Under Art. 26 GDPR, "joint controllers" must find an agreement on the data protection obligations between themselves. If they do not do so, they risk a fine pursuant to Art. 83 (4) GDPR. However, the question of when Joint Controllership applies is still a matter of dispute. REQUIREMENTS FOR A JOINT CONTROLLERSHIP Under Art. 26 (1) GDPR, where two or more Controllers jointly determine the purposes and means of processing, they must be classified as "Joint Controllers" ...
“We simply cannot go on with this utterly outmoded way of working…Endlessly re-keying in the same information; repeatedly printing and photocopying the same documents; moving files about, losing all or parts of them in the process… It is a heavy handed, duplicative, inefficient and costly way of doing our work and it is all about to go. Considerably past time, we will finally catch up with the world.” Sir Brian Leveson ...
On April 24, 2018, the Securities and Exchange Commission (“SEC” or the “Commission”) announced its first enforcement action against a public company for failing to disclose a data breach. In a settled cease-and-desist order, the SEC imposed a $35 million civil penalty against Altaba Inc., formerly known as Yahoo! Inc ...
Earlier this year, Prime Minister Theresa May said the government wanted to, “secure broad energy cooperation with the EU”, including by, “exploring options for the UK’s continued participation in the EU’s internal energy market” ...
The Philippine National Privacy Commission (NPC), which administers the country’s Data Privacy Act (DPA), has recently made available to the public copies of its advisory opinions. These opinions had been issued in response to various queries regarding the proper application and interpretation of the provisions of the DPA and its implementing rules and regulations. Issue of consent Advisory Opinion No ...
The Bavarian data protection supervisory authority has prepared a series of template documents and overviews, intended to help small companies with GDPR compliance. At first glance, these documents do indeed provide important support for small companies. These have to fulfil almost all obligations under the GDPR in a similar manner to medium-sized businesses and large corporations ...
The Eleventh Circuit’s recent decision in United States ex rel. Hunt v. Cochise Consultancy, Inc., has further complicated the answer to what should be a simple question: What is the statute of limitations in qui tam action when the government declines to intervene? There are currently three different answers to that seemingly simple question depending on the forum in which a case is filed ...
Over the past 1-2 years, a great deal of information concerning the revolutionary technology that is “blockchain” has been published on many business, legal and technology news sources, and innumerable self-proclaimed authorities on the subject have emerged to contribute articles and presentations (ourselves among them) ...
Last week, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) released a Risk Alert covering the most frequent advisory fee and expense compliance issues identified in over 1,500 deficiency letters sent to registered investment advisers during the past two years. The alert highlighted six categories of compliance risks frequently observed by the OCIE ...
Artificial intelligence is a burning topic in many sectors today and the legal industry is no exception. Recently, at the World Services Group’s annual employment law1 conference held in February, AI was heavily debated along with its’ impact not only on the legal profession, lawyers, clients, the way business is done, but also our traditional understanding of concepts such as “law” or “justice” ...
Artificial intelligence is a burning topic in many sectors today and the legal industry is no exception. Recently, at the World Services Group's annual employment law conference held in February, AI was heavily debated along with its' impact not only on the legal profession, lawyers, clients, the way business is done, but also our traditional understanding of concepts such as "law" or "justice" ...
If your company has a cybersecurity incident, this guide is intended help you think through critical disclosure requirements and will direct you to sample disclosures from other companies that have endured cybersecurity issues. I. Introduction With the recent string of high profile cybersecurity attacks, the U.S. Securities and Exchange Commission (the SEC) issued further guidance regarding public companies’ disclosure of cybersecurity incidents ...
An increased number of corporate transactions and mergers have been observed in the oil and gas sector on the Norwegian Continental Shelf (NCS) in recent years. Several oil majors and traditional utilities and downstream companies have reduced their presence and, to some extent, been replaced by smaller companies, including start-ups backed by private equity ...
“Belarus will become the first government in the world that opens wide opportunities for the use of blockchain technology”, said in a statement on the official website of the President of Belarus. Alexander Lukashenko, who signed the new law of the land, believes that his county “has every chance of becoming a regional center in this area.” The Presidential Decree of the Republic of Belarus No ...
Guatemalan respected Judge Erika Aifan issues a historical ruling in a criminal case brought against construction companies. A plea bargain was reached under an abreviated process allowed under Guatemala´s Criminal Law where senior executives for the companies accepted making facilitation payments to the ex-Minister of Construction in order to accelerate backed payments owed for previous construction deals ...
In 2017, the Cayman Islands passed the Data Protection Law (“DPL”), which reads much like the upcoming European Union General Data Protection Regulation (“GDPR”) that goes into effect Mary 25, 2018. The DPL applies to entities falling within the definition of “data controller” who are established in the Islands or who process data in the Islands. The DPL divides data into two categories, personal data and sensitive data ...
Increase in merger and acquisition deals notified in Ireland In recent months there has been 27 merger deals notified to Ireland's Competition and Consumer Protection Commission ("CCPC") which is up 42% from the 19 notifications as of the same date last year.This increase is following a pattern of sustained increases, for example, there had been 72 notifications across the whole of 2017 which was an increase on 2016's total of 67 ...
Technologies based on blockchains and AI imply a considerable change for our society. Being that the security of data exchanged is vital, companies must begin adopting a long-term approach right now. Many businesses develop services based on blockchains, in particular in the financial services sector. Cryptocurrencies, one example of blockchain use, transform the way in which some monetary transactions are made, far from the oversight of financial institutions and governments ...
The General Data Protection Regulation (GDPR) is aimed at extensive harmonization of data protection in the EU, and will be applicable with effect from May 25, 2018. The GDPR will replace the current EU Data Protection Directive (Directive 95/46/EC) and will be directly applicable in all EU member states. The new regulations mean that German employers will also have to prepare for changes as regards the protection of employees’ personal data ...
In light of the increasing significance of cybersecurity incidents, the Securities and Exchange Commission (SEC) recently found it necessary to provide further guidance with respect to cybersecurity disclosure requirements under the federal securities laws as they apply to public operating companies ...
As with every year, the 2018 legislative session will impact education in West Virginia in a variety of ways. Today, we want to bring to your attention two bills that will make minor – but important – changes in the way schools operate, both of which were signed by the governor last week. The first is Senate Bill 244, related to possession of deadly weapons on school grounds or at school activities ...
Can “consent” to use a registered trade mark be considered an abandonment by the owner of the exclusive rights to that registered trade mark in perpetuity? Section 40(1)(dd) of theTrade Mark Act 1976 (“Act”) provides that it is not a trade mark infringement if it is “the use by a person of a trade mark in relation to goods or services to which the registered proprietor or registered userhas at any time expressly or impliedly consented to” [Emph
As of recently, state aid control is a part of theMontenegrin Competition Agency's (the "Agency") scope of authority ...
This article provides a brief review of MSHA enforcement data and a look at MSHA’s regulatory agenda. MSHA Enforcement Data (data from January 1, 2017 to December 31, 2017) MSHA issued 104,412 enforcement actions to mine operators in 2017, an increase of approximately 11,793 or 11.3 percent from 2016. Of these, 58,083 (or 55.63 percent) were issued to metal/nonmetal operators while 46,329 (or 44.37 percent) were issued to coal operators ...