www.dlapiper.com/ip_global | Issue 30, Q2 2016 Attorney Advertising

Perspectives • Analysis • Visionary Ideas

INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

NORTH AMERICA

SUPREME COURT CORNER

NEW OBLIGATIONS FOR DIGITAL SERVICES PROVIDERS

US REGULATORS TAKE AIM AT NATIVE ADVERTISING

EUROPEAN TRADEMARK REFORM PACKAGE

ARE YOUR TMs READY FOR THE CHANGE?

WWW.DLAPIPER.COM/IP_GLOBAL 3

NAVIGATING THE CYBER-SEASCybertheft is more lucrative − and much safer for the criminal − than drug trafficking, piracy (on the high seas or in the IP space) or pretty much any other crime, modern or ancient. It grows every day.

The risks posed by this growing set of enemies are immediate, varied, and potentially catastrophic. And almost as dangerous as these cyber-risks are the risks posed by the good guys. Throughout the world, governments are penalizing failure to comply with the myriad of rapidly changing cybersecurity laws and regulations. Failure to be aware of and to adjust your company policies and behaviors to comply with these mandates can create significant liability in various, and far flung, jurisdictions. For example, the EU data protection authorities are increasingly sprouting teeth, introducing gargantuan fines (on the level of antitrust violations) for infringement of broadly defined privacy rights. Keeping up with those mandates can be costly and time consuming for any company.

DLA Piper has one of the world's largest and most sophisticated Data Protection, Privacy and Security practices, which every day counsels clients on cybersecurity and privacy issues wherever they do business.

Our truly global team is highly ranked in lawyer directories − as noted on page 9 in this issue. We have lawyers in 30 countries active on cybersecurity projects. Our resources include a former US Senate Intelligence Committee leader on cybersecurity issues who works closely with the NSA and FBI, a former cybercrime prosecutor with years of experience as a technical security consultant, the rapporteur of the EU e-Signature legislation, and a lawyer who has helped to draft almost all of the US state data security and breach notice laws.

I am pleased to welcome the latest addition to those resources: Rena Mears. With a background including being the former head of Deloitte's Cybersecurity practice and currently sitting on key security standards committees, Rena adds to an already highly experienced team.

Let us know how we can help you navigate these dangerous waters.

John AllcockPartner Global Co-Chair and US Chair, Intellectual Property and Technology

Greek philosopher Heraclitus is credited with saying “the only thing constant is change.” In IP-related law, we often look to court cases for dramatic changes. But at this juncture in 2016, regulators are enacting some big changes. The recent evolution of the law in the areas of trademarks, information security and advertising bodes changes in the way companies and institutions do business, not only in the US, but also globally.

The European Parliament has approved a bundle of new laws that will impact EU trademarks, as well as national trademarks used throughout the EU. These changes affect everything from fees, to classifications for trademarks, to enforcement provisions for infringement.

The EU is also seeing changes in the regulation of cybersecurity. Based on the recently issued draft of the Directive on Network Information Security, companies classified as “digital service providers” and “operators of essential services” have responsibilities to manage risks related to network and information security.

In a different arena, US regulators are taking a harder look at native advertising. This form of media, fashioned to look like, for example, a news report or a feature story, is coming under increased scrutiny from the Federal Trade Commission for deceptive advertising practices.

What do all these changes mean for companies? The magnitude of the impact remains to be seen as each of the regulations comes into effect. But from a proactive approach – now may be a good time for internal review to prepare for the impending changes.

erica.pascal@dlapiper.com

Q2

Intellectual Property and Technology News is published in the North America, Asia Pacific and EMEA regions. Find all current and past editions of the IPT News here: www.dlapiper.com/ipt_news/. To subscribe to this complimentary publication, please email your contact information (including your physical mailing address) to IPTnews@dlapiper.com.

