Choose Site

In a recent post, we addressed the US Department of Justice’s recent recommendations to reform Section 230 of the Communications Decency Act (CDA) to provide incentives for online platforms to address illicit material on their platforms, and the Platform Accountability and Consumer Transparency Act (PACT), legislation proposed by two US senators that is also aimed at reforming Section 230 of the CDA. Since the time of that post, we’ve continued to track developments regarding Section 230 of the CDA and we have some updates for our readers.

Morgan Lewis partner Reece Hirsch will moderate and present on a panel titled “Digital Health Privacy: OCR and FTC Perspectives” during the virtual 2020 Privacy + Security Forum on October 22.

The session will address the latest issues and trends in digital health privacy regulation, featuring the perspectives of senior regulators from the US Department of Health and Human Services Office for Civil Rights (OCR) and the Federal Trade Commission (FTC). The panel will examine the overlapping jurisdictions of the OCR and FTC with respect to a variety of digital health products, including mobile apps, activity trackers, and voice assistants, focusing on a series of hypotheticals.

We hope you'll join Reece on Thursday, October 22, 2020, from 11:30 am to 12:30 pm ET.

More information >>

The US Patent and Trademark Office (USPTO) recently released a report titled “Public Views on Artificial Intelligence and Intellectual Property Policy,” which addresses the impact of artificial intelligence (AI) on various intellectual property (IP) regimes. Per the USPTO’s press release announcing the report, the report “represents the agency’s firm commitment to keeping pace with this rapidly changing and critical technology.”

In December 2019, we published a blog post introducing open banking; here, we provide an update for 2020. To briefly summarize, open banking comprises a set of rules which permit third-party providers (TPPs) of financial services to access a customer’s financial data with their explicit consent.

In the United Kingdom, open banking is delivered through the Open Banking Implementation Entity (OBIE), which was established by the Competition and Markets Authority (CMA). All TPPs must be authorized by the UK’s financial regulator, the FCA. As of July 2020, there are 267 regulated providers, up from 104 at the beginning of 2019.

Peter Watt-Morse and Ben Klaber, members of our technology, outsourcing, and commercial transactions practice, will be presenting a one-hour session on cloud computing as part of the Pennsylvania Bar Institute’s (PBI’s) virtual Cyberlaw Update 2020. The session will take place Tuesday, September 29, 2020 at 10:10 am ET.

Peter and Ben will discuss the impact of cloud computing with our current remote work environment; data issues regarding ownership, access, and security; and specific cloud-impacted contract provisions such as service levels, transitions, and force majeure.

To register for the Cyberlaw Update (which includes CLE credits), please visit the PBI’s website.

Mike Pierides, a partner in our technology, outsourcing, and commercial transactions practice, will be presenting a session titled “Procuring RegTech – Best Practices for Sourcing Compliance-related Technology from Third Party Vendors” at the 6th International Compliance Forum.

Bias issues in AI decisionmaking have become increasingly problematic in recent years, as many companies increase the use of AI systems across their operations. On one hand, AI can help reduce the impact of human biases in decisionmaking. On the other, AI can make the bias problem worse.

AI systems learn to make decisions based on the data and algorithms humans put into them. Often, AI systems inherit human biases because they are trained on data containing human decisions. Evidence suggests that "AI models can embed human and societal biases and deploy them at scale."

Companies developing digital therapeutics, clinical decision support apps, and other digital health technologies for use in the coronavirus (COVID-19) pandemic should be mindful of FDA’s quickly evolving policies and guidance affecting such technologies. In our recent LawFlash, FDA Regulation of COVID-19 Apps, Digital Therapeutics, and other Digital Health Technologies, we examine recent FDA developments and their implications for companies in the digital health space.

For example, FDA has issued several new guidance documents describing policies of enforcement discretion to help promote the development and availability of digital health technologies for COVID-19. FDA also has issued multiple Emergency Use Authorizations for new COVID-19-related digital health products, and has issued guidance intended to clarify when clinical decision support software is subject to FDA oversight. It is critical for companies seeking to develop digital health technologies for pandemic-related uses to determine whether and how their products may be regulated by FDA.

Adding corporate flexibility to IT-related commercial contracts can make seemingly unrelated mergers and acquisitions (M&A) transactions a bit less complex. Although many contracting parties already consider assignment rights and restrictions in relation to certain successor scenarios, the divestiture scenario—where contractual rights are not simply transferred in whole—deserves a closer look.

The Business Software Alliance (BSA) recently endorsed principles for building trust in the Internet of Things (IoT), highlighting the need for a risk-based approach that (1) accounts for the various components, capabilities, users, environments, life cycles, and complexities of the IoT ecosystem, and (2) engages the corresponding stakeholders. Given the near boundless opportunities—and risks—deriving from its connectivity, a connected device should not be designed and managed in isolation.

The following key themes emerged throughout the BSA policy principles: