Header graphic for print
Focus on Regulation

Category Archives: Privacy & Cybersecurity

Subscribe to Privacy & Cybersecurity RSS Feed

Legislative and Regulatory Update on Federal Supply Chain Risk Management

The U.S. Government is renewing its focus on mitigating technological risks by regulating the supply chain for various goods and services. To achieve these goals, Congress and agencies have introduced, and in some cases enacted, legislation and regulations that direct agencies to identify, assess, and mitigate supply chain risks generally as well as prohibit agencies

Belgian sunshine rules – Submissions required by 31 May 2018 at the latest

On 27 December 2016, the Belgian Law of 18 December 2016 concerning various health-related matters (“the Sunshine Act”) was adopted by the Belgian Ministry for Public Health. The Sunshine Act provides that life sciences companies must publically disclose information concerning all pecuniary advantages or benefits in kind granted, directly or indirectly from Belgium or elsewhere,

FTC Issues Sharing Economy Report

In June 2015, the Federal Trade Commission (FTC) held a workshop on The “Sharing” Economy: Issues Facing Platforms, Participants, and Regulators. The Commission also solicited public comments on the topic, receiving more than 2,000 comments in response. On 17 November, the Commission issued a report summarizing the issues explored in the workshop and the public comments. The report emphasized that the workshop (and its ensuing summary) was not intended “as a precursor to law enforcement” but “an opportunity to learn more” about this rapidly evolving business model and to aid “the Commission, as well as regulators, consumer groups, platforms, participants using the platforms, incumbent firms, and others” to address the unique issues raised by sharing economy platforms.

Fragmentation instead of level-playing field? How the German Government’s announced White Paper on digital platforms adds to regulatory uncertainty on topical issues of the digital economy after Brexit

Many digital platforms attract consumers and businesses on a global basis. It is a challenge for national regulators to enforce competition law and other regulatory provisions against such international players. Germany´s Federal Minister of Justice, Heiko Maas, argued in a similar way in an interview with the German newspaper Handelsblatt on 5 October 2016.

Moving Domestic Drone Policy Forward: Legislative Proposal Would Assist Energy Companies in their Drone Operations

The commercial drone industry continues to face regulatory challenges as companies strive to use drones to make their operations safer and more efficient. In a positive development this week, there is now hope that Congress may ease some of these regulatory challenges for natural gas and oil pipelines and other critical infrastructure owners and operators.

Taking to the Air: Using Drones to Ensure Regulatory Compliance for Natural Gas and Oil Pipelines and Other Critical Infrastructure Owners and Operators

Energy companies that operate critical infrastructure face regulatory challenges on a daily basis as they strive to provide effective and efficient service safely. Congress may make some of these regulatory challenges less burdensome by lifting restrictions on the use of drones to monitor their assets.

FCC Circulates Privacy Rulemaking and Announces Commission Vote

On Thursday, Federal Communications Commission (“FCC”) Chairman Tom Wheeler circulated a highly anticipated broadband data privacy and security Notice of Proposed Rulemaking (“NPRM”) to the other Commissioners, slating the proposals for a full Commission vote at the agency’s March 31 Open Meeting.  The rules would apply to internet service providers (“ISPs”), but organizations throughout the

Privacy, Security, and IoT Prominent Themes at Silicon Flatirons DBM Conference

On January 31, 2016, the Silicon Flatirons Center for Law, Technology, and Entrepreneurship at the University of Colorado hosted its annual Digital Broadband Migration Symposium. The theme of this year’s conference was “The Evolving Industry Structure of the Digital Broadband Landscape.” The two-day conference brought together an array of leaders from government, academia, and industry to examine the role of regulatory oversight, antitrust law, and intellectual property policy in regulating industry structure and to discuss what policy reforms may be appropriate for the constantly changing digital broadband environment.

UK Government Boosts Digital Health Initiatives for NHS England

This week the Secretary of State for Health, Jeremy Hunt, announced that the Government will be investing £4.2 billion in digital health initiatives.  The investment is part of the Government’s latest drive to create a “paperless” National Health Service (NHS) by 2020. The full details of the funding are still being agreed between the Department

FERC Adopts Revised Reliability Standards for Cybersecurity

On January 21, 2016, the Federal Energy Regulatory Commission (FERC) issued a final rule adopting seven revised critical infrastructure protection (CIP) Reliability Standards addressing cybersecurity of the electric grid, as initially proposed in July 2015. The revised standards were developed by the North American Electric Reliability Corporation (NERC), the FERC-certified Electric Reliability Organization, in response to FERC Order No. 791.

