Effective July 29, 2024, the Federal Trade Commission (“FTC”) has issued a final rule that expands the scope of its existing Health Breach Notification Rule (“HBNR”) to include health and wellness applications (“apps”) typically associated with wearable technologies such as smart watches ...
Introduction NIS2 (the second “Network and Information Systems Directive”) is an updated regulatory framework introduced by the European Union tostrengthen cybersecurityacross member states. It is a successor to the original NIS Directive, which was adopted in 2016 ...
The EU’s much-anticipated AI Act has finally reached the statute book, with the legislation due to formally enter into force in early August. The arrival of the legislation represents a genuinely momentous shift in the focus of regulation of AI and its associated technologies, stepping away from the line of thinking that AI is just another category of software which should be subject to the same laws, standards and regulation as other, similar technologies ...
On July 5, 2024, the Financial Market Commission (“CMF”) updated its "Frequently Asked Questions" document related to General Rule No. 502 (“NCG 502”). The NCG 502 regulates the registration, authorization, and obligations of financial service providers under Law No. 21.521, known as the "Fintech Law ...
Introduction On July 2, 2024, the Superior Court rendered a decision in Lallier c. Société d?assurance Beneva inc.,1 ruling on an insured?s claim against his insurer for an insurance benefit further to a loss, as the insurer had denied coverage, alleging the insured?s intentional fault. Despite the absence of hard evidence of the insured?s intentional fault, the Court ruled in favour of the insurer based on evidence established by presumption ...
Roskomnadzor (Russian Data Protection Authority) plans to make it easier for personal data subjects to revoke consent to the processing of personal data Roskomnadzor proposes making it possible to ****revoke consent**** to the processing of personal data “in one click” ...
Recently, the Ohio General Assembly passed a bill, Substitute S.B. 40, which will enter Ohio as a party to the new Dentist and Dental Hygienist Compact, and ultimately allow dentists and hygienists practicing in other compact states to practice in Ohio. This summer, the compact will form its commission, and will continue to work on operationalizing into 2025 before officially opening privilege applications ...
In this article we look at some of the key factors that influenced deal term trends through analysing the many transactions Shoosmiths advised on over the last year. For the third successive year Shoosmiths remained the UK’s most active law firm advising on mergers and acquisitions (according to Experian MarketIQ), acting on over 400 deals worth over £7bn in 2023 ...
Malta has been a forerunner in regulating digital assets with the introduction of the Virtual Financial Assets Act, Chapter 590 of the Laws of Malta (the “VFA Act”) back in 2018. Following its approval in 2022 and publication in 2023, Regulation (EU) 2023/1114 of the European Parliament and Council on markets in crypto-assets (“MiCAR”) has an 18-month window to become fully enforceable by 30th December 2024 ...
Ban on foreign information security services from “unfriendly” jurisdictions Decree No. 250 of the Russian President dated 1 May 2022 “On Additional Measures to Ensure the Information Security of the Russian Federation” previously imposed restrictions on the ****use of foreign information security means**** ...
The Board concluded that the NDPA does not have authority to impose coercive fines in ongoing cross-border cases. Only in exceptional cases may concerned data protection authorities, such as the NDPA, adopt provisional measures until three months on its own territory. The GDPR sets out that national powers, such as coercive fines, shall not impair the effective powers of the cooperation and consistency mechanism ...
The Automated Vehicles Act (the Act) outlines the safety requirements that manufacturers and operators of automated vehicles will need to meet in order to deploy their goods and services on UK roads. In this article Ben Gardner outlines the key safety areas that will need to be considered ...
Bill Gates said in a blog post: “The development of AI is as fundamental as the creation of the microprocessor, the personal computer, the Internet, and the mobile phone. It will change the way people work, learn, travel, get health care, and communicate with each other. Entire industries will reorient around it. Businesses will distinguish themselves by how well they use it ...
Shoosmiths’ FinTech partner, Luke Stubbs, was a speaker at the recent FinTech Week London Conference, participating in a panel discussion focused on international payments. FinTech Week London reflects the City's role as a FinTech hub and comprises a week of events culminating in a major conference, which Shoosmiths was proud to sponsor ...
The ‘Digital Operational Resilience Act’ or “DORA” (Regulation (EU) 2022/2554) shall be enhancing and improving Information and Communications Technology (‘ICT’) operational risk requirements across various financial sectors. Subsequently, it imposes obligations on a vast array of different financial entities, as well as certain ICT service providers that assist such financial entities ...
The Automated Vehicles Act (the Act) outlines how liability will be allocated when an automated vehicle commits a driving offence or is involved in an accident, together with certain information disclosure requirements to support regulatory investigations. In this article Ben Gardner outlines the key issues surrounding liability that will need to be considered ...
Manufacturers of internet or network connectable products for the UK market are now required to implement minimum security standards to protect such products from cyber-attacks. Importers and distributors are also impacted by these requirements ...
At a time when Canada and many other countries are taking steps to protect users from harm online,1 a decision was handed down by the Supreme Court of British Columbia (the ?Court?) on January 15, 2024, regarding the conduct of a competitor with respect to complaints about intellectual property infringement made on Amazon?s e-commerce website ...
Interim (preliminary) injunctions in English intellectual property litigation are rare. Among other things the Court considers whether there will be irreparable harm to the intellectual property owner. What matters? Interim (preliminary) injunctions in English intellectual property litigation are rare. Among other things the Court considers whether there will be irreparable harm to the intellectual property owner ...
A recent parliamentary report, the last to be published before the upcoming UK general election, says that we need to “fundamentally change the way we think” about AI ...
To celebrate the Euro 2024 football tournament kicking-off, we wanted to pay tribute by ranking the data protection authorities from the nations competing in the tournament. Below, we have set out our top ranked data protection authorities and the reasons why they are our top picks. Rank 1: Spain No ...
A recent Supreme Court decision means that owners of closely held companies with company-owned life insurance policies should take extra precautions to avoid an unexpectedly large estate tax bill from the IRS. On June 6, 2024, the Supreme Court of the United States decided in Connelly v ...
The Automated Vehicles Act (the Act) creates a licensing and permitting scheme for operators that intend to use automated vehicles to offer transportation services for passengers and goods. In this article Ben Gardner outlines what potential operators need to consider ...
The State Duma will consider a draft law on the possibility for the plaintiff to receive personal data (“PD”) of the defendant Amendments are planned to be made to the ****Civil Procedure Code**** of the Russian Federation. It is proposed to grant the plaintiff the right to file a ****motion**** to the court for assistance in ****establishing information about the defendant****, which is necessary to file a claim in court, but the plaintiff does not have ...
What’s worse than wanting to go to a concert for your favorite music artist and spending one-third of the ticket price in “convenience fees”? Apparently, getting hacked and losing roughly 560 million individual’s personal data—which is exactly what happened to Ticketmaster on May 20, 2024 ...