Cloud computing and offshoring of data is no longer a taboo among banks. It is becoming a necessity and is the current definitive trend. However, the South African Reserve Bank (“SARB”) has issued a directive and guidance note detailing items banks must consider when electing to adopt cloud computing as a service or any offshoring of data ...
The implementation of cybercrime legislation is a pressing issue given that South Africa has one of the highest numbers of cybercrime victims in the world. In addition, a number of unsuspecting individuals and organisations alike fell prey to the scourge of cyber scams which seemed to spike quite rapidly in the past year. The Cybercrime Bill was adopted by the Portfolio Committee for Justice and Correctional Services in November 2018 and sent to the National Assembly for debate ...
The pervasiveness of the Internet of Things has spawned a recent fear that the devices are listening to the conversations of their users. For instance, the My Friend Cayla doll talks to children and answers their questions by connecting to the internet and using a combination of voice recognition software and Google searches to provide these responses ...
Gone are the days when a helicopter had to be hired to secure fantastic shots of a neighbourhood or local stadium in anticipation of a major public or private event. Drones have ushered in a new kind of photography and can be used in many instances and applications even in traditional industries like agriculture or last mile logistics. One of the primary functions of using drones is to capture, store and transmit data ...
Digital rights management (“DRM”) refers to the methods used by content owners to protect their digital content. A number of methods can be used to control and restrict access and usage of digital material. Popular DRM mechanisms include password protecting a digital file/content, as well as platform DRM, which is typically deployed by online streaming platforms and electronic databases to restrict access to content that users are required to pay for ...
It is no surprise that in this digital age, social media is more than a platform to connect with old school friends, share experiences or watch funny videos. Businesses have realised the value in leveraging social media platforms so as to directly connect with and market themselves and their businesses to existing and potential customers. Social media platforms allow businesses to increase their brand awareness and entrench themselves with their clients and secure their loyalty ...
The fallout from the Illinois Supreme Court’s January 25, 2019, opinion in Rosenbach v. Six Flags Entertainment Corp., 19 IL 12316, continues.Rosenbach settled the dispute of who qualifies as an “aggrieved person” under the Illinois Biometric Information Privacy Act (“BIPA”), and in doing so opened the floodgates for this litigation to proliferate ...
On January 19, 2019, federal Magistrate Judge Kandis Westmore of the Northern District of California denied the Government’s application for a search warrant that sought: “all digital devices” present at a California residence; (Order at 3), and “any individual present at the time of the search to press a finger (including thumb) or utilize other biometric features…for the purposes of unlocking the digital devices found in order to permit a search of
Corporations and governments are ferreting out and squirreling away voluminous, detailed and private information about each and every one of us – and they are not afraid to use it. Should we be worried? Singapore’s Health Minister recently revealed that confidential details of 14,200 HIV-positive people, stolen from a government public health database, had been leaked online by a disgruntled US citizen who had been in a romantic relationship with a local doctor ...
We would like to inform you of the new rules of audits/inspections of companies processing personal data approved by the Decree of the Russian Government dated February 13, 2019 No. 146 «On Approving the Rules on Arranging and Exercising Control over Compliance of Personal Data Processing» («Decree»). The Russian Data Protection Authority (DPA) is entitled to investigate companies’ compliance with data protection laws ...
Senate Bill 273 goes into effect on March 20, 2019, and creates new requirements for Ohio insurance companies, including health insurance plans, to develop and implement specific information security programs to safeguard nonpublic business and personal information. Senate Bill 273 is based upon the National Association of Insurance Commissioners’ Insurance Data Security Model Law (also referred to as "MDL-668") ...
When a scion of the investment banking world gets into crypto it is probably worth taking notice. JP Morgan Chase, America's largest bank, has just grabbed everyone's attention with the launch of its very own cryptocurrency, the JPM Coin. JP Morgan intends the internally developed crypto asset to be used in its wholesale payment system, which currently sees daily volumes in the region of $6 trillion ...
The public rights of access on and over land, enshrined in the Land Reform (Scotland) Act 2003, have now been around for almost 14 years. They allow all members of the public a responsible right of access on and across land and inland water throughout the country, often informally referred to as the right to roam. Certain parts of land may be excluded from the rights of access under the Act: restrictions may be allowed, for example, due to planned forestry operations ...
