One of the structural principles of the new data protection law is the principle of lawfulness and fairness, which requires that all processing has an appropriate legal basis. Those responsible for managing databases that have been organized prior to the entry into force of the new Data Protection Law will face a great challenge: the adaptation of their databases to the new regulation, which will clearly mean a race against time ...
On August 1, 2024, the Department of Justice (“DOJ”) rolled out its Corporate Whistleblower Awards Pilot Program after announcing the initiative in March. Described as “[s]upercharging DOJ’s corporate investigations and prosecutions,”[1] the Pilot Program dramatically expands the pool of would-be whistleblowers and underscores the importance of robust compliance and reporting programs ...
The National Cybersecurity Coordination, a unit of the Undersecretary of the Interior responsible for coordinating the actions of public agencies in cybersecurity and recommending to the President of the Republic policies, laws, regulations, protocols and standards in this area, recently put two of a series of regulations required by Law No. 21,663 Framework on Cybersecurity up for public consultation ...
The data breach at controversial dating site Ashley Madison exposed 36m users in 2015. It heralded a new age of global data protection laws, but could it happen again? A recent Netflix documentary is retelling the story of the mass data breach in 2015 affecting up to 36 million users of the Ashley Madison website. A decade ago, the Canadian site’s USP was already proving controversial: catering for happily married people looking for a discreet affair ...
Cyber reporting requirements for Bermuda insurers, insurance managers and insurance intermediaries following the CrowdStrike faulty software update Key reporting obligations Prompt notification Bermuda insurers, insurance managers and insurance intermediaries (including brokers, agents and insurance marketplace providers) (each, a "Registered Person") must forthwith notify the BMA upon coming to the knowledge, or having a reason to believe, that a cyber reporting event has occurred ...
On July 24, 2024, the joint committee approved what should be the final draft of the bill that amends Chilean Data Protection Law N° 19,628 (the “Law”). After this stage, the draft of the Law needs to be approved by both the Senate and the Chamber of Deputies. Upon approval, it will be sent to the President of the Republic for presidential approval and eventually will be subject to review by the Constitutional Court ...
****Dear Ladies and Gentlemen!**** The authorities in Russia and the rest of the world have recently been paying more and more attention to data protection issues ...
Effective July 29, 2024, the Federal Trade Commission (“FTC”) has issued a final rule that expands the scope of its existing Health Breach Notification Rule (“HBNR”) to include health and wellness applications (“apps”) typically associated with wearable technologies such as smart watches ...
Introduction NIS2 (the second “Network and Information Systems Directive”) is an updated regulatory framework introduced by the European Union tostrengthen cybersecurityacross member states. It is a successor to the original NIS Directive, which was adopted in 2016 ...
The EU’s much-anticipated AI Act has finally reached the statute book, with the legislation due to formally enter into force in early August. The arrival of the legislation represents a genuinely momentous shift in the focus of regulation of AI and its associated technologies, stepping away from the line of thinking that AI is just another category of software which should be subject to the same laws, standards and regulation as other, similar technologies ...
On June 28, 2024, Exempt Resolution No. 1,160 of May 31, 2024 was published in the Official Gazette, which approved the “Technical Guideline of the Public Health Institute that establishes the requirements for the application for modifications to the sanitary registration of biological products (M-MOBI)” ...
On July 1, 2024, the U.S. Department of Health and Human Services (HHS) released a final rule[1] outlining financial penalties, referred to as “disincentives” throughout the rule, for healthcare providers that engage in conduct that is considered “information blocking.” The 21st Century Cures Act defines information blocking as a “practice that interferes with, prevents, or materially discourages access, exchange, or use of electronic health information ...
The UAE recently amended its legal framework on abortion to expand the circumstances under which abortions are permitted and ease the rules regarding the circumstances under which abortions are permissible. Cabinet Decision No. 44/2024 (the Decision) came into effect on 21 June 2024 and progressively changed UAE’s law on abortion ...
On July 5, 2024, the Financial Market Commission (“CMF”) updated its "Frequently Asked Questions" document related to General Rule No. 502 (“NCG 502”). The NCG 502 regulates the registration, authorization, and obligations of financial service providers under Law No. 21.521, known as the "Fintech Law ...
The U.S. Department of Labor’s Occupational Safety and Health Administration (“OSHA”) recently cited Circles of Care, Inc., a Florida behavioral health company, for failing to provide a workplace free of recognized hazards. This citation followed an incident where a patient assaulted a mental health technician at a nurse work station ...
Roskomnadzor (Russian Data Protection Authority) plans to make it easier for personal data subjects to revoke consent to the processing of personal data Roskomnadzor proposes making it possible to ****revoke consent**** to the processing of personal data “in one click” ...
In this article we look at some of the key factors that influenced deal term trends through analysing the many transactions Shoosmiths advised on over the last year. For the third successive year Shoosmiths remained the UK’s most active law firm advising on mergers and acquisitions (according to Experian MarketIQ), acting on over 400 deals worth over £7bn in 2023 ...
Recently, the Ohio General Assembly passed a bill, Substitute S.B. 40, which will enter Ohio as a party to the new Dentist and Dental Hygienist Compact, and ultimately allow dentists and hygienists practicing in other compact states to practice in Ohio. This summer, the compact will form its commission, and will continue to work on operationalizing into 2025 before officially opening privilege applications ...
Malta has been a forerunner in regulating digital assets with the introduction of the Virtual Financial Assets Act, Chapter 590 of the Laws of Malta (the “VFA Act”) back in 2018. Following its approval in 2022 and publication in 2023, Regulation (EU) 2023/1114 of the European Parliament and Council on markets in crypto-assets (“MiCAR”) has an 18-month window to become fully enforceable by 30th December 2024 ...
Ban on foreign information security services from “unfriendly” jurisdictions Decree No. 250 of the Russian President dated 1 May 2022 “On Additional Measures to Ensure the Information Security of the Russian Federation” previously imposed restrictions on the ****use of foreign information security means**** ...
The Board concluded that the NDPA does not have authority to impose coercive fines in ongoing cross-border cases. Only in exceptional cases may concerned data protection authorities, such as the NDPA, adopt provisional measures until three months on its own territory. The GDPR sets out that national powers, such as coercive fines, shall not impair the effective powers of the cooperation and consistency mechanism ...
The Automated Vehicles Act (the Act) outlines the safety requirements that manufacturers and operators of automated vehicles will need to meet in order to deploy their goods and services on UK roads. In this article Ben Gardner outlines the key safety areas that will need to be considered ...
Bill Gates said in a blog post: “The development of AI is as fundamental as the creation of the microprocessor, the personal computer, the Internet, and the mobile phone. It will change the way people work, learn, travel, get health care, and communicate with each other. Entire industries will reorient around it. Businesses will distinguish themselves by how well they use it ...
Shoosmiths’ FinTech partner, Luke Stubbs, was a speaker at the recent FinTech Week London Conference, participating in a panel discussion focused on international payments. FinTech Week London reflects the City's role as a FinTech hub and comprises a week of events culminating in a major conference, which Shoosmiths was proud to sponsor ...