The Federal Trade Commission (FTC) submitted public comments to the US Department of Commerce’s National Telecommunications and Information Administration (NTIA) in connection with the NTIA’s draft guidance on improving the security of Internet of Things (IoT) devices. The FTC’s comments focus on ensuring that manufacturers better inform consumers about security updates.

A recent decision issued by United States District Court Judge Robert Scola found that the website of an owner and operator of a chain of regional grocery stores is subject to Title III of the Americans with Disabilities Act (ADA) as a service of a public accommodation, and must be accessible to persons who are visually impaired. Gil v. Winn-Dixie Stores, Inc. appears to be the first trial on the issue of whether a website is covered by Title III of the ADA.

KPMG Global Advisory and HfS Research reported in a joint survey that the outsourcing and shared services market continues to be in a state of change in 2017, pointing to a combination of business drivers and technological advances as the cause.

The global business services (GBS) model (which delivers core business processes such as finance and accounting, human resources, information technology (IT), sourcing and procurement, and internal customer care to organizations) is the most prevalent model in organizations with revenues greater than $5 billion, and shows sustained growth. Smaller companies continue to adopt more centralized operating models.

On Thursday, June 22, Morgan Lewis partners W. Reece Hirsch and Mark L. Krotoski and associate Jacob J. Harper will discuss best practices for defending against data breaches involving protected health information. Topics will include the following:

  • Implementing an effective security breach response plan
  • Responding to the threat of ransomware such as WannaCry
  • Lessons learned from recent Office for Civil Rights (OCR) enforcement actions
  • What the HIPAA Phase 2 audits can tell us about OCR’s breach response expectations

Learn more and register >

The top seven India-based outsourcing companies received approximately 7,000 new H-1B visa petitions for initial employment in fiscal year 2016, representing a decrease of 37% between fiscal year 2015 and fiscal year 2016, according to a report published by the National Foundation of American Policy (NFAP). Each year, 85,000 H-1B visas, reserved for highly skilled foreign workers, are available, and due to heavy demand, they are awarded by lottery. In recent months the H-1B program has come under scrutiny by US President Donald Trump and members of Congress.

US Representative Marsha Blackburn (R-Tenn.) recently introduced the Balancing the Rights of Web Surfers Equally and Responsibly (BROWSER) Act (the Bill), under which the Federal Trade Commission (FTC) would regain jurisdiction over online privacy regulation. The Bill would require that both internet service providers (ISPs) and online companies give consumers opt-in or opt-out rights for sharing certain sensitive consumer data, including browsing history, with third parties.

The European Union Agency for Network and Information Security (ENISA), along with three semiconductor companies, recently released a position paper proposing a position for the European Commission (EC) on security and privacy standards as they relate to Internet of Things (IoT) devices. ENISA is an agency established by the European Union to assist the EC, its member states, and businesses in addressing, responding to, and preventing cybersecurity issues. The paper points out that as IoT devices expand into all aspects of everyday life, including critical infrastructure and health systems, cyberattacks are becoming more threatening and more risky. The paper includes four key recommendations.

In our earlier Contract Corner post, we discussed the need for change management provisions to reduce the risk of costly renegotiations that could otherwise arise from changes that occur over the life of the long-term commercial agreement. Among those contractual provisions, we discussed the need to define mandatory changes and allocate responsibility for the costs associated with changes. In Part 2 of our series, we discuss below the procedural mechanisms for managing change.

As part of our "Technology May-rathon," in the upcoming webinar, “Click Here for Your Money: Technology-Based Lending,” Morgan Lewis partner Charles Horn and of counsel Melissa Hall will discuss key issues for technology-based lending. The discussion will cover three examples of technology-based lending, including marketplace lending, online direct lending, and mobile wallets.

Topics will include the following:

  • Federal preemption and state licensing issues for technology-based lending
  • “True lender” issues, including recent court decisions
  • CFPB UDAAP (“state of the art technology” better be “state of the art”)
  • Cybersecurity requirements for technology-based lending
  • Prepaid accounts final rule, including overdrafts, credit card–connected mobile wallets, and other technology issues
  • A discussion of the OCC’s FinTech Charter

This one-hour webinar will be held on Wednesday, May 31, at 1:00 pm ET.

Register/learn more>>

While a primary goal of any well-crafted commercial agreement is durability—terms that work for the life of the agreement—the only certainty in the course of a long-term commercial relationship is the inevitability of change. Once a customer has become dependent on a third party for essential goods or services to operate its business, an unforeseen shift in its business requirements or a change to applicable laws can create holdup problems for customers, leading to costly renegotiations of the original agreement. The right change management mechanisms can manage these risks by allocating the responsibility and costs for changes and creating clear and effective procedures for managing and implementing changes to the agreement.