Members of the UK House of Lords have amended the Investigatory Powers Bill to make privacy a fundamental concern by inserting the following in clause 1 –
“This Act sets out the extent to which certain investigatory powers may be used to interfere with privacy.”
The amendment, proposed by Lord Janvrin, a member of the UK parliament’s Intelligence and Security Committee (“ISC“), was approved on Tuesday 11 October 2016, after a debate in which many members highlighted the need for safeguards against disproportionate use of the Bill by public authorities.
Artificial intelligence has been hailed for the promise of breakthrough innovations but also the object of concern by such notable voices as Bill Gates, Stephen Hawkins, and Elon Musk. To explore the issues presented, the White House conducted a review of the opportunities, risks, and regulatory implications of artificial intelligence. Last week, the White House released a comprehensive report, Preparing for the Future of Artificial Intelligence, reflecting a culmination of its review, including public comment and several public workshops that were co-hosted by the White House Office of Science and Technology Policy with the National Economic Council, as well as non-profit and academic organizations.
On July 7, Russian President Vladimir Putin signed a law amending existing anti-terrorism legislation that could affect U.S. telecom and internet service companies operating in Russia. It will require that telecommunications operators and internet service providers (“ISPs”) retain up to 6 months of data, including personal data and communications content, as well as metadata, for periods up to 3 years. Further, if any encryption is used to protect the data, the telecommunication or internet service provider must provide the Russian authorities the decryption technology.
On June 30, 2016, President Obama signed the FOIA Improvement Act of 2016 (the Act). The Act adds provisions to the Freedom of Information Act (FOIA) that may assist requesters, as well as lead to increased disclosure. However, business records currently protected by existing interpretations of FOIA exemptions should continue to be protected despite these changes. The flagship change enacts the Obama Administration’s “presumption of openness” by codifying an already-existing executive branch policy that restricts an agency’s discretionary power to withhold documents to situations where disclosure would result in foreseeable harm. Other changes include a 25-year sunset provision for protection of privileged pre-decisional inter- or intra-agency memoranda under exemption 5; procedural changes intended to streamline requests and reduce delay; and increased emphasis on FOIA’s alternative dispute resolution services to assist requesters.
Globe Business Media Group has published a Lexology Navigator on Data Security and Cybercrime in the USA by Sidley Austin LLP. Colleen Brown, Ed McNicholas, Alan Raul and Anna Spencer contributed to the reference guide, which also lets you compare jurisdictions on various legal topics, such as data protection, from leading practitioners in the area.
The final text of the much anticipated EU-US Privacy Shield has been sent by the European Commission for review and approval to the Article 31 Committee, which includes representatives from all 28 Member States. Approval by the Article 31 Committee will pave the way for a final decision by the Commission adopting the Privacy Shield, expected on 11 July, 2016. If approved, the Privacy Shield will take effect as soon as the US Department of Commerce establishes a new process for US companies that wish to use the Privacy Shield as a legal basis for data transfers of personal data from the EU to certify in accordance with the new framework. Businesses should examine the final Privacy Shield documents and requirements and determine whether to proceed with certification once the Privacy Shield is approved.
*This article first appeared in Forbes on July 1, 2016.
So now the European Union’s “sceptered isle” has voted to sever its bonds with its continental partners – with the wish that (as described in a Shakespeare passage memorized by every English schoolchild for generations) it can be set off by the sea “against the envy of less happier lands.” The outcome demonstrates the depth of dissatisfaction with a world that has become interconnected.
In the meantime, the EU is facing its own tensions with global interconnectedness that threaten to turn it into a virtual island as it heads further down the path of cutting off the flow of data to “third countries” outside the EU.
As the world began to grapple with the implications of the UK’s vote to withdraw from the European Union, or “Brexit,” the UK Information Commissioner has sought to provide reassurance, issuing a statement reinforcing continuity of data protection principles and a commitment to the digital economy.
The DHS and DOJ have issued final rules and guidance for receipt of cyber threat indicators and defensive measures, including Guidelines for privacy and civil liberties protections. On June 15, the DHS and DOJ announced the release of their joint rules for government handling of cybersecurity information shared by companies, along with expanded guidance for companies wishing to share cybersecurity threat information and take advantage of CISA’s liability shields for certain information sharing and defensive monitoring activities. The newly released rules incorporate and implement provisions of the Cybersecurity Information Sharing Act (CISA) which was passed in December 2015. CISA authorizes and protects information-sharing for certain cybersecurity purposes. It applies to all organizations and it offers companies a broad safeguard from liability for voluntarily sharing “cyber threat indicators” or engaging in certain cybersecurity “defensive measures.”