In this update, we detail the key legislative developments in the second quarter of 2021 related to artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and federal privacy legislation. As we recently covered on May 12, President Biden signed an Executive Order to strengthen the federal government’s ability to respond to and prevent cybersecurity threats, including by removing obstacles to sharing threat information between private sector entities and federal agencies and modernizing federal systems. On the hill, lawmakers have introduced a number of proposals to regulate AI, IoT, CAVs, and privacy.
Last Thursday, the Federal Communications Commission (“FCC”) announced that it will consider a Report and Order at its June 21, 2021 open meeting that would permit the importation and conditional sale of radiofrequency (RF) devices prior to obtaining equipment authorization in some circumstances. The consumer electronics industry has advocated for this rule change, which will facilitate pre-sales and other marketing of new devices in the marketplace.
If adopted, the Report and Order would afford manufacturers and developers of RF devices significant flexibility in conducting pre-sale activities and potentially reduce the time required to deliver devices to market. These revisions represent a significant change to the FCC’s equipment and marketing rules and bring the FCC’s equipment marketing and pre-sales regime in line with many other industries. Continue Reading FCC Set to Ease Rules that Have Limited Pre-Sales and Other Marketing of Some New Electronic Devices
In Episode 12 of our Inside Privacy Audiocast, together with special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa, we discussed the Information Regulator’s mandate and the implementation of data protection legislation in South Africa. Now, with less than a month to go before South Africa’s Protection of Personal Information Act, 2013 (“POPIA”) takes full effect on July 1, 2021, it is critical for organizations operating in South Africa to ensure that they are ready, if and when the Information Regulator comes knocking.
It is only when organizations start their POPIA journey that they realize just how wide the POPIA net is cast, and that very few businesses fall outside of its reach. The road to POPIA compliance should be viewed as a marathon, and not a sprint. While implementing and maintaining an effective POPIA compliance program will take continued effort and resources well beyond the July 1, 2021 go-live date, here we outline five steps to which companies subject to POPIA should give their attention in the short term.
Acting Chairwoman Jessica Rosenworcel has announced that at its next monthly public meeting on June 17, the Federal Communications Commission (“FCC”) will kick off a process to change its equipment authorization rules and competitive bidding procedures to address national security threats.
The draft Notice of Proposed Rulemaking (“NPRM”), released Thursday, proposes changes to the FCC’s rules on equipment authorization that could restrict and revoke the authorization of devices determined to pose a threat to national security—effectively banning them from the U.S. marketplace. The NPRM also proposes updates that would effectively require parties bidding for spectrum licenses or FCC broadband funding to certify that they will not rely on financial support from entities designated by the FCC as a national security threat.
In April 2021, the European Commission released its proposed Regulation Laying Down Harmonized Rules on Artificial Intelligence (the “Regulation”), which would establish rules on the development, placing on the market, and use of artificial intelligence systems (“AI systems”) across the EU. The proposal, comprising 85 articles and nine annexes, is part of a wider package of Commission initiatives aimed at positioning the EU as a world leader in trustworthy and ethical AI and technological innovation.
The Commission’s objectives with the Regulation are twofold: to promote the development of AI technologies and harness their potential benefits, while also protecting individuals against potential threats to their health, safety, and fundamental rights posed by AI systems. To that end, the Commission proposal focuses primarily on AI systems identified as “high-risk,” but also prohibits three AI practices and imposes transparency obligations on providers of certain non-high-risk AI systems as well. Notably, it would impose significant administrative costs on high-risk AI systems of around 10 percent of the underlying value, based on compliance, oversight, and verification costs. This blog highlights several key aspects of the proposal.
On May 12, the Biden Administration issued an “Executive Order on Improving the Nation’s Cybersecurity.” The Order seeks to strengthen the federal government’s ability to respond to and prevent cybersecurity threats, including by modernizing federal networks, enhancing the federal government’s software supply chain security, implementing enhanced cybersecurity practices and procedures in the federal government, and creating government-wide plans for incident response. The Order covers a wide array of issues and processes, setting numerous deadlines for recommendations and actions by federal agencies, and focusing on enhancing the protection of federal networks in partnership with the service providers on which federal agencies rely. Private sector entities, including federal contractors and service providers, will have opportunities to provide input to some of these actions.
As has been widely reported, there is an ongoing global shortage of semiconductor chips that enable products and services throughout many sectors of the economy. On Tuesday, the U.S. Federal Communications Commission (“FCC”) released a Public Notice seeking public comment on the impact of this chip shortage on the U.S. communications sector specifically.
The Public Notice does not propose new rules, rather, it seeks input from stakeholders in the communications sector to guide the FCC’s priorities and initiatives as it seeks to help build a more secure and resilient communications supply chain. In issuing the Public Notice, acting FCC Chairwoman Jessica Rosenworcel pointed out that “these tiny pieces of technology are the basic building blocks of modern communications—including 5G, Wi-Fi, satellites, and more.”
In Penhallurick v MD5 Ltd  EWHC 293 (IPEC) the Court held that the copyright in various literary works relating to software Mr. Penhallurick created during his tenure with former employer MD5 belonged to MD5. The Court found that the works were created in the course of Mr. Penhallurick’s employment with the result that MD5 was deemed the owner of the works (under the Copyright, Designs and Patents Act 1988), despite the fact that some of the work was done from Mr. Penhallurick’s home, outside normal office hours and using his own computer.
Over the last year we have seen increasing interest from our global client base in investing in strategic, transformational technology transactions with European counterparties. These transactions often facilitate access to key technologies, geographies and, of course, data. In this note we set out 6 key points to keep in mind when planning, negotiating and executing these types of transactions across Europe.
Today, the Supreme Court issued its decision in Facebook v. Duguid, adopting a narrow interpretation of a key definitional term in the Telephone Consumer Protection Act (TCPA) and resolving the circuit split we previously described here and here. Continue Reading Supreme Court Narrows Meaning of TCPA Autodialer Definition