Technology Law Dispatch

Blog Authors

Latest from Technology Law Dispatch

On 14 January 2019, Singapore’s Personal Data Protection Commission issued its grounds of decision against Singapore Health Services Pte. Ltd. (SingHealth) and Integrated Health Information Systems Pte. Ltd. (IHiS) for what has been coined the “worst breach of personal data in Singapore’s history”. The unprecedented cyber attack on SingHealth’s patient database system led to the exfiltration of 1.5 million patients’ personal data and nearly 160,000 patients’ outpatient prescription records. The commission received several complaints from…
At the end of 2018 the UK Treasury Committee announced that it would launch an inquiry into information technology (IT) failures in the financial services sector. The Treasury Committee has stated that it will appoint a specialist advisor to help provide analysis and aid the inquiry. The past 18 months have seen numerous IT failures in the financial services sector. Equifax, Barclays and TSB have all suffered incidents, to name a few. TSB is arguably…
On 18 December 2018, the European Commission published draft ethics guidelines for trustworthy AI. The guidelines are voluntary and constitute a working document to be updated over time. The guidelines have been opened up to a stakeholder consultation process. The guidelines recognise that there are benefits to be gained from AI, but that humankind can only reap the benefits if we can trust the technology (in other words, that the technology contains trustworthy AI).…
A new Vermont law enforcing data security and annual disclosure obligations on data brokerage companies (e.g., Acxiom, Experian, Epsilon) came into effect on January 1, 2019.  Data brokers are required to register annually with the Vermont Attorney General and pay an annual registration fee.  Annually, data brokers must release information regarding practices related to the collection, storage and sale of personal information, applicable opt-out practices (if any) and the number of data breaches experienced during…
The Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 have been laid before the UK Parliament. The regulations are introduced under the European Union (Withdrawal) Act 2018. The Withdrawal Act grants powers to correct deficiencies in UK legislation that will arise as a result of Brexit. The regulations introduce a large number of technical amendments to UK law. The main amendments are made to: the General Data Protection Regulation 2016/679 (GDPR)…
On January 3, 2019, Singapore’s Personal Data Protection Commission issued two grounds of decision against Bud Cosmetics and AIG Asia Pacific Insurance Pte Ltd & Toppan Forms (S) Pte Ltd. Bud Cosmetics The facts of this case were as follows: Bud Cosmetics is an organic and natural skincare retailer with retail outlets in Singapore and an online store. It collected customer information for membership registration and maintained two separate databases: one for online registrations…
On 19 December 2018, the Advocate General (AG) delivered an opinion in a case concerning Fashion ID and Facebook, which considered the parties’ status as joint controllers, under the Data Protection Directive 95/46/EC (DP Directive), when a social plug-in had been embedded. Fashion ID’s website inserted Facebook’s ‘Like’ button as a plug-in, allowing personal data, such as the user’s IP address and browser journey, to be transferred to Facebook regardless of whether the user clicked…
In April 2018 the European Commission (Commission) published its Communication on the digital transformation of health and care in the Digital Single Market (Communication). The Commission outlined the need for reforms to health care systems and the development of innovative digital solutions. On 6 December 2018, the European Economic and Social Committee (EESC) published its opinion on the Communication (Opinion) in which it expressed its agreement with the vision set out by the Commission. Opinion…
Mark Carney’s extension as the governor of the Bank of England to January 2020 was put in place to ensure a smooth Brexit. Mr Carney has become increasingly vocal in his attempts to maintain financial stability during that period. This has resulted in ‘Brexiteers’ hurling accusations of fuelling “Project Hysteria” after the bank published its economic analysis of Brexit at the end of November. To help mitigate such gloomy predictions, what else could…
London has historically been considered the centre of European financial services. Now it is also viewed as the capital of financial technology (FinTech). However, with the likelihood of a no-deal Brexit becoming ever more real, and increasing attempts to lure FinTech firms to the continent, London’s title is under threat. London provides a haven where FinTechs have been able to grow operational expertise, supported by the combination of significant and sophisticated investment, tech–skilled talent, tech-minded…