You are receiving this communication because you are a valued client, former client or friend of DLA Piper. The information contained in this newsletter is for informational purposes only and should not be construed as legal advice on any matter. To unsubscribe from this mailing list, send an email to communications@dlapiper.com or send your written request to: DLA Piper, Attention: Marketing Depar tment, 401 B Street, Suite 1700, San Diego, CA 92101-4297, USA. Copyright © 2016 DLA Piper LLP (US), DLA Piper UK LLP and other affiliated entities. For questions, comments and suggestions, email us at IPTnews@dlapiper.com or contact Diane Vislisel, Senior Marketing Manager, T +1 619 699 3541, diane.vislisel@dlapiper.com. US Chair – Intellectual Proper ty and Technology, John Allcock, T +1 619 699 2828, john.allcock@dlapiper.com. Editor in Chief, Dr. Erica Pascal, T +1 415 836 2505, erica.pascal@dlapiper.com. Director, Intellectual Proper ty and Technology, Licia Vaughn, T +1 619 699 2997, licia.vaughn@dlapiper.com. DLA Piper LLP (US), 401 B Street, Suite 1700, San Diego, California 92101-4297, USA. | MRS000059972

Dr. Erica PascalPartner Intellectual Property and Technology

The International Franchise Association (IFA) held its 56th Annual Convention in San Antonio, Texas in February 2016, attended by more than 4,000 people. DLA Piper lawyers have been honored to serve as general counsel to IFA for 56 years.

At the conference, several DLA Piper partners presented franchise law sessions, including the 25th annual “Elements of Successful Franchising” led by Rich Greenstein (Atlanta) and Philip Zeidman (Washington, DC). DLA Piper also hosted a reception for more than 250 clients and friends of the firm.

The IFA honored Philip Zeidman with the first ever “Wieczorek Free Enterprise Award.” The late Dennis Wieczorek headed DLA Piper’s US Franchise practice and served as IFA’s General Counsel.

DLA PIPER FRANCHISE TEAM UPDATE

Bret Lowell, partner in DLA Piper’s Northern Virginia office, was named to the prestigious 2016 Client Service All-Stars list by BTI Consulting Group.

john.allcock@dlapiper.com

EDITOR’S COLUMN

PRIVACY AND CYBERSECURITY LEADER RENA MEARS JOINS DLA PIPER

Rena Mears, the former national and global leader of Deloitte’s privacy and data protection services, and more recently managing director at BuckleySandler LLP, has joined DLA Piper in San Francisco as a Principal.

Rena’s arrival expands DLA Piper’s depth and breadth of services in the rapidly evolving areas of data protection and cybersecurity. She will work closely with lawyers in the global Data Protection, Privacy and Security group – highly rated by Chambers and Legal 500 – to augment our offerings in privacy and cybersecurity assessments, program and control design, data mapping, and program and vendor-risk management.

Rena has more than 25 years of experience advising global companies in the financial services, hospitality, technology, pharmaceutical, biotechnology, and consumer product sectors on data risk, privacy, cybersecurity and information security matters. She has built and led teams with diverse skill sets to manage information assets in the evolving global market. She has also helped organizations design and implement operational programs, processes, and controls to mitigate privacy and cybersecurity risks and respond to threats and compliance requirements.

Rena earned her M.B.A. from Auburn University and her B.A. from the University of Albuquerque and holds the following certifications: CISSP, CIPP, CISA, CITP. She also is a CPA. You may contact Rena at rena.mears@dlapiper.com.

2 INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

Rena MearsPrincipal

WWW.DLAPIPER.COM/IP_GLOBAL 54 INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

A relatively new form of advertising that has drawn the attention of regulators is “native advertising” – paid media fashioned to mimic the look and feel of the news reports, feature stories, product and entertainment reviews, and other material on the online platform where it is placed.

If consumers knew the content was a form of advertising rather than neutral reporting, they might give the ar ticle different weight – but often native ads obscure their origins as sponsored content written by a product manufacturer.