The Financial Conduct Authority (FCA) recently launched a consultation on its proposed guidance on cryptoassets (CP19/3) which can be read in fullhere. The move comes as part of the UK Cryptoasset Taskforce's wider look into the regulation of the cryptoasset market. The consultation follows a report published in October 2018 by the Taskforce, which consists of the Bank of England, HM Treasury and the FCA. Our discussion of that report can be readhere ...
In its decision from February 7, 2019, the Bundeskartellamt prohibited Facebook from the further processing of user data which it has generated from so-called third party sources. In order to make use of these personal data in future, Facebook will need the consent of the data subject as defined by the General Data Protection Regulation (GDPR). It remains to be seen whether this will be granted by the majority of users. 1 ...
The General Data Protection Regulation (GDPR) provides for a significant increase of the maximum possible fine for legal infringements compared to previous data protection legislation. Fines of up to 20 million euros or 4 percent of the worldwide annual turnover, whichever is higher, can be imposed (Art. 83 para. 5 GDPR). Yet, the first few months after the introduction of the GDPR in May 2018 were uneventful in this regard. That is now changing, however ...
On December 28, 2018, the Department of Health and Human Services (HHS), in partnership with the Health Sector Coordinating Council (HSSC), published the “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” (HICP Publication), which is a four-volume publication designed to provide voluntary cybersecurity practices to health care organizations of all types and sizes, ranging from local clinics to large health care systems ...
The US tech giant, Google is fined EUR 50 million by France's data protection regulator, CNIL, for failing to comply with its General Data Protection Regulation (GDPR) obligations. This is the biggest GDPR fine yet to be issued by a European regulator and the first time that one of the tech giants has been found in breach with the new regulations that came into force in May 2017 ...
Eliminating Kickbacks in Recovery Act Overview On October 24, 2018, Congress enacted the Eliminating Kickbacks in Recovery Act of 2018 (EKRA) as part of the SUPPORT Act, which is a comprehensive attempt to combat the opioid epidemic. EKRA established an all-payer anti-kickback prohibition that extends to arrangements with recovery homes, clinical treatment facilities, and laboratories. Unlike the Anti-Kickback Statute (AKS) under 42 U.S ...
The use of the Internet without the use of search engines, which list links to Internet pages after keywords have been entered, is almost unthinkable. In the context of the search results, however, websites may appear that contain personal data and thus fall within the scope of the GDPR ...
On January 21, 2019, Google was fined nearly $57 million (approximately 50 million euros) by France’s Data Protection Authority, CNIL, for an alleged violation of the General Data Protection Regulation (GDPR).[1] CNIL found Google violated the GDPR based on a lack of transparency, inadequate information, and lack of valid consent regarding ad personalization. This fine is the largest imposed under the GDPR since it went into effect in May 2018 and the first to be imposed on a U.S ...
The Brexit Withdrawal Agreement negotiated between the European Union and the United Kingdom envisaged that during the United Kingdom's transitional period data protection legislation would have been treated in the same way as with the countries of the European Economic Area. This would have allowed a transfer of personal data from the European Union to the United Kingdom without additional measures to ensure adequate levels of data protection ...
In a landmark decision, the European Union Intellectual Property Office (‘EUIPO’) has ruled that McDonald’s, one of the world’s largest fast food chains, will lose its EU trade mark for “Big Mac” ...
The Court of Justice of the European Union (ECJ) must currently clarify whether and how website operators can legally integrate the so-called "Like" button of Facebook on their website (Case C-40/17). A German online retailer had integrated the "Facebook Like" button into their online shop. Due to the functionality of the "Facebook Like" button, personal information was transmitted to Facebook Ireland each time the website was visited, including the IP address ...
A new rule promulgated by the U.S. Environmental Protection Agency (“EPA”) governing the disposal of coal combustion residuals, also known as CCR or coal ash, raises the risk for civil claims and the need for insurance to cover them.1 The rule, which takes effect Aug. 29, 2018, revises regulations issued in 2015 and has the stated intent of providing utilities and states “more flexibility in how CCR is managed ...