SEC Lifts Moratorium on Registration of UK-Based Managers

Recent communications from the U.S. Securities and Exchange Commission (SEC) indicate that the SEC is again considering registration of advisers located in the UK. The SEC had delayed approving UK and European Union (EU) investment managers’ applications for registration since the adoption of the EU’s General Data Protection Regulation (GDPR), due to concerns that the GDPR would impede the SEC’s ability to collect data from, and supervise, these UK and EU investment managers.

Read More

EmailShare

California Amends Privacy Laws Again: CCPA Health Information Amendment and Employee/B2B Exemption Signed into Law; Vetoes for Genetic Privacy and Social Media Parental Consent Bills

California’s Governor Gavin Newsom recently signed into law two bills to amend the California Consumer Privacy Act (“CCPA”).  He also vetoed two other consumer privacy bills based on concerns about potential conflicts with existing state and federal law. Collectively, these four bills represented the most significant privacy legislation that came out of the California Legislature’s 2019-20 term, which came to a close on September 30th.

Only one of the two new CCPA amendments, AB713, includes substantive changes to the law.  It streamlines the CCPA’s health information exception and imposes new obligations on CCPA businesses and others that handle deidentified patient information.

The other CCPA amendment, AB1281, simply extends the CCPA’s employee and B2B exemptions to January 1, 2022 if voters fail to pass Proposition 24 (CPRA or CCPA 2.0) in November.  Those exemptions are currently set to expire on December 31st of this year.

Newsom also vetoed two consumer privacy bills despite expressing support for the goals of each.  SB980 would have expanded consumer rights with respect to genetic information collected by direct-to-consumer genetic testing companies.  Newsom’s veto was motivated by concerns that the law could have “unintended consequences” for the operation of the state’s communicable disease reporting requirements, including those applicable to COVID-19.  The other bill, AB1138, would have imposed additional parental consent requirements on social media network operators.  Newsom vetoed it to avoid potentially overlapping state and federal compliance obligations, citing parallels between the bill and federal regulations under the Children’s Online Privacy Protection Act (“COPPA”).

Here we outline the significant features of each of the new CCPA amendments.

Read More

EmailShare

Changes in Chinese Securities Law and Draft Data Security Law Affect Cross-Border Investigations

Recent changes to Chinese law have broad implications on cross-border data transfer in the course of investigations conducted by non-Chinese regulators. Clients work closely with counsel to navigate potential legal landmines in any defense of an investigation involving data from China.

Just over six months ago, on March 24, 2020, the People’s Republic of China’s (PRC) revised Securities Law (revised on December 28, 2019) (中华⼈民共和国证券法(2019年修订) went into effect. While the revised Securities Law affects many aspects of China’s securities law framework (including the registration of new securities for initial public offerings, disclosure requirements, and investor protection rules), a new “blocking” provision is particularly notable. Specifically, Article 177 of the revised Securities Law prohibits non-Chinese securities regulators from conducting investigations within China and prevents Chinese individuals and entities from providing information to such regulators without first receiving approval from the China Securities Regulatory Commission and/or other competent departments under the State Council.

Read More

EmailShare

Office of Foreign Assets Control: Making or Facilitating Ransomware Payments May Violate U.S. Sanctions

On October 1, 2020, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an advisory that highlights the risk of potential U.S. sanctions law violations if U.S. individuals and businesses comply with ransomware payment demands.1

Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. Payment is often demanded in bitcoin, and thus third-party services are often used to make such payments. Increasingly, ransomware attacks not only lock data up but steal data from the victim and threaten to publish sensitive files belonging to victims. According to OFAC, ransomware attacks have been increasing over the last two years and are a special risk during the COVID-19 pandemic, with cybercriminals targeting not only large corporations but also small to medium enterprises, hospitals, schools, and local government agencies.2

Read More

EmailShare

European Court of Justice Applies Free Movement Rules of E-Commerce Directive to Advertising by Mail-Order Pharmacy

In its judgment from October 1, the European Court of Justice (ECJ) ruled that an EU Member State cannot restrict a mail-order pharmacy, established in another Member State, from using paid referencing on search engines and price-comparison websites to promote its service, unless the Member State clearly establishes that the restriction is appropriate, and does not go beyond what is necessary, to protect public health. The ECJ further found that several other advertising restrictions imposed by France restricted the freedom to provide services under the e-commerce rules, but added that those restrictions may be justified provided that certain conditions are fulfilled, which is for the national referring court to verify.

Read More

EmailShare

Introducing Sidley’s Blockchain Legal Launch Pad

Adoption of blockchain and distributed ledger technology has the potential to revolutionize business and business practices in ways not seen since the advent of the internet and e-commerce.

Whether you are directly responsible for researching, developing, or implementing new blockchain initiatives, or you are executive management and need a more informed understanding of the issues your project teams are confronting, Sidley’s Blockchain Legal Launch Pad is a place to which you can turn as a resource.

Read More

EmailShare
1 2 3 89
EmailShare
XSLT Plugin by BMI Calculator