Hong Kong’s Securities and Futures Commission (SFC) issued a circular last year (the Circular) in recognition of the increasing use of electronic data storage (cloud storage) for record keeping purposes. The Circular was intended to provide licensed corporations with greater flexibility in keeping regulatory records with electronic data service providers (EDSPs), as well as to clarify their general obligations in relation to electronic data ...
With the Universal Community Testing Programme for COVID-19 detection by the Hong Kong Government and temperature screening in the workplace, the collection and use of biometric data (such as DNA samples, fingerprints and facial images) have raised concerns among the public. In August 2020, the Privacy Commissioner (PC) has updated its guidance note on how data users should collect and use biometric data in compliance with the Personal Data (Privacy) Ordinance (Guidance Note) ...
As concern over cybersecurity continues to grow,[1] defense contractors have been waiting for the Department of Defense (DoD) to roll out its Cybersecurity Maturity Model Certification (CMMC) program. That rollout has occurred, with DoD’s recently published interim rule Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041)[2] (“Interim Rule”), effective Nov. 30, 2020, and providing for a five-year phase-in of CMMC ...
The German Federal Commissioner for Data Protection and Freedom of Information (BfDI) sees the decision as a success: On November 11, 2020, the District Court of Bonn reduced the fine imposed on 1&1 Telekom GmbH for a data protection breach from an original EUR 9.55 million to EUR 990,000.00, thereby fundamentally calling into question the fine practices of the German supervisory authorities ...
The Court of Justice of the European Union delivers judgments regarding the concept of “communication to the public” faster than legal scholars can read and dissect them. While we are eagerly awaiting the Court’s analysis of different types of hyperlinking, it has taken less than two months to follow Advocate General Hogan’s opinion regarding the emailing of evidence containing copyrighted works to a court in legal proceedings ...
The debt collection restrictions and requirements in the FDCPA, which was enacted in 1977, have failed to keep up with or even contemplate modern technologies. In particular, as methods and forms of communication have evolved, the industry has had little guidance on how it can utilize newer communication channels such as emails, text messages, or social media. In many cases, the industry has had to grapple with different and often conflicting court interpretations ...
The Copyright Office of the Department for Promotion of Industry and Internal Trade (DPIIT) has invited comments and suggestions to amend the Copyright Act before November 30, 2020. Mid last year, the DPIIT proposed a set of amendments to the Indian Copyright Rules. While these amendments sought to increase transparency and provide clarity for right holders, many other essential modifications were overlooked ...
On Nov. 3, 2020, California voters approved Proposition 24, marking a significant shift in the U.S. privacy landscape. Proposition 24 enacted the California Privacy Rights Act of 2020 (CPRA),[1] a major expansion of the existing California Consumer Privacy Act (CCPA), which many businesses continue to grapple with since becoming effective in January 2020. Most notably, the CPRA establishes a stand-alone privacy regulator, the first U.S. state to do so ...
On 19 October 2020 the Federal Council's Cyber Committee adopted a report on the advancement of the 2018-2022 national strategy for the protection of Switzerland against cyber risks (2018-2022 NCS) and its gradual implementation. The report focuses mainly on the progress made in supporting small and medium-sized enterprises (SMEs) and promoting research and training ...
The Copyright Office of the Department for Promotion of Industry and Internal Trade (DPIIT) has invited comments and suggestions to amend the Copyright Act before November 30, 2020. Mid last year, the DPIIT proposed a set of amendments to the Indian Copyright Rules. While these amendments sought to increase transparency and provide clarity for right holders, many other essential modifications were overlooked ...
What will UK data protection look like after Brexit 2.0 on 31 December 2020? Regime 1: the 'UK GDPR': the UK's new bespoke version together with the Data Protection Act 2018 The UK GDPR will be the UK data protection regime based on the 'EU GDPR' (see below) ...
The HHS Office for the National Coordinator of Health Information Technology issued an interim final rule on October 29, 2020, extending the compliance date for the information blocking rule under the 21st Century Cures Act to April 5, 2021 ...
During recent years, we have been accumulating our experience of advising clients on data protection issues, that companies face when doing their business in Russia. Many of our clients do their business in other CIS countries as well and usually face quite similar issues there. However, the level of regulation and, more importantly, enforcement, in different jurisdictions of the post-Soviet Union territory, varies significantly ...
While public attention focused on the federal and state elections, Michigan voters made an important decision—they adopted Proposal 20-2, which amended Michigan’s Constitution to extend its protection from unreasonable searches and seizures to electronic data and communications ...
In this newsletter you will find a selection of the main legal news related to the fintech and digital banking market in Argentina. 3.0 transfers New open and interoperable model for instant payments As we anticipated in previous bulletins, the Central Bank (BCRA) completely updated the system of immediate electronic payments existing until now, taking it to a much more ambitious, interoperable and open model, which aims to interconnect bank accounts and accounts on an equal footing ...
We have recently discovered growing interest in implementation of diversity and inclusion (“D&I”) programs by companies operating in Russia. D&I programs imply processing of new categories of employee personal data and new purpose of data processing. For this, Russian Labour laws do not provide for any requirement nor regulation for implementation of D&I programs ...
The Privacy Commissioners of Canada, Alberta and British Columbia issued a joint investigation report, finding that Cadillac Fairview did not obtain adequate consent for the collection of digital images of faces through facial recognition technology (Anonymous Video Analytics) installed in wayfinding directories in some of their Canadian shopping malls ...
This alert provides links to the latest insights and commentary on key energy and environmental issues from the Hunton Andrews Kurth team. Links to our most recent posts on the Nickel Report Blog for this month are below. Please subscribe to receive alerts when new posts are published by visiting our blog and entering your email address in the subscribe field or by following us on Twitter. For current Covid-19 related news updates please read more here ...
In the age of COVID-19, demand for surface wipes, sprays and similar products is at record levels. Retail stores have struggled to keep supplies stocked and shelves may once again be emptied when the winter flu season arrives. If schools and businesses reopen concurrently, the prospects of securing these products becomes even bleaker, which may re-fuel consumer stockpiling ...
For most of the last three decades, Florida, Georgia, and Alabama have waged a multifront water war, filing cases in federal courts across the United States. This war, and these cases, turn on apportionment of two river basins: the Apalachicola-Chattahoochee-Flint (ACF) River Basin and the Alabama-Coosa- Tallapoosa (ACT) River Basin. At the heart of this legal tug of war lie competing uses—and visions—for the basins ...
On 25 September 2020 Parliament approved new regulations for Blockchain and Distributed Ledger Technology (DLT).(1) The goal of this new legal framework is to further establish and increase Switzerland's reputation as a leading, innovative and sustainable location for fintech and DLT companies. DLT framework DLT allows shared data management and, in particular, shared accounting among participants that do not know or do not trust each other's identity ...
Most employers are familiar with the role of the Occupational Safety and Health Administration (OSHA) in enforcing standards to ensure that the working men and women in the United States have a safe and healthy workplace. The current COVID-19 pandemic has presented new challenges to OSHA for reviewing how employers are protecting their employees ...
Introduction On 16 October 2020 the government reinforced the urgent measures to limit the further spread of COVID-19. Teleworking is no longer highly recommended, but has become the standard for all employees whose roles allow for telework. Yet, the new rule is less far-reaching than that in place during the first lockdown in March 2020, as an exception now applies when the continuity of business operations, activities and services does not allow for teleworking ...