In December 2015, the Federal Trade Commission, the primary US regulator of advertising, released its first published guidance on the standards it will apply in determining whether native advertising is deceptive and whether enforcement actions should be brought under Section 5 of the FTC Act.1 The Enforcement Policy Statement on Deceptively Formatted Advertisements 2 not only applies to advertisers, but also to ad agencies and operators of affiliate advertising networks.

The Enforcement Policy highlights three forms of native ads the agency believes may mislead consumers: (1) ads appearing in a news format or that otherwise misrepresent their source or nature; (2) misleading door openers (ads or sales practices in which first contact with the consumer is deceptive as to the nature of the interaction, even if the truth is later made clear, such

as emails with falsified sender information or salespeople who do not identify themselves as such); and (3) endorsements that do not disclose the sponsoring advertiser.

The Enforcement Policy focuses on whether the content is advertising and whether the consumer will understand it is advertising. From the FTC’s perspective, the key is transparency. An advertisement or promotional message should not suggest or imply to consumers that it is anything other than an ad. Some native ads are so clearly commercial in nature that they are unlikely to mislead consumers, even without a specific disclosure. In other instances, a disclosure may be necessary to ensure consumers understand the content is advertising.

The FTC further provides guidance in its Native Advertising: A Guide for Businesses, including 17 examples of when disclosures are needed and suggestions for disclosures.3 In evaluating whether consumers are likely to understand the nature of a native ad, advertisers should consider the particular circumstances in which native ads are presented to consumers. These circumstances include consumers’ ordinary expectations based on their prior experience with the media in which the ads appear and how they consume content in those media. For example, the more similar a native ad is in format and topic to content on the publisher’s site, the more likely a disclosure will be necessary.

1 15 U.S.C. §45.

2 www.ftc.gov/system/files/documents/public_statements/896923/151222deceptiveenforcement.pdf

3 www.ftc.gov/tips-advice/business-center/guidance/native-adver tising-guide-businesses

4 www.ftc.gov/sites/default/files/attachments/press-releases/ftc-staff-revises-online-adver tising-disclosure-guidelines/130312d otcomdisclosures.pdf

5 www.ftc.gov/news-events/press-releases/2016/03lord-taylor-settles-ftc-charges-it-deceived-consumers-through

Scott W. Pink, Special Counsel in the IPT group and based in Sacramento, serves as the lead

outside advertising and marketing counsel to several well-known brands. You may reach him at

scott.pink@dlapiper.com.

US REGULATORS TAKE AIM AT NATIVE ADVERTISINGBy Scott W. Pink

4 INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

DLA Piper was the second

most chosen law firm for US patent litigation defense matters

in 2015.

– Lex Machina Patent Litigation Year in Review 2015

WWW.DLAPIPER.COM/IP_GLOBAL 5

The FTC does not dictate the specific disclosures that must be made, but recommends using such terms as “Ad,” “Paid Advertisement,” “Sponsored Advertising Content,” or some variation thereof. It recommends against using such terms as “Promoted” or “Promoted Stories,” which it considers ambiguous. It also states that depending on the context, consumers reasonably may interpret other terms, such as “Brought to You by [X],” “Promoted by [X],” or “Sponsored by [X],” to mean that a sponsoring advertiser funded or “underwrote” but did not create or influence the content. Such terms may not be appropriate in all contexts.

Any disclosures should adhere to the FTC’s guidance for making effective disclosures in digital advertising.4 Disclosures must be:

■ clear and prominent

■ in clear and unambiguous language

■ as close as possible to the native ads to which they relate

■ in a font and color that are easy to read and in a shade that stands out against the background and

■ careful to avoid technical or industry jargon or unfamiliar icons or abbreviations.

