Building Cyber Security Resilience: NIS 2 enters into force

The NIS 2 Directive (Directive 2022/2555) on measures for a high common level of cyber security across the EU has now entered into force. Member states must now incorporate the provisions into their national law by October 2024. NIS 2 will replace its predecessor – NIS (Directive 2016/1148), which was the first cross-sector cyber security law in the EU. NIS 2 has been necessary because the speed at which network and information systems have developed into a central feature of everyday life has led to greater interconnectedness, including in cross-border exchanges and, with this, has come an expansion of the cyber threat landscape. The number, magnitude, sophistication, frequency and impact of incidents are increasing, and can impede the pursuit of economic activities in the internal market, generating financial loss, undermining user confidence and causing major damage to the Union’s economy and society. Cyber security preparedness and effectiveness are therefore now more essential than ever to the proper functioning of the internal market; "adapted, coordinated and innovative responses" are required in all member states, says the EU. NIS was not implemented consistently across member states with, for example, some services being categorised as "essential" in some countries but not in others. Read more

Building resilience: a top priority for the UK

The UK Government published its Resilience Framework on 19 December 2022. This step recognises that crises are likely to be greater than we have been used to in both frequency and scale in the next decade, given what the government describes as "an increasingly volatile world, defined by geopolitical and geoeconomics shifts, rapid technological change and a changing climate." Read more

Article published – Lloyd v Google: the upshot for data class actions

The exponential growth in the volume of data being collected and shared, along with the ease and reduced costs of gathering, analysing, using and exploiting data, has resulted in a corresponding increase in data protection laws and regulations. Against that background, data class actions have been a growing phenomenon, driven in part by the interest of claimant law firms and litigation funders in this area. Read more

Supreme Court finds claim for compensation under data protection legislation cannot proceed on “opt-out basis” in high profile Lloyd v Google case

In its judgment this morning the Supreme Court has overturned the Court of Appeal's decision in the high profile Lloyd v Google case, which would have opened the floodgates for class actions for compensation for loss of control of personal data to be brought on behalf of very large numbers of individuals without identifying class members: Lloyd v Google LLC [2021] UKSC 50. Read more

British Airways data class action settles

Following a stay of proceedings to pursue ADR, a number of the claims being pursued as part of the Group Litigation known as the British Airways Data Event Group Litigation (the “BA GLO”) have now been settled. We last updated on the procedural developments in this case in February 2021, when a ruling was given … Read more

Regulators collaborate to oversee digital

UK Regulators will be working more closely together in future to oversee digital markets. Concerns about tech have increased during the pandemic with a sharp increase in cyber crime and the use of data collected during the pandemic causing concern amongst citizens. Data has become a more contentious area. Read more

Consumer class actions – global perspectives

The latest edition of our Future of Consumer series looks at key areas of class action risk that businesses in the Consumer sector are facing across key jurisdictions of the UK, the US, and Australia, including: Product liability and consumer law; Supply-chain issues (with a focus on business human rights and environmental, social, and governance); … Read more

FLAG meeting: Ransomware and data class actions

Herbert Smith Freehills and the Federation Against Software Theft are delighted to invite you to our joint webinar on Wednesday 20 January 2021, where expert speakers from Herbert Smith Freehills will provide insights into the following topical issues: Ransomware: Ransomware attacks are on the increase and the impact in terms of disruption and damage to reputation … Read more