Archives: Privacy & Data Security

Subscribe to Privacy & Data Security RSS Feed

IoT Update: EU Commission Issues Recommendation on Cybersecurity in the Energy Sector

The European Commission (“Commission”) has published a Recommendation on cybersecurity in the energy sector (“Recommendation”). The Recommendation builds on recent EU legislation in this area, including the NIS Directive and EU Cybersecurity Act (see our posts here and here). It sets out guidance to achieve a higher level of cybersecurity taking into account specific characteristics … Continue Reading

EDPB Begins Consultation on New Guidelines on Use of the “Performance of a Contract” GDPR Legal Basis by Online Services

On 9 April 2019, the European Data Protection Board (“EDPB”) adopted new guidelines “on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects.” In general, the GDPR requires that processing of personal data be justified under a legal basis in Article 6 GDPR.  … Continue Reading

ICO opens beta phase of privacy “regulatory sandbox”

On 29 March 2019, the ICO opened the beta phase of the “regulatory sandbox” scheme (the “Sandbox”), which is a new service designed to support organizations that are developing innovative and beneficial projects that use personal data.  The application process for participating in the Sandbox is now open, and applications must be submitted to the … Continue Reading

IoT Update: How Smart Cities and Connected Cars May Benefit from Each Other

Innovative leaders worldwide are investing in technologies to transform their cities into smart cities—environments in which data collection and analysis is utilized to manage assets and resources efficiently.  Smart city technologies can improve safety, manage traffic and transportation systems, and save energy, as we discussed in a previous post.  One important aspect of a successful … Continue Reading

Senate Reintroduces IoT Cybersecurity Improvement Act

On March 11, 2019, a bipartisan group of lawmakers including Sen. Mark Warner and Sen. Cory Gardner introduced the Internet of Things (IoT) Cybersecurity Improvement Act of 2019. The Act seeks “[t]o leverage Federal Government procurement power to encourage increased cybersecurity for Internet of Things devices.” In other words, this bill aims to shore up … Continue Reading

IoT Update: Covington Hosts First Webinar on Connected and Automated Vehicles

On February 27, 2019, Covington hosted its first webinar in a series on connected and automated vehicles (“CAVs”).  During the webinar, which is available here, Covington’s regulatory and public policy experts covered the current state of play in U.S. law and regulations relating to CAVs.  In particular, Covington’s experts focused on relevant developments in: (1) … Continue Reading

IoT Update: Covington to Host Webinar on Connected and Automated Vehicles

One week from today, Covington will host its first webinar in a series on connected and automated vehicles (“CAVs”).  The webinar will take place on February 27 from 12 to 1 p.m. Eastern Time. During the webinar, Covington’s regulatory and legislative experts will cover developments in U.S. law and regulations relating to CAVs. Those topics … Continue Reading

AI Update: President Trump Signs Executive Order on Artificial Intelligence

Today, President Trump signed an Executive Order (“EO”), “Maintaining American Leadership in Artificial Intelligence,” that launches a coordinated federal government strategy for Artificial Intelligence (the “AI Initiative”).  Among other things, the AI Initiative aims to solidify American leadership in AI by empowering federal agencies to drive breakthroughs in AI research and development (“R&D”) (including by … Continue Reading

NIST Seeks Comment on Security for IoT Sensor Networks

The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft project on securing sensor networks for the Internet of Things (“IoT”). Organizations and individuals concerned with the security of IoT sensor networks are invited to comment on the draft through March 18, 2019. Sensor networks are integral parts of many modern … Continue Reading

IoT Update: Who’s at the Wheel? Connected and Automated Vehicles Stakeholders Weigh In from the Mcity Congress

Last week, Covington dispatched a team of connected and automated vehicles (“CAV”) practitioners to participate in the Mcity Congress, in Ann Arbor, Michigan.  Lawyers from our Technology and IP Transactions, Public Policy, Product Safety and Liability, and Insurance practice groups presented a series of observations and insights around mitigating liability in the CAV industry, and … Continue Reading

IoT Update: The UK publishes a final version of its Code of Practice for Consumer IoT Security

Following an informal consultation earlier this year – as covered by our previous IoT Update here – the UK’s Department for Digital, Culture, Media and Sport (“DCMS”) published the final version of its Code of Practice for Consumer IoT Security (“Code”) on Oct. 14, 2018. This was developed by the DCMS in conjunction with the … Continue Reading

IoT and AI Update: California Legislature Passes Bills on Internet of Things, Artificial Intelligence, and Chatbots

The California legislature recently passed three bills meant to address rapidly-developing technologies including the Internet of Things, artificial intelligence (AI), and chatbots. Internet of Things. At the end of August, California became the first state to promulgate regulations requiring security features for Internet-connected devices. Senate Bill 327 requires that a manufacturer of a connected device … Continue Reading

