses "Personal Data"? German Federal Court of Justice seeks advice from the European Court of Justice

California Passes New Data Protection Laws, Effective January 1, 2015

AIPPI's resolution on "IP Licensing and Insolvency": Will this re-ignite legislative initiatives in Germany?

Align by Design: Global Privacy Authorities Weigh in on the Internet of Things

California Passes Student Data Privacy Law

Federal Court Rules Business Method Patent Invalid Post-Alice

Recent Amendments to the Procedure of Personal Data Processing in Russia

Adoption of a new European legal framework applicable to cross-border electronic identification and e-signatures

Massive Online Security Breach – Are You Reactive or Proactive?

The revised PSI Directive – European Commission publishes guidelines on re-use of public sector information

Germany's Draft Bill on IT Security

UPDATE: Germany to Tighten Data Protection Laws: Consumer Protection Associations and Trade Associations shall be Granted Right to take Businesses to Court

Supreme Court Rules Abstract Ideas Implemented on Computer Not Patent-Eligible

New York AG Reports that Data Breaches Cost New York Businesses over $1B Last Year

European Commission's Actions to Better Protect and Enforce Intellectual Property Rights

Supreme Court Issues Ruling on Aereo and the Public Performance Right

German Federal Court of Justice Decides on Deletion of Unused Domains and Typosquatting

Fees for Recording IP Security Agreements with the USPTO and USCO

California Attorney General Issues Privacy Policy Guide

How does French case law deal with bundled software?

California AG Provides Important Guidance on Do-Not-Track Legislation and Disclosures

Copyright Holders Cannot Prevent Links to Freely-Available Content from Being Posted Online

Second Circuit Adopts Plaintiff-Friendly "Discovery Rule" for Copyright Infringement Claims

EU Data Protection – Draft Ad hoc contractual clauses "EU data processor to non-EU sub-processor"

New Bill Would Create a Private Right of Action for Targets of Trade Secret Misappropriation under Federal Law

FCC Warns ISPs May be Regulated as Utilities

Biotronik A.G. v. Conor Medsystems: Be Sure to Expressly Exclude Lost Profits in Drafting New York Law Contracts

Supreme Court Issues Two "High-Octane" Decisions to Address Abusive Patent Litigation Practices

3D Printing—implications on Intellectual Property Rights ("IP rights")

In for a Penny, in for a Pound

Germany's Draft Bill on Combating Late Payment in Commercial Transactions: Potential Consequences for Businesses on Both the Legal and Operational Level

EU High Court Strikes Down Data Retention Law

Cloud Services and Export Control: What You Don't Know Can Hurt You

Anti-Patent Troll Legislation: What is Proposed and What it Could Mean

CNIL Expanded Investigative Powers

Intent-to-Use Trademark Applications and Security Agreements

The Garcia v. Google Controversy and What It Means for Content Owners and Users

Germany to Tighten Data Protection Laws: Consumer Protection Associations shall be Granted Right to take Businesses to Court

Intellectual Property Infringement on the Internet: What Court to Call?

California's Shine the Light Law: A Heightened Pleading Requirement

NIST Issues Cybersecurity Framework

How to Secure Information Systems: The Growing Complexity of the Legal Landscape

Do Not Forget to Lock the Backdoor: Adopting a Holistic Approach to Cybersecurity

Study of the European Parliament on the Protection of Creator's Rights in a Changing Environment

Old Law, New Fit: Evergreen Notice Requirements for IP Service Agreements

Know Your Subcontractors: Recent FTC Settlement Highlights the Importance of Validating Subcontractor Data Protection Practices

US Supreme Court to Review Indefiniteness Standard under Section 112 of the Patent Act

FTC Settles U.S.-E.U. Safe Harbor Complaints Against Twelve Companies

EU Copyright Rules – Changes on the horizon?

Trademark Infringement by Use of AdWords? Legal Risks by Using AdWords Despite European Court of Justice (ECJ) Rulings

Distributing Earnings Call Information to the Public Is Fair Use

The Proposed Directive on Trade Secrets in the EU

The Case Law of the German Courts of Instance (Instanzgerichte) for Patent Law and Utility Patent Law Since the Year 2011

Addition of "No-Charge" Limitation During Prosecution Costs Inventor His Patent

French Courts Ordered to Block and Delist 16 Streaming Websites

[Back to Table of Contents]


2013 Issue

Federal Judge Rules NSA Data Collection Program Is Likely Unconstitutional

Major Changes to Defamation Law in the UK to Take Effect 1 January 2014

"Perfecting" Security Interests in United States Patents, Trademarks and Copyrights 

Hacking Back: For Now, Be Vigilant Rather Than a Vigilante

Prospects on Germany's Digital Landscape in the Next Four Years: What Does the Coalition Agreement Say on Technology?

Big Data: The Big Picture

Changes in Consumer Law for Distance Contracts in the EU

E-Commerce: Consider the Enhanced Consumer Protection Clauses

Software License Audits – How to prepare, how to react

FTC Denies Application for Proposed Social Network-Based COPPA Consent Verification

In Sourcing and Licensing Agreements Governed by New York Law, Think Twice About a Gross Negligence Carve-out to a Limitation on Liability

The Landgericht Düsseldorf’s (Düsseldorf District Court) decision to refer "LTE standard"

Securing Patent Value for Israeli Medical Technology Companies

CLS Bank v. Alice Corp. Further Muddies §101 Patent Eligibility

Federal Legislation Introduced Regarding Mobile Application Privacy

State court ruling creates new uncertainty for DMCA safe harbors

ECJ dismisses Spanish and Italian challenge to EU-wide unitary patent system, but obstacles remain

The Trademark Clearinghouse: What You Need to Know

Federal Circuit Announces Review of Appellate Standard for Claim Construction

Supreme Court Interprets Copyright "First Sale" Doctrine

Congress Takes Action to Allow Unlocking of Mobile Phones

FTC Announces Settlement with Social Networking App and Issues Staff Report Regarding Mobile Device Privacy Disclosures

President Obama Issues New Executive Order on Improving Cybersecurity

New HIPAA Rule Imposes Data Security and Privacy Obligations Directly Upon Vendors and Contractors of Covered Entities

U.S. Department of Health and Human Services Announces First HIPAA Breach Settlement Involving Fewer than 500 Patients

Amendments to the Economic Espionage Act Broaden Trade Secret Protection

FTC Amends COPPA Rule and Previews Future Enforcement Policies

[Back to Table of Contents]


This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.
© 2018 White & Case LLP