On 21 August 2020, the HKIMR, the research arm of the Hong Kong Academy of Finance, released its second report, entitled “Artificial Intelligence in Banking: The Changing Landscape in Compliance and Supervision”. The report is intended as a starting point for understanding the broad implications of Artificial Intelligence (“AI”) adoption in the banking industry, as well as in relation to compliance and supervision ...
The HKMA has developed a two-year roadmap to promote Regtech adoption in the Hong Kong banking sector (“Roadmap”), as set out in a White Paper entitled “Transforming Risk Management and Compliance: Harnessing the Power of Regtech” (“White Paper”). The White Paper presents the case for wider adoption of Regtech in Hong Kong, outlining a series of actions that the HKMA will take, or consider taking, to accelerate its adoption ...
Hong Kong’s Securities and Futures Commission (SFC) issued a circular last year (the Circular) in recognition of the increasing use of electronic data storage (cloud storage) for record keeping purposes. The Circular was intended to provide licensed corporations with greater flexibility in keeping regulatory records with electronic data service providers (EDSPs), as well as to clarify their general obligations in relation to electronic data ...
With the Universal Community Testing Programme for COVID-19 detection by the Hong Kong Government and temperature screening in the workplace, the collection and use of biometric data (such as DNA samples, fingerprints and facial images) have raised concerns among the public. In August 2020, the Privacy Commissioner (PC) has updated its guidance note on how data users should collect and use biometric data in compliance with the Personal Data (Privacy) Ordinance (Guidance Note) ...
As concern over cybersecurity continues to grow,[1] defense contractors have been waiting for the Department of Defense (DoD) to roll out its Cybersecurity Maturity Model Certification (CMMC) program. That rollout has occurred, with DoD’s recently published interim rule Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041)[2] (“Interim Rule”), effective Nov. 30, 2020, and providing for a five-year phase-in of CMMC ...
The German Federal Commissioner for Data Protection and Freedom of Information (BfDI) sees the decision as a success: On November 11, 2020, the District Court of Bonn reduced the fine imposed on 1&1 Telekom GmbH for a data protection breach from an original EUR 9.55 million to EUR 990,000.00, thereby fundamentally calling into question the fine practices of the German supervisory authorities ...
The Court of Justice of the European Union delivers judgments regarding the concept of “communication to the public” faster than legal scholars can read and dissect them. While we are eagerly awaiting the Court’s analysis of different types of hyperlinking, it has taken less than two months to follow Advocate General Hogan’s opinion regarding the emailing of evidence containing copyrighted works to a court in legal proceedings ...
The debt collection restrictions and requirements in the FDCPA, which was enacted in 1977, have failed to keep up with or even contemplate modern technologies. In particular, as methods and forms of communication have evolved, the industry has had little guidance on how it can utilize newer communication channels such as emails, text messages, or social media. In many cases, the industry has had to grapple with different and often conflicting court interpretations ...
The Copyright Office of the Department for Promotion of Industry and Internal Trade (DPIIT) has invited comments and suggestions to amend the Copyright Act before November 30, 2020. Mid last year, the DPIIT proposed a set of amendments to the Indian Copyright Rules. While these amendments sought to increase transparency and provide clarity for right holders, many other essential modifications were overlooked ...
A minority of states have enacted statutes and taken other action to protect business owners from claims by persons who allegedly were infected by COVID-19 on their premises.1 The purpose of this article is to compare these statutes and discuss some of the differences between them. This article addresses statutes in effect as of October 27, 2020. The article does not address pending legislation ...
On Nov. 3, 2020, California voters approved Proposition 24, marking a significant shift in the U.S. privacy landscape. Proposition 24 enacted the California Privacy Rights Act of 2020 (CPRA),[1] a major expansion of the existing California Consumer Privacy Act (CCPA), which many businesses continue to grapple with since becoming effective in January 2020. Most notably, the CPRA establishes a stand-alone privacy regulator, the first U.S. state to do so ...