IoT Update: The E-Privacy Regulation – Impact on the IoT market

It is now four months after the General Data Protection Regulation (EU) 2016/679 (“GDPR”) came into force. One of its objectives is to create uniform standards for data protection in Europe and to adapt data protection to technical progress. In addition, the “Regulation of the European Parliament and of the Council concerning the respect for … Continue Reading

IoT Update: Scotland and Australia’s Gold Coast announce IoT network initiatives

As a sign of increasing localised investment in IoT networks, in recent days both the Scottish Government and Australia’s City of the Gold Coast have announced IoT networks using low power technology solutions.  The Scottish Government’s plan is part of a wider initiative to promote IoT services across the Scottish economy whereas the Gold Coast … Continue Reading

IoT Update: U.S. Wireless Industry Establishes IoT Security Certification Program

CTIA, the U.S. wireless industry’s trade association, recently announced the creation of a cybersecurity certification program for Internet of Things (IoT) devices that connect to the internet via LTE or Wi-Fi.  The program permits device makers to submit such IoT devices for testing by CTIA-authorized labs in order to obtain a certification of compliance with … Continue Reading

Covington AI/IoT Update: EPA and NHTSA Seek Comment on Autonomous and Connected Vehicles

On Friday August 24, the Environmental Protection Agency (EPA) and the National Highway Traffic Safety Administration (NHTSA) published a proposed rule in the Federal Register: The Safer Affordable Fuel-Efficient (SAFE) Vehicles Rule for Model Years 2021-2026 Passenger Cars and Light Trucks (“Proposed Rule”).  83 Fed. Reg. 42817. The long-anticipated rulemaking has garnered media attention for … Continue Reading

AI Update: European Commission Appoints Experts For Group on AI

Last month, the European Commission appointed 52 experts to its newly-established High-Level Expert Group on Artificial Intelligence (AI HLG).  Consisting of representatives from academia, civil society, as well as industry, the AI HLG’s is tasked with supporting the implementation of the European strategy on AI. The European Commission announced the formation of the AI HLG … Continue Reading

IoT Update: Supreme Court’s Carpenter Decision Requires Warrant for Cell Phone Location Data

In a decision that defines how the Fourth Amendment applies to information collected in the digital age, the Supreme Court today held that police must use a warrant to obtain from a cell phone company records that detail the location and movements of a cell phone user.  The opinion in Carpenter v. United States limits … Continue Reading

IoT Update: Federal Appeals Courts Split on Forensic Searches of Devices Seized at Border

Two federal appellate courts are taking sharply different views on whether—and why—government agents must have some amount of suspicion to conduct forensic searches of electronic devices seized at the border. The Fourth Circuit on May 9, 2018, held that government agents must have reasonable suspicion to conduct forensic searches of cell phones seized at the … Continue Reading

IoT Update: Congress Hears Testimony on IoT Legislation

The House Energy and Commerce Committee’s Subcommittee on Digital Commerce and Consumer Protection held a hearing this week to discuss the State of Modern Application, Research, and Trends of IoT Act (SMART IoT Act). This proposed legislation would direct the Secretary of Commerce to conduct a comprehensive study of the IoT industry and Federal agencies … Continue Reading

IoT Update: China Releases National Automatic Vehicle Road Testing Rules

In April 2018, China released its nationwide automatic vehicle road testing rules, the Intelligent Internet-connected Vehicles Road Test Administrative Rules (for Trial Implementation) (the “National Rules”), which took effect on May 1, 2018. “Intelligent Internet-connected vehicles,” as defined under the National Rules, are commonly referred to as “intelligent vehicles” or “autonomous vehicles,” which involve a … Continue Reading

IoT Update: Will California’s New Autonomous Vehicles Regulations Provide a Roadmap for a National Regulatory Framework on Driverless Cars?

On April 6th, the California Public Utilities Commission (CPUC) issued a Proposed Decision authorizing pilot testing for autonomous vehicles (AVs) in California. This action follows up on the California DMV’s permitting rules for AVs in California, which would have allowed driverless testing and deployment permits to issue as early as April 2 of this year. The DMV’s … Continue Reading

AI Update: European Commission Publishes Communication on Artificial Intelligence for Europe

On April 25, 2018, the European Commission (EC) published its “Artificial Intelligence for Europe” communication (the Communication), in which it sets out a roadmap for its AI initiatives. Having acknowledged the crucial need for a boost of AI in the EU, the EC commits to supporting investment, (re)considering legislation and soft law initiatives, and coordinating … Continue Reading

Covington IoT Update: Mobile Phone Manufacturer Settles with FTC Over Allegations that Its Vendor Collected Personal Data without Consent

Mobile phone manufacturer BLU Products, Inc. entered into a settlement agreement with the FTC last week to resolve allegations that one of BLU’s China-based vendors collected personal information about its consumers without proper consent. The settlement agreement, which took the form of a consent order, applies not only to BLU but also to its CEO … Continue Reading
LexBlog