Recent Updates to DFARS Cybersecurity Rule

Over the past month, there have been a number of developments affecting the new DFARS Network Penetration Reporting and Contracting for Cloud Services interim rule (DFARS Case 2013-D018, published in the Federal Register on Wednesday, August 26, 2015, available here). See our previous analysis of the rule here. On Wednesday, November 18, 2015, DoD published

Moving UAS Policy Boundaries Forward, Take 2: Flights Beyond Visual Line of Sight of the Operator

Yesterday we reported on the FAA’s policy shift relating to flights near people. The FAA last week made another quiet change that implicates beyond line of sight operations. While the demand for UAS continues to grow, the FAA’s current requirement that the UAS only be operated within visual line-of-sight of the operator limits the full potential of UAS for many commercial uses. Some of the most promising commercial UAS applications—precision agriculture, powerline inspections, and railroad inspections, to name just a few—necessitate flights beyond visual line-of-sight (“BVLOS”) of the operator to be efficient. “Line-of-sight” flight requires that the pilot can visually see the UAS at all times during the operation, unless another person acting as a visual observer maintains constant visual contact with the UAS.

FCC Continues String of Data Security Cases, Settling with Cox for $595,000

On November 5, 2015, the Federal Communications Commission Enforcement Bureau announced a $595,000 settlement agreement with Cox Communications, Inc. to resolve an investigation into whether the company failed to properly protect its customers’ personal information when electronic data systems were breached in August 2014.  According to the FCC, Cox exposed the personal information of numerous

China proposes new cyber security rules for insurance industry

On 9 October 2015, the China Insurance Regulatory Commission (“CIRC“) issued draft Supervisory Rules for Adoption of Information Technology by Insurance Institutions (“Draft Insurance IT Rules“) for public comment. The public comment period will close on 31 October 2015. The Draft Insurance IT Rules have been issued to replace the 2009 (Pilot) Guidance on Administration

FTC Closes PayPal Investigation Over Telemarketing Rule and User Agreement

The Federal Trade Commission (FTC) has released a copy of a letter that it sent to PayPal stating that the agency was closing an investigation into potential Telemarketing Sales Rule (TSR) violations by the company.  This release provides important insights on how companies can design their user agreements to avoid TSR violations. As background, PayPal

Student Privacy and Drone Policy: Vote for Hogan Lovells at SXSW 2016

Austin, Texas is renowned for its live music scene, clean air, college vibe … and of course its technology conferences. Two Hogan Lovells Lawyers—Bret Cohen and Lisa Ellman—have made the list of finalists for panels at the South by Southwest group of conferences this upcoming March, to talk about Student Privacy and Domestic Drone Policy.

Government Contractor Asks U.S. Supreme Court for TCPA Relief Through Derivative Sovereign Immunity

Highlighting the intersection between government contracts, communications privacy, and class action litigation, the United States Supreme Court recently received a petition for a writ of certiorari asking it to rule on whether derivative sovereign immunity should be extended to a government contractor’s violation of the Telephone Consumer Protection Act (TCPA).  The Petitioner, Campbell-Ewald Co., was

Industry Recommends Market Solutions for Privacy, Cybersecurity, and Law Enforcement Access Challenges for the Internet of Things

The Internet of Things raises new concerns about privacy, security and law enforcement access.  Rather than develop new rules for new devices, industry experts convened during the 2014 Winnik International Telecoms & Internet Forum recommended allowing the market to try solve these challenges before the government steps in. In May 2014, the President’s Council of

TCPA Issues to Watch in 2014 / Upcoming Webinar Announced

In an ever-changing technological landscape, organizations are increasingly at risk under the Telephone Consumer Protection Act of 1991 (TCPA). The TCPA imposes restrictions on telemarketing and the use of automated telephone equipment, affecting any organization that engages with consumers through text messages, prerecorded calls, faxes, and other advanced technologies. Regulators and plaintiffs’ class-action attorneys are targeting alleged

French sunshine regulations: publication of the governmental order on the unique public website managed by the French authorities

The governmental order on the unique public website set up under the French sunshine regulations was published today. The order provides details on this website, managed by the French authorities, which will make available to the public the information to be reported by the industry under the sunshine regulations.