On 19 October 2020 the Federal Council's Cyber Committee adopted a report on the advancement of the 2018-2022 national strategy for the protection of Switzerland against cyber risks (2018-2022 NCS) and its gradual implementation. The report focuses mainly on the progress made in supporting small and medium-sized enterprises (SMEs) and promoting research and training ...
The Copyright Office of the Department for Promotion of Industry and Internal Trade (DPIIT) has invited comments and suggestions to amend the Copyright Act before November 30, 2020. Mid last year, the DPIIT proposed a set of amendments to the Indian Copyright Rules. While these amendments sought to increase transparency and provide clarity for right holders, many other essential modifications were overlooked ...
What will UK data protection look like after Brexit 2.0 on 31 December 2020? Regime 1: the 'UK GDPR': the UK's new bespoke version together with the Data Protection Act 2018 The UK GDPR will be the UK data protection regime based on the 'EU GDPR' (see below) ...
The HHS Office for the National Coordinator of Health Information Technology issued an interim final rule on October 29, 2020, extending the compliance date for the information blocking rule under the 21st Century Cures Act to April 5, 2021 ...
During recent years, we have been accumulating our experience of advising clients on data protection issues, that companies face when doing their business in Russia. Many of our clients do their business in other CIS countries as well and usually face quite similar issues there. However, the level of regulation and, more importantly, enforcement, in different jurisdictions of the post-Soviet Union territory, varies significantly ...
While public attention focused on the federal and state elections, Michigan voters made an important decision—they adopted Proposal 20-2, which amended Michigan’s Constitution to extend its protection from unreasonable searches and seizures to electronic data and communications ...
In this newsletter you will find a selection of the main legal news related to the fintech and digital banking market in Argentina. 3.0 transfers New open and interoperable model for instant payments As we anticipated in previous bulletins, the Central Bank (BCRA) completely updated the system of immediate electronic payments existing until now, taking it to a much more ambitious, interoperable and open model, which aims to interconnect bank accounts and accounts on an equal footing ...
We have recently discovered growing interest in implementation of diversity and inclusion (“D&I”) programs by companies operating in Russia. D&I programs imply processing of new categories of employee personal data and new purpose of data processing. For this, Russian Labour laws do not provide for any requirement nor regulation for implementation of D&I programs ...
The Privacy Commissioners of Canada, Alberta and British Columbia issued a joint investigation report, finding that Cadillac Fairview did not obtain adequate consent for the collection of digital images of faces through facial recognition technology (Anonymous Video Analytics) installed in wayfinding directories in some of their Canadian shopping malls ...
The Russian insurance market is facing fundamental changes that will reshape the industry, by creating new opportunities for foreign insurance companies to operate in Russia. Within the framework of its obligations as a WTO member state, Russia must allow access of branches of foreign insurers, from WTO countries, to the Russian insurance market, by August 2021 ...
The top three most read articles for the month were: Policyholders Pump Out Another COVID-19 Litigation VictoryA Pennsylvania trial court denied an insurer’s early attempt to lunge out of coverage for COVID-19 business interruption losses suffered by a fitness center, stating it would be premature for the court to resolve factual determinations the insurer raised in its demurrer. Ridley Park Fitness, LLC v. Philadelphia Indemnity Insurance Co., No ...
On 25 September 2020 Parliament approved new regulations for Blockchain and Distributed Ledger Technology (DLT).(1) The goal of this new legal framework is to further establish and increase Switzerland's reputation as a leading, innovative and sustainable location for fintech and DLT companies. DLT framework DLT allows shared data management and, in particular, shared accounting among participants that do not know or do not trust each other's identity ...
Introduction On 16 October 2020 the government reinforced the urgent measures to limit the further spread of COVID-19. Teleworking is no longer highly recommended, but has become the standard for all employees whose roles allow for telework. Yet, the new rule is less far-reaching than that in place during the first lockdown in March 2020, as an exception now applies when the continuity of business operations, activities and services does not allow for teleworking ...
