Photo of Jonathan Benjamin

Jonathan Benjamin is an associate in the London office, working in the firm’s technology transactions team, advising technology and life sciences clients on the intersection between commercial matters and data privacy/security.

Mr. Benjamin’s practice covers a broad range of technology agreements including those related to data sharing, data processing, outsourcing, and IT contracts. In addition, Mr. Benjamin advises on a range of regulatory matters under the GDPR.

On December 23, 2020, the European Commission (the “Commission”) published its inception impact assessment (“Inception Impact Assessment”) of policy options for establishing a European Health Data Space (“EHDS”).  The Inception Impact Assessment is open for consultation until February 3, 2021, encouraging “citizens and stakeholders” to “provide views on the Commission’s understanding of the current situation, problem and possible solutions”.

Continue Reading AI Update: European Commission Conducts Open Consultation on the European Health Data Space Initiative

On 10 September 2020, the UK Information Commissioner’s Office (“ICO”) published its beta-phase “Accountability Framework” (“Framework”).  The Framework is designed to assist organisations, of any size and across all sectors, in complying with the accountability principle under the GDPR and in meeting the expectations of the ICO.

The Framework will help those within organisations who are responsible for implementing data protection compliance strategies.  The ICO envisages that organisations will use the Framework in conjunction with other relevant guidance and materials available from the ICO.  The ICO emphasises that each organisation must be mindful of its own circumstances when managing data protection risks, and that a “one size fits all” approach should not be adopted.


Continue Reading UK Information Commissioner’s Office Publishes Draft Accountability Framework Tool

On July 30, 2020, the UK Information Commissioner’s Office (“ICO”) published its final guidance on Artificial Intelligence (the “Guidance”).  The Guidance sets out a framework for auditing AI systems for compliance with data protection obligations under the GDPR and the UK Data Protection Act 2018.  The Guidance builds on the ICO’s earlier commitment to enable good data protection practice in AI, and on previous guidance and blogs issued on specific issues relating to AI (for example, on explaining decisions on AI, trade-offs, and bias and discrimination, all covered in Covington blogs).

Continue Reading UK ICO publishes guidance on Artificial Intelligence

On February 10, 2020, the UK Government’s Committee on Standards in Public Life* (the “Committee”) published its Report on Artificial Intelligence and Public Standards (the “Report”). The Report examines potential opportunities and hurdles in the deployment of AI in the public sector, including how such deployment may implicate the “Seven Principles of Public Life” applicable to holders of public office, also known as the “Nolan Principles” (available here). It also sets out practical recommendations for use of AI in public services, which will be of interest to companies supplying AI technologies to the public sector (including the UK National Health Service (“NHS”)), or offering public services directly to UK citizens on behalf of the UK Government. The Report elaborates on the UK Government’s June 2019 Guide to using AI in the public sector (see our previous blog here).

Continue Reading UK Government’s Advisory Committee Publishes Report on Public Sector Use of AI

On February 4, 2020, the United Kingdom’s Centre for Data Ethics and Innovation (“DEI”) published its final report on “online targeting” (the “Report”), examining practices used to monitor a person’s online behaviour and subsequently customize their experience. In October 2018, the UK government appointed the DEI, an expert committee that advises the UK government on how to maximize the benefits of new technologies, to explore how data is used in shaping peoples’ online experiences. The Report sets out its findings and recommendations.
Continue Reading Centre for Data Ethics and Innovation publishes final report on “online targeting”

On May 1, 2019, the UK’s Department for Digital, Culture, Media and Sport (“DCMS”) launched a public consultation (“Consultation”) regarding plans to pursue new laws aimed at securing internet connected devices. The Consultation follows the UK’s publication of its final Code of Practice for Consumer IoT Security (“Code of Practice”) last October (the subject of another Covington blog available here) and is targeted at device manufacturers, IoT service providers, mobile application developers, retailers and those with a direct or indirect interest in the field of consumer IoT security.

Continue Reading IoT Update: The UK Announces Plans for New Connected Device Laws

Earlier this month, the UK’s Information Commissioner’s Office published a draft code of practice (“Code”) on designing online services for children. The Code  is now open for public consultation until May 31, 2019. The Code sets out 16 standards of “age appropriate design” with which online service providers should comply when designing online services (such

On 4 December 2018, the Council of the European Union (the “Council”) formally approved a major reform of the European telecom regulatory framework, the European Electronic Communications Code (the “EECC”). The Council also approved an associated regulation on the Body of European Regulators for Electronic Communications (“BEREC Regulation”).
Continue Reading IoT Update: Council of the European Union adopts the European Electronic Communications Code and BEREC Regulation

On 20 November 2018, the UK government published its response (the “Response”) to the June 2018 consultation (the “Consultation”) regarding the proposed new Centre for Data Ethics and Innovation (“DEI”). First announced in the UK Chancellor’s Autumn 2017 Budget, the DEI will identify measures needed to strengthen the way data and AI are used and regulated, advising on addressing potential gaps in regulation and outlining best practices in the area. The DEI is described as being the first of its kind globally, and represents an opportunity for the UK to take the lead the debate on how data is regulated.
Continue Reading IoT Update: The UK Government’s Response to Centre for Data Ethics and Innovation Consultation

The European Commission (the “Commission”) has launched an Open Public Consultation for building trust in Connected and Automated Mobility (the “CAM Consultation”) on the main challenges linked to the deployment of connected and automated mobility services in Europe and how trust should be built in such services. This CAM Consultation, which largely takes the form of an electronic multiple choice survey, is aimed at gathering input from the general public and relevant stakeholders – such as car manufacturers, connectivity providers, service providers, telecom providers, end-users and public authorities including municipalities, the health community and civil society organisations.

The CAM Consultation follows on from the Commission’s Communication on Connected and Automated Mobility (CAM) (the “Communication”) released in May 2018, which put forward a strategy to make Europe a “world leader in the deployment of connected and automated mobility”. Additional details on the CAM Consultation can be accessed here.
Continue Reading IoT Update: The European Commission consults on building trust in Connected and Automated Mobility