HSF’s Consumer sector team (including Hayley Brady and James Balfour from our Digital TMT and Sourcing group, alongside members of our IP group) have recently produced a feature article in PLC Magazine on Challenges in the Consumer Sector. This is the first in a series of three articles examining the current issues facing the sector.
The article examines the impact of transformative technology and looks in particular at AI, AR & VR (including IP aspects), data commercialisation, Internet of Things, contextual commerce, data privacy, cyber security, targeted advertising, and on-line infringement of IP rights.
For more on these and other issues affecting the Consumer sector see our Future of Consumer website.
Cyber-attacks are a continuous threat to both businesses and charities. From the Cyber Security Breaches Survey 2019 (available here as a PDF), we can see that fewer businesses are identifying breaches than in previous years, but the ones that are identifying breaches are typically experiencing more of them. Approximately 32% of businesses and 22% of charities report having cyber security breaches/attacks in the last 12 months. The most common type of cyber security breaches reported are: Continue reading
The National Cyber Security Centre (NCSC) and the Information Commission Office (ICO) have clarified their roles in relation to breaches of cyber security. NCSC manages cyber incidents at a national level to prevent harm being caused to both victims and the UK overall. It helps manage the response at a governmental level and seeks to ensure that lessons are learned to help deter future attacks. The ICO is the independent regulator for enforcing and monitoring data protection legislation and the competent authority for Digital Service Providers under the Network and Information Systems (NIS) Directive. The ICO is the first port of call for organisations who have suffered a breach of cyber security. Continue reading
Earlier this week the UK government published the long-awaited Telecoms Supply Chain Review (available here), setting out its plans more heavily to regulate the UK telecoms sector in order to improve cyber security risk management, policy and enforcement. Continue reading
In response to what the government has identified as significant shortcomings in the security of consumer internet of things (IoT) devices, the government is consulting on proposals to regulate their security.
The consultation is aimed at a broad range of entities connected with the IoT, ranging from device manufacturers and IoT service providers to mobile application developers and retailers. Continue reading
On 17 May, the EU adopted legislation which will enable it to impose sanctions against persons and entities who engage in cyber-attacks against the EU and its member states. The sanctions will be designed “to deter and respond to cyber-attacks with a significant effect which constitute an external threat to the EU and its Member States”. The new regime underlines a clear commitment by the EU to continue to strengthen its capability to address its “[concern] at the rise of malicious behaviour in cyberspace”. Continue reading
The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also extends its reach beyond European borders and applies not just to companies within the EEA but also to some organisations outside the EEA.
With the legislation now in force, all eyes will turn towards the regulators to see how this piece of legislation will be enforced. We have already heard from the Information Commissioner in the UK that high fines can and will be levied on those that persistently, deliberately or negligently flout the law. And the ICO’s specified areas of focus are reportedly cyber security, artificial intelligence and device tracking. How this will all play out in practice remains to be seen.
For those organisations still on the compliance journey, there is a wealth of information to assist. We have published a GDPR hub, accessible here, which includes a series of briefings and webinars that take a deeper dive into some of the key considerations in any compliance programme. Copies of the briefings are accessible by clicking on the links below:
- The GDPR: the “whole of business” issue at the top of your board agenda
- The rise of the intelligent business: spotlight on employers
- Extending the long arm of the law: Extra-territoriality and the GDPR
- Data use – protecting a critical resource
- Supply Chain Arrangements: The ABC to GDPR Compliance
Cyber security remains in the public eye with multiple incidents and vulnerabilities reported affecting telecoms companies. Telecoms companies need to continue to focus on the risks and consider updating their pro-active defence and cyber security response plans to reflect the increased legal, operational, technical and regulatory risks they are facing.
The evolution of the cyber threat has not escaped the attention of governments around the world. In 2018 the Network and Information Security Directive (NISD) as well as the General Data Protection Regulation (GDPR) will be implemented in the EU. The NISD, which is due to be implemented by May, will require operators of core “digital infrastructure” and certain “digital service providers” to ensure that their network and information systems meet minimum standards of cyber security. Continue reading
Cyber incidents have the capacity to cause many different types of loss. Insurance coverage exists for at least some aspects of cyber risks in the UK market. However, given the range and diversity of risks that may arise, there are some key issues for businesses to consider when it comes to insurance against cyber risks in commercial contracts. Our recent article considers these issues in more detail.
This article was first published in the December 2017 issue of PLC Magazine.
Driverless vehicles are fast becoming a reality. It is estimated that the UK driverless car industry will be worth £28 billion to the UK economy and employ 27,000 people by 2035.
In light of this, it is unsurprising that in its 2017 Autumn Budget, the UK Government committed to boosting productivity (by supporting emerging technologies in order to build an economy that is driven by innovation). This includes an intention to lead in development standards and ethics for the use of data and AI, and to create the most advanced regulatory framework for driverless cars in the world.
The Budget sets out the steps that the Government is taking to ensure the UK is a leader in the development and deployment of new technologies. This includes plans to invest £1 billion in technology projects, including £400m for electric car charging points and £75m for research on artificial intelligence. The Government has also stated that is expects to see fully automated vehicles in commercial use in the UK by 2021 and that it will amend the regulatory framework where appropriate to help support this aim. The National Infrastructure Commission also plans to launch a new innovation prize to determine how future roadbuilding should adapt to support driverless cars. Continue reading