In January 2017, the European Commission published the proposed text of a new draft e-Privacy Regulation (ePR) as part of its ongoing drive to advance one of its key initiatives, the Digital Single Market.

Whilst the impending introduction of the GDPR has been dominating headlines for the past months, the ePR has somewhat gone under the radar. We set out the key points to look out for with regard to the ePR and who it is likely to apply to.


Continue Reading

In 2015, the European Commission published a study (written by IDC) which provides an overview of Europe’s IoT digital ecosystem, its current status and anticipates a suggested vision of the same ecosystem in 2020. That study found:

The IoT (Internet of Things) is a pervasive innovative technology building on the universal connectivity of things and people, now moving in Europe from the pioneer phase to widespread adoption. In combination with cloud computing and Big Data the IoT is opening the new age of the hyper-connected society and acting as a powerful driver of business innovation, but also facing equally strong barriers in terms of security risks, concerns about privacy protection, and resistance to organizational change.”


Continue Reading

On 30 March 2017, the UK’s Department for exiting the European Union published a white paper outlining its proposals for a Great Repeal Bill (GRB). Whilst superficially, this appears to bring clarity to the legal position after Brexit, on closer examination the GRB proposal over-simplifies the position and glosses over the very significant legislative (and consequential business) problems that will arise from the UK’s departure from the EU in the absence of a comprehensive and detailed free trade agreement between the UK and EU to enable many of the existing business arrangements to continue. Whilst much of the press commentary has focused on the impact of Brexit on the financial services sector, the same issue, disruption of existing business models as a result of leaving the single market, arises in almost every other sector of the economy, and certainly in the telecoms, media and technology sectors.

Continue Reading

Regular readers will be aware that current data protection (privacy) laws will be replaced in Europe by the new General Data Protection Regulation (or GDPR) from May 2018. This change is driving a lot of preparatory regulatory activity – see this article for a recent summary. Whilst the impact of Brexit on data protection law in the UK is not yet finally settled, the UK regulator ICO is proceeding on the basis that the GDPR (or something very like it) will take effect in the UK and as a result is starting to consult on implementation.
Continue Reading

On 7 July 2016, the UK’s Financial Conduct Authority (FCA) issued finalised guidance for authorised UK financial institutions use of cloud services. In a marked contrast to some other jurisdictions’ approach, this guidance is issued against a policy backdrop of FCA’s ‘Project Innovate’ which is an initiative to foster innovation and competition. The FCA say:

We see no fundamental reason why cloud services (including public cloud services) cannot be implemented, with appropriate consideration, in a manner that complies with our rules.”


Continue Reading