On 7 November 2018, the data protection authority of the Free State of Bavaria, Germany, issued a press release that, now that the European General Data Protection Regulation (GDPR) has been in effect for six months, the authority will intensify its GDPR compliance monitoring. The Bavarian data protection authority is responsible for monitoring GDPR compliance in the state of Continue Reading Data Protection Authority of Bavaria, Germany, Intensifies GDPR Compliance Monitoring

On 25 October 2018, the European Court of Justice (“ECJ”) ruled on the Boston Scientific case (Case C-527/17) and decided that medical devices may not benefit from supplementary protection certificates (“SPCs”). The key aspects and the implications of this ruling are outlined in below article. Continue Reading Europe – No Supplementary Protection Certificate for Medical Devices … At Least for Now

In Germany, companies offering security-related services have to provide to the Federal Financial Supervisory Authority (Bundesanstalt für Finanzaufsicht, “BaFin”) information regarding the identity of staff responsible for, inter alia, providing investment advice (Section 87 of the German Securities Trading Act, “WpHG”). That personal data is kept in an internal BaFin database . Continue Reading German Financial Supervisory Authority May Refuse GDPR Requests for Erasure of Personal Data of Investment Advisors

On 11 October 2018, the Music Modernization Act (“MMA”) was signed into law. It effects a sweeping overhaul of the compulsory mechanical license mechanism set forth in 17 U.S.C. §115—among other significant changes. While many in the industry have been closely following the bill as it worked its way through the legislature, the following provides an overview of key terms regarding the mechanical licensing procedures under the new law that every Continue Reading The Music Modernization Act: What Licensee Services Need to Know About Its Implementation

On 5 September 2018, the German Data Protection Conference (Datenschutzkonferenz – “DSK) provided new guidance on the interpretation of Art. 13 of the General Data Protection Regulation (“GDPR”) in the context of medical treatment. The Data Protection Conference consists of all German data protection authorities meeting twice a year with the purpose of safeguarding data protection rights, providing guidance on Continue Reading Doctors Cannot Refuse Treatment Because Patient Refuses to Sign GDPR Information Documents

As automobiles are becoming part of the Internet of Things, “connected” technologies are increasingly deployed to enhance the safe operation of autonomous vehicles. These “intelligent” vehicles rely on an ecosystem of proprietary and third-party components to gather, analyze and react to data from both inside and outside the vehicle. In order to reduce costs, accelerate development and enhance the interoperability of connected technologies and applications, automakers Continue Reading Evaluating Open Source Software to Build a Connected Autonomous Vehicle

The UK government has published a series of four technical notices on intellectual property in the event of the UK leaving the EU on 29 March 2019 without an agreement (a ‘no deal Brexit’).  The technical notices were published on 24 September 2018 and cover: Trade marks and designs; Patents; Copyright; and Exhaustion of intellectual property rights. The notices set out the UK government’s Continue Reading A ‘No Deal Brexit’ and its Affects on IP

On 6 September 2018, the German Federal Patent Court denied an application for a (preliminary) compulsory license under a patent related to the treatment of cholesterol-related disorders to the Applicant, group companies of a French pharmaceutical company (Case 3 LiQ 1/18). This decision is in line with previous jurisprudence of the court that has, with very few exceptions, been Continue Reading German Federal Patent Court Denies Compulsory License on Anti-Cholesterol Drug Patent

On 13 September 2018, institutions in the European Union (EU) started negotiations to reach a final agreement on the EU Cybersecurity Act (Act). When adopted, the Act will create EU cybersecurity certification schemes for ICT products (i.e., hardware and software elements of network and information systems); services (i.e., services involved in transmitting, storing, retrieving or processing information via network and information systems); and processes (i.e., Continue Reading The Clock Is Ticking: Negotiating an Enhanced EU Cybersecurity Framework

On 16 July 2018, the District Court of Gießen, Germany, ruled that a custodian’s representation rights also cover consent to data processing activities related to the person under custodianship. Under the EU General Data Protection Regulation (GDPR), the processing of personal data is, in principle, prohibited unless there is a legal basis for such processing. Pursuant to Art. 6 para. 1 lit. a) GDPR, one possible legal basis is the data subject’s consent. However, the legitimacy of a declaration of consent may be in doubt if Continue Reading German Court Issues GDPR Ruling on Data Subject’s Consent for Persons Under Custodianship