Senate Bill 220 was recently signed into law, making Nevada the first state to join California in granting consumers the right to opt out of the sale of their personal information. However, the new privacy law is significantly narrower than the California Consumer Privacy Act (CCPA). For example, it applies only to online activities, defines 'consumer' and 'sale' more narrowly and includes broad exceptions for financial institutions subject to the Gramm-Leach-Bliley Act.
Federal Communications Commission (FCC) Chair Ajit Pai recently announced plans to open a rulemaking proceeding to take a fresh look at the 5.9GHz band. In this new proceeding, the FCC will consider whether and how to allow sharing in the 5.9GHz band between dedicated short-range communication, gigabit Wi-Fi and cellular vehicle-to-everything technologies.
The government recently approved a legislative decree on clinical trials that introduces changes to several provisions of the existing national regulation on clinical trials. At present, clinical data obtained in Italy from non-profit clinical trials cannot be used for commercial purposes. Moreover, pharmaceutical companies funding non-profit research cannot claim ownership of data and results obtained from such research, irrespective of any agreement with the non-profit entity. This may now change.
Several legislative proposals seeking to amend the California Consumer Privacy Act are moving forward following a recent hearing before the California Assembly's Committee on Privacy and Consumer Protection in which the bills were approved. The bills will advance to the assembly's Appropriations Committee before being voted on by the full assembly and potentially advancing to the California State Senate for consideration.
A court has expressed concern with the government's "routine outsourcing" of investigations to the targets of those investigations seeking cooperation credit. The court noted the corporate target's "uniquely coercive position" over its employees, who may also be potential targets of the investigation. The decision may profoundly affect the structure and scope of cooperation agreements between the government and the corporate targets of criminal investigations.
In 2018 California passed the California Consumer Privacy Act (CCPA), which seeks to give consumers additional safeguards regarding their personal information. The CCPA will become effective in January 2020 and may impact companies in the education sector, including large education technology companies. Regulated educational entities should be wary of the CCPA's key requirements, including the deletion of consumers' personal information on request.
Congress recently introduced a bipartisan proposal to enhance cybersecurity for the network of internet-connected devices, commonly known as the Internet of Things (IoT). The IoT Cybersecurity Improvement Act 2019 aims to establish baseline cybersecurity standards for IoT devices. It would also impose limits on the types of IoT device that the US government can purchase.
The Department of Justice (DOJ) recently confirmed the importance of implementing a robust compliance programme that is not only well designed, but also adaptable and able to function effectively. The DOJ's latest guidance makes clear that companies have a strong incentive to maintain an effective compliance programme. Most importantly, these programmes must be fully implemented, account for the structure and scope of a company's business and actually operate effectively.
The Federal Trade Commission recently issued notices seeking public comment on proposed amendments to the regulations implementing the Gramm-Leach-Bliley Act, commonly known as the Safeguards Rule and the Privacy Rule. The proposed changes to the Safeguards Rule add a number of more detailed security requirements, whereas the proposed changes to the Privacy Rule focus on technical changes to align the rule with changes in law over the past decade.
The Federal Trade Commission (FTC) recently announced that it had settled with the operators of a video social networking app for a record civil penalty of $5.7 million under the Children's Online Privacy Protection Act. This action was notable not just for the penalty's size, but also because of the joint statement by two democratic commissioners that future FTC enforcement should seek to hold corporate officers and directors accountable for violations of consumer protection law.
The Lazio Regional Administrative Court recently ordered a number of ministries, including the Ministry of Health, to launch an information campaign to advise the public about the potential risks arising from the misuse of mobile and cordless phones. The decision received considerable media coverage and will most likely renew the debate about electromagnetic pollution and mobile phones.
The Italian Medicines Agency recently opened a public consultation on national templates for medicinal products and medical devices to be used in clinical trials carried out in Italy. The public consultation will hopefully help to clarify whether such templates should be considered mandatory and to what extent they may be replaced by sponsors' templates or be subject to negotiation and amendments.
Throughout 2018 the Department of Justice (DOJ) continued to ring the clarion call for cooperation and sought to provide some certainty, consistency and coordination regarding the incentives offered to companies that provide voluntary disclosures. In particular, the DOJ centralised its guidance memoranda into what is now known as the Justice Manual. The DOJ's goals were to identify redundancies, clarify ambiguities, eliminate surplus language and update the manual to reflect current law and practice.
Under the EU Medical Device Regulation and the EU In Vitro Diagnostic Medical Device Regulation, organisations that want be recognised as notified bodies must obtain a new designation. According to Assobiomedica (the association of medical device suppliers), the number of notified bodies in Italy that have applied for said designation is low. This has led to questions around what will happen if notified bodies fail to obtain the new designation and what liability they will face regarding manufacturers and patients?
Government attorneys now have additional discretion in False Claims Act civil cases to award cooperation credit to a corporation that meaningfully assists the investigation without necessarily identifying every individual person outside of senior management involved in the alleged misconduct. The new policy reflects the reality of modern corporate investigations and encourages realistic cooperation efforts without compromising the Department of Justice's policy of holding individuals accountable.
After the election of President Donald Trump, many observers wondered whether the US Department of Justice (DOJ) would change the way in which it enforces the Foreign Corrupt Practices Act. As the halfway point of Trump's first term in office approaches, it seems that the DOJ has not made any dramatic changes to the enforcement philosophy followed during prior administrations.
The Lazio Administrative Court recently decided that, as a rule, parallel importers of medicinal products have no right to change the trademark affixed to products in their country of origin unless this change is strictly necessary due to safety grounds or national regulatory restrictions. The court found that the right to undertake the parallel import of medicinal products should not unduly take advantage of the national reputation and trust built by the marketing authorisation holder in the products' state of origin.
The Italian Competition Authority (AGCM) recently launched an investigation into the online sale of dietary supplements in Italy based on claims of non-compliance with the relevant regulatory provisions, resulting in misleading actions. The AGCM's role in this context is to ensure that consumers obtain accurate information concerning dietary supplements so that they can make informed decisions concerning these products.
When a legal team needs to find the facts behind fraud and corruption allegations in a government investigation, technology can drive substantial new efficiencies. By filtering and evaluating vast amounts of information, artificial intelligence can effectively sort text messages, audio files, emails and other unstructured data into manageable groups; identify potential relationships between parties accused of fraud or corruption; and recognise patterns of frequency or timing, which may support a client's defence.
Compliance officers often report to the legal department or are staffed with qualified lawyers, making it difficult to distinguish when the compliance officer is serving in a legal capacity, rather than a compliance one. However, drawing a clear distinction between these functions, conducting internal investigations under the direction of counsel and making the legal purpose of communications or documents clear will make the best possible record to show that documents should be protected by privilege.