Mark Young is Special Counsel in the London office. Mark focuses his practice on data protection, cyber security and intellectual property. He has particular expertise in regulatory compliance, legislative advocacy and online IP enforcement. Mr. Young advises global companies, particularly in the online/e-commerce, technology and pharmaceutical sectors, on all aspects of data protection and security. He also advises on associated information technology and e-commerce laws and regulations.
In addition to regulatory compliance, Mr. Young advises leading technology companies and consortia on a wide range of law reform efforts in Europe. This includes strategic advice and advocacy on EU and national initiatives, as well as references from Member State courts to the EU Court of Justice, relating to data privacy and retention, cyber security, copyright, trade marks, ecommerce, online liability, IP enforcement and software related policy.
In the IP enforcement space, Mr. Young represents rights owners in the sport, media, publishing, fashion and luxury goods industries, and helps coordinate a team of internet investigators who conduct global notice and takedown programs to combat internet piracy.
The UK’s Information Commissioner’s Office (“ICO”) has issued and is consulting on draft guidance about explaining decisions made by AI. The ICO prepared the guidance with The Alan Turing Institute, which is the UK’s national institute for data science and artificial intelligence. Among other things, the guidance sets out key principles to follow and steps … Continue Reading
On July 25, 2019, the UK’s Information Commissioner’s Office (“ICO”) published a blog on the trade-offs between different data protection principles when using Artificial Intelligence (“AI”). The ICO recognizes that AI systems must comply with several data protection principles and requirements, which at times may pull organizations in different directions. The blog identifies notable trade-offs … Continue Reading
On June 20, 2019, Keith Krach was confirmed by the U.S. Senate to become the Trump administration’s first permanent Privacy Shield Ombudsperson at the State Department. The role of the Privacy Shield Ombudsperson is to act as an additional redress avenue for all EU data subjects whose data is transferred from the EU or Switzerland … Continue Reading
An Expert Q&A with Mark Young of Covington & Burling LLP on the EU Cybersecurity Act and its new cybersecurity certification schemes for information and communication technology (ICT) products, services, and processes, especially internet of things (IoT) devices. It also discusses how the Act supports the EU Directive on the Security of Network and Information … Continue Reading
On June 3, 2019, the UK Information Commissioner’s Office (“ICO”), released an Interim Report on a collaboration project with The Alan Turing Institute (“Institute”) called “Project ExplAIn.” The purpose of this project, according to the ICO, is to develop “practical guidance” for organizations on complying with UK data protection law when using artificial intelligence (“AI”) … Continue Reading
On May 1, 2019, the UK’s Department for Digital, Culture, Media and Sport (“DCMS”) launched a public consultation (“Consultation”) regarding plans to pursue new laws aimed at securing internet connected devices. The Consultation follows the UK’s publication of its final Code of Practice for Consumer IoT Security (“Code of Practice”) last October (the subject of … Continue Reading
Earlier this month, the UK’s Information Commissioner’s Office published a draft code of practice (“Code”) on designing online services for children. The Code is now open for public consultation until May 31, 2019. The Code sets out 16 standards of “age appropriate design” with which online service providers should comply when designing online services (such … Continue Reading
The European Commission (“Commission”) has published a Recommendation on cybersecurity in the energy sector (“Recommendation”). The Recommendation builds on recent EU legislation in this area, including the NIS Directive and EU Cybersecurity Act (see our posts here and here). It sets out guidance to achieve a higher level of cybersecurity taking into account specific characteristics … Continue Reading
The Court of Justice of the EU (‘CJEU’) has held that an exclusive choice of forum clause can validly be imposed by so-called “click-wrap” contracts in online B2B transactions (see Case C‑322/14, El Majdoub v. CarsOnTheWeb.Deutschland GmbH). The ruling will make it easier for online businesses in the EU to impose a favorable choice of … Continue Reading