Internet of Things (IoT)

This is the seventh in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the secondthirdfourthfifth, and sixth blogs described the actions taken by various government agencies to implement the EO during June, July, August, September, and October 2021, respectively.  This blog summarizes the key actions taken to implement the Cyber EO during November 2021.

Although most of the developments in November were directed at U.S. Government agencies, the standards being developed for such agencies could be imposed upon their contractors or otherwise be adopted as industry standards for all organizations that develop or acquire software.


Continue Reading November 2021 Developments Under President Biden’s Cybersecurity Executive Order

Last week, the office of Acting FCC Chairwoman Jessica Rosenworcel released a draft Notice of Inquiry (NOI) regarding spectrum availability and requirements to support the growth of Internet of Things (IoT).  The FCC will consider this NOI, which is intended to collect information and does not propose rules, in its next Open Commission Meeting scheduled for September 30, 2021. This proposed NOI is the latest in a series of FCC actions that will affect the future deployment of IoT products and services in the United States.
Continue Reading IoT Update: FCC to Open Inquiry into Spectrum Needs for Growth of the Internet of Things

NHTSA recently issued a First Amended Standing General Order requiring electronic portal submission of crash incident data for automated and semi-autonomous vehicles. As of August 12, 2021, automated motor vehicle manufacturers, motor vehicle equipment manufacturers, and operators will be required to report and upload crash incident data within 24 hours to the NHTSA Incident Report

In this update, we detail the key legislative developments in the second quarter of 2021 related to artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and federal privacy legislation.  As we recently covered on May 12,  President Biden signed an Executive Order to strengthen the federal government’s ability to respond to and prevent cybersecurity threats, including by removing obstacles to sharing threat information between private sector entities and federal agencies and modernizing federal systems.  On the hill, lawmakers have introduced a number of proposals to regulate AI, IoT, CAVs, and privacy.

Continue Reading U.S. AI, IoT, CAV, and Privacy Legislative Update – Second Quarter 2021

Last Thursday, the Federal Communications Commission (“FCC”) announced that it will consider a Report and Order at its June 21, 2021 open meeting that would permit the importation and conditional sale of radiofrequency (RF) devices prior to obtaining equipment authorization in some circumstances.  The consumer electronics industry has advocated for this rule change, which will facilitate pre-sales and other marketing of new devices in the marketplace.

If adopted, the Report and Order would afford manufacturers and developers of RF devices significant flexibility in conducting pre-sale activities and potentially reduce the time required to deliver devices to market.  These revisions represent a significant change to the FCC’s equipment and marketing rules and bring the FCC’s equipment marketing and pre-sales regime in line with many other industries.   
Continue Reading FCC Set to Ease Rules that Have Limited Pre-Sales and Other Marketing of Some New Electronic Devices

In Episode 12 of our Inside Privacy Audiocast, together with special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa, we discussed the Information Regulator’s mandate and the implementation of data protection legislation in South Africa.  Now, with less than a month to go before South Africa’s Protection of Personal Information Act, 2013 (“POPIA”) takes full effect on July 1, 2021, it is critical for organizations operating in South Africa to ensure that they are ready, if and when the Information Regulator comes knocking.

It is only when organizations start their POPIA journey that they realize just how wide the POPIA net is cast, and that very few businesses fall outside of its reach.  The road to POPIA compliance should be viewed as a marathon, and not a sprint.  While implementing and maintaining an effective POPIA compliance program will take continued effort and resources well beyond the July 1, 2021 go-live date, here we outline five steps to which companies subject to POPIA should give their attention in the short term.


Continue Reading Final Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021

Acting Chairwoman Jessica Rosenworcel has announced that at its next monthly public meeting on June 17, the Federal Communications Commission (“FCC”) will kick off a process to change its equipment authorization rules and competitive bidding procedures to address national security threats.

The draft Notice of Proposed Rulemaking (“NPRM”), released Thursday, proposes changes to the FCC’s rules on equipment authorization that could restrict and revoke the authorization of devices determined to pose a threat to national security—effectively banning them from the U.S. marketplace.  The NPRM also proposes updates that would effectively require parties bidding for spectrum licenses or FCC broadband funding to certify that they will not rely on financial support from entities designated by the FCC as a national security threat.


Continue Reading FCC Announces New Efforts to Block “Insecure Devices” from the U.S. Market

On May 12, the Biden Administration issued an “Executive Order on Improving the Nation’s Cybersecurity.”  The Order seeks to strengthen the federal government’s ability to respond to and prevent cybersecurity threats, including by modernizing federal networks, enhancing the federal government’s software supply chain security, implementing enhanced cybersecurity practices and procedures in the federal government, and creating government-wide plans for incident response.  The Order covers a wide array of issues and processes, setting numerous deadlines for recommendations and actions by federal agencies, and focusing on enhancing the protection of federal networks in partnership with the service providers on which federal agencies rely.  Private sector entities, including federal contractors and service providers, will have opportunities to provide input to some of these actions.
Continue Reading President Biden Signs Executive Order Aimed at Improving Government Cybersecurity

In Penhallurick v MD5 Ltd [2021] EWHC 293 (IPEC) the Court held that the copyright in various literary works relating to software Mr. Penhallurick created during his tenure with former employer MD5 belonged to MD5. The Court found that the works were created in the course of Mr. Penhallurick’s employment with the result that MD5 was deemed the owner of the works (under the Copyright, Designs and Patents Act 1988), despite the fact that some of the work was done from Mr. Penhallurick’s home, outside normal office hours and using his own computer.

Continue Reading UK Court Rules on Copyright over Software Developed Whilst Working at Home

Over the last year we have seen increasing interest from our global client base in investing in strategic, transformational technology transactions with European counterparties.  These transactions often facilitate access to key technologies, geographies and, of course, data.  In this note we set out 6 key points to keep in mind when planning, negotiating and executing these types of transactions across Europe.

Continue Reading Strategic Technology Transactions in Europe – Considerations for U.S. and Global Companies