Strict data protection requirements apply to the use of location tracking systems both in the employment context and in cooperation with other companies. In its partial judgement from March 19, 2019, the Lüneburg Administrative Court ruled in compliance with the provisions of the General Data Protection Regulation and the new Federal Data Protection Act (BDSG) that unrestricted tracking of employee vehicles is impermissible ...
A website operator that embeds third party plugins on its website may become a joint controller in relation to the website visitors' personal data together with the third party service provider, according to a preliminary ruling by the Court of Justice of the European Union (CJEU) in case C-40/17 Fashion ID. The judgment upholds the broad interpretation of joint controllership of personal data established by the CJEU in its recent case law ...
In what appears to be a first under the False Claims Act, a case based on flawed cybersecurity has been settled, for nearly $9 million. On July 31, 2019, the Attorney General of New York announced that, alongside the U.S. Department of Justice, New York, eighteen other states, and the District of Columbia have reached an $8.6 million settlement with Cisco Systems, Inc. (“Cisco”) over sales of surveillance video software allegedly vulnerable to hacking ...
This summer, the IRS significantly increased its efforts to police the taxation of Bitcoin, Ethereum, and other similar cryptocurrencies. On July 26, 2019, the IRS announced that it had begun sending letters to taxpayers who potentially failed to pay cryptocurrency taxes associated with digital currency transactions or failed to properly report those transactions. By the end of August, the IRS anticipates that it will have sent over 10,000 letters to taxpayers ...
The Court of Justice of the European Union ("CJEU") published its long-awaited decision on the use of the Facebook Like-Button on July 29, 2019 (Case C-40/17). One major aspect of the judgment is the question to what extent Facebook and website operators who incorporate the Like-Button into their website are joint controllers under European data protection law. As a result, the CJEU affirms this question and takes a firm stand on the conditions for joint controllership ...
The DIFC Authority has proposed the enactment of legislation (the Proposed Law) to replace its current Data Protection Law, DIFC Law 1 of 2007 (as amended) (the Current Law). The Proposed Law is the subject of Consultation Paper 6 of 2019, which is presently posted on the DIFC website for public comments to be provided by 18 August 2019 ...
There has been intense work on the IT security law 2.0 since the “German doxing case" of late 2018/early 2019 when large volumes of data of German celebrities and politicians were published. This bill will significantly extend the importance and the competences of the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik (“BSI”) in information technology ...
Below you will find a brief summary of the resolutions of the data protection authority uploaded on their website up until today imposing a fine under the GDPR. 1. Failure to facilitate the exercise of data subjects' rights The data subject wanted to exercise his access right, right to receive a copy, and his right to restrict processing of camera recordings of him at the reception area of a service provider ...
Along with the prediction that the continued growth of the Internet of Things (IoT) will transform our everyday lives and how we do business, we can also anticipate that the increased number of connected devices will bring about additional challenges, including greater security and privacy-related risks ...
The topic of “joint controllers” according to Art. 26 GDPR continues to gain momentum. The State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg (LfDI) has now, for the first time, published a sample of an agreement for joint controllers under Art. 26(1) s. 2 GDPR as well as a sample relating to the fulfillment of obligations to inform the data subjects pursuant to Art. 26(2) s. 2 GDPR ...
There are hardly any companies that do not use video surveillance systems (CCTV). Such systems record areas such as plant and work facilities or entrance areas. Oftentimes, the video images are not only displayed live on a monitor (“camera-to-monitor system”), but are also recorded automatically for a certain period of time ...
Brenna K. Legaard is a registered patent attorney with Schwabe, Williamson & Wyatt. Legaard wrote the following op-ed on the use of blockchain technology in health care. When health care professionals and consumers think of blockchain, their minds very likely go to famous cryptocurrencies like Bitcoin. But blockchain technology can be applied to so much more, including to the field of health care ...
A few years ago artificial intelligence was a concept applied to nothing else but science fiction films, nowadays, it has become a reality for many companies and industries in the development of their commercial, corporate and industrial activities. Before we start to understand the strengths or weaknesses of artificial intelligence and its perspective from the right of intellectual property, it is considered convenient to conceptualize it ...
For businesses who care about their brands, Pofma may be not be such a bad idea after all.Beyond Meat Inc. makes cows happy and cardiologists sad. Its Beyond Burger uses no meat and has no cholesterol, and contains less fat, fewer calories and more protein than a typical burger ...
According to statistics released by the European Commission earlier in 2019, the term “GDPR” amassed more Google searches than either Beyoncé or Kim Kardashian during the month of May 2018. Now that “GDPR” has become a household term, what have we learntin the 12 months since the introduction of the GDPR? 1 ...
Trademark law in Canada is undergoing a major change this year that will go into effect on June 17, 2019. We have compiled the three things you need to know and important steps you may want to take before the June 17, 2019 date passes. 1 ...
‘Fake news’ - information or news that is proven to be either verifiably false or misleading - has become a major, global concern. As news and opinion pieces are increasingly pushed to readers via online and social media channels, the speed of their dissemination has accelerated exponentially, as have the challenges around regulating news and opinion ...
In the year 2000, the United Nations General Assembly designated April 26 as World Intellectual Property Day. The purpose of this is to highlight the role thatintellectual propertyrights play in encouraging innovation and creativity. Across the globe, and at the initiative of the World Intellectual Property Organization (WIPO), there is a campaign every year to attract public interest to issues related to Intellectual Property ...
Recent events, including the investigations into Facebook’s handling of its users’ personal data, have highlighted the realization that personal data is, in today’s world, one of the most valuable resources for any business and that businesses not only collect and store their customers’ personal data but also use and even sell it for profit ...
The administrative fines that have been imposed by the different European supervisory authorities since the GDPR took effect vary enormously. While the highest administrative fines imposed by the German authorities to date have been EUR 20,000 and EUR 80,000 and have therefore remained well below the possible maximum fine of EUR 20 million or 4 % of worldwide annual turnover, other countries’ supervisory authorities have already delivered higher fines ...
This is to inform you that, on March 18 2019, the Federal Law of the Russian Federation on “Introduction of amendments to the first, second part and Article 1124 of the third part of the Civil Code of the Russian Federation” (the “Law”) was adopted ...
This is to inform you that, on March 18 2019, the Federal Law of the Russian Federation on “Introduction of amendments to the first, second part and Article 1124 of the third part of the Civil Code of the Russian Federation” (the “Law”) was adopted ...
The Department of Health and Human Services Office of Civil Rights (OCR) Spring 2019 Cybersecurity Newsletter includes new recommendations regarding how HIPAA covered entities can prepare to defend against cybersecurity attacks such as advanced persistent threats (APTs) and zero-day vulnerabilities ...
Even before the General Data Protection Regulation (GDPR) came into force, there were discussions as to whether the use of tracking cookies, which make it possible to analyze the usage and browsing behavior of a user on the Internet and use it for interest-based advertising, requires prior consent (opt-in) of the user or whether a dissent solution (opt-out) is sufficient. The German data protection authorities are of the opinion that users must give their consent ...
In a recent decision by the Technology and Construction Court (TCC), Judge Stewart-Smith has clarified the position when determining whether two adjudications are “the same or substantially the same” when a party challenges jurisdiction under Para 9(2) of the Scheme for Construction Contracts. He stated that thedecisionreached in the first adjudication must be considered as well as the disputesreferredto adjudication in each ...