The FTC is taking this policy seriously. Recently, it brought an action against Lord & Taylor, alleging the luxury department store had deceived consumers by placing ar ticles and photos in an online fashion magazine as well as paying 50 online fashion “influencers” to endorse a particular dress. The FTC contended Lord & Taylor’s failure to disclose these payments was a deceptive trade practice. In the settlement, Lord & Taylor is prohibited from misrepresenting that paid ads are from an independent source and is required to ensure its influencers clearly disclose when they are compensated in exchange for their endorsements.5 In sum, native advertising appears to offer a fresh way to seize the attention of the Internet multitudes, but advertisers using these paid placements should proceed with care.

WWW.DLAPIPER.COM/IP_GLOBAL 76 INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

ARE YOUR TMS READY FOR THE CHANGE? EUROPEAN TRADEMARK REFORM PACKAGE By Dr. Ulrike Gruebler

European trademark law is currently undergoing the most fundamental changes since the introduction of the European Community trademark system 20 years ago. In late 2015, the European Parliament approved a reform package consisting of an amended European Union Trademark Regulation (Regulation (EU) 2015/2424) and a new Trademarks Directive (Directive (EU) 2015/2436). This bundle of new laws brings changes not only to EU trademarks, but also to owners of national trademarks in the EU.

The amendments touch on the fee structure for trademark applications and renewals and criteria concerning the registrability of trademarks and procedural issues, as well as certain changes applicable to infringement proceedings and customs seizures. Among the changes are the following:

1. A new one-fee-per-class-system for trademark applications and renewals of Community Trademarks (now European Union Trademarks). The new system is accompanied by a new fee structure. The good news is that renewals will become substantially cheaper. However, official fees for trademark applications containing three or more classes will increase.

2. Classification of trademarks. Under previous practice, “broad” specifications consisting of “class headings” were deemed to cover all goods and services within that particular class. This topic has undergone substantial discussions since the CJEU rendered its decision in the IP Translator case in June 2012. Under the new rules, and in accordance with general practice since IP Translator, only goods and services that fall within their literal meaning will be covered. However, the proprietors of EUTMs filed before June 22, 2012 and designating the entire heading of a class will be able to notify the Office of the European Union, no later than September 24, 2016, of their intention to seek protection in respect of goods and services beyond those covered by the literal meaning of the said heading (Article 28(8) of the Regulation).

3. The requirement to represent a mark “graphically” will no longer apply. This change is substantial because it will become easier to register non-traditional trademarks. Trademark applicants may apply for trademarks protecting sound, color, shapes and movements more easily. As an example, under the current system, sound marks were registered only when a music notation was provided. This will not be required any longer; thus, sounds not representable by music notations may be registered. For EUTMs, these changes go into effect starting October 1, 2017.

4. Seizure of counterfeit goods in transit through the EU. A seizure will become possible even in cases where the goods were not meant for the EU, unless they would not be infringing in the country of their final destination. The burden of proof will shift to the alleged infringer. To challenge the seizure, the holder of the goods will need to demonstrate that the EU trademark holder would not be entitled to prevent the marketing of the goods in the country of final destination. The reform will also allow the rights holder to take action against infringing preparatory acts – for example, the use of packaging and labels.

5. The reform requires the EU member states to provide national opposition proceedings as well as administrative (PTO) proceedings for the revocation or declaration of invalidity of trademarks. There are still several EU countries where such disputes must be brought before the national courts. However, EU member states have several years to introduce these changes.

6. An EU Certification Mark will be introduced as a new type of trademark at the EU level. Certifying institutions will be able to permit adherents to the certification system to use the mark as a sign for goods or services complying with applicable certification requirements. The introduction of EU certification marks will remedy the current inconsistency between national systems and the EU trademark system.

In total, the reform package contains major changes. It appears advisable for brand owners holding trademarks in the EU to review their trademark portfolio and filing practices to ensure they are in line with the reforms. A DLA Piper microsite dedicated to the EU Trademark Reform provides regular updates on the status of the reform – visit www.dlapiper.com/en/us/focus/eu-trademark-reform.

Dr. Ulrike Gruebler, a partner in the IPT group and based in Hamburg, focuses on German, European and international trademark, design, and copyright law.

Reach her at ulrike.gruebler@dlapiper.com.WWW.DLAPIPER.COM/IP_GLOBAL 7

WWW.DLAPIPER.COM/IP_GLOBAL 98 INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

Stryker Corp. v. Zimmer, Inc. Halo Electronics, Inc. v. Pulse Electronics, Inc.

PATENT – DECIDED: JUN. 13, 2016

Issue: Whether the Federal Circuit’s two-part test for willful patentinfringement, with separate objective and subjective prongs, shouldbe rejected and replaced with a more flexible “totality of thecircumstances” test.

Held: Vacated and Remanded. The Federal Circuit’s two-prong Seagate standard for willful infringement and enhanced damages is “unduly rigid,” conflicts with the text of §284, and “impermissibly encumbers” the statute’s grant of discretion to the district court.

As previewed in the Q4 2015 Supreme Court Corner, theCourt has now decided both Halo v. Pulse Electronicsand Stryker v. Zimmer, and in doing so, has changed the applicable legal standard for a finding of willful infringement and enhanced damages under 35 U.S.C. § 284.

In 2007, the Federal Circuit decided Seagate, making a willful infringement finding more difficult than it had been under prior precedent by applying a heftier two-pronged standard: (1) “a patentee must show by clear and convincing evidence that the accused infringer acted despite an objectively high likelihood that its actions constituted infringement of a valid patent” (the objective prong) and (2) the patentee must then demonstrate the objectively defined risk was “either known or so obvious that it should have been known to the accused infringer” (the subjective prong).

In Halo and Stryker, the Court has now rejected the Seagate standard. Recognizing that enhanced damages are “as old as U.S. patent law,” the Court’s opinion traces their history from the Patent Act of 1793 through the 1952 enactment of §284, in which Congress “merely reorganiz[ed]” the language of the

statutes to “clarify” them. Slip Op. at 2-4. Consistent with this history, the Supreme Court quickly recognized that the “new” enhanced damages provision of the Patent Act, §284, provided for “punitive or increased damages” in a case of “willful or bad-faith infringement.” Id.

In rejecting the Seagate framework as “unduly rigid” and as an “impermissib[e] encumber[ance]” on the statutory grant of discretion, id. at 9, the Court explained that §284 (which states that a district court “may” enhance damages) “contains no explicit limit or condition” and that the statute’s use of the word “may” “clearly connotes discretion.” Id. at 7-8. Indeed, 180 years of precedent established that enhanced damages “are not to be meted out in a typical infringement case, but are instead designed as a ‘punitive’ or ‘vindictive’ sanction for egregious infringement behavior” which includes “willful, wanton, malicious, bad-faith, deliberate, consciously wrongful, flagrant, or—indeed—characteristic of a pirate.” Id. at 8.

Responding to the argument that removing the Seagate standard will “embolden [patent] ‘trolls,’” the Court cautioned that enhanced damages are not to be awarded in “garden variety cases.” Id. at 14-15. Moreover, an unspecified threat that so-called “patent trolls” will seek enhanced damages more often simply “cannot justify imposing an artificial construct such as the Seagate test on the discretion conferred under §284.” Id. at 15.

Thus, in applying their discretion to award enhanced damages, district courts are to be “guided” by the “nearly two centuries of application and interpretation of the Patent Act” which “limit[s] the award of enhanced damages to egregious cases of misconduct beyond typical infringement.” Id. at 15.

Special Edition: The Supreme Court alters the standard for enhanced damages in patent cases

SUPREME COURT CORNER

CYBERSECURITY

More than 75 business leaders attended DLA Piper’s CLE event on April 14 in Atlanta on “Cybersecurity – What It Means For Your Business.” Co-sponsored with EY, the breakfast event featured two panels. The first panel, “Cyber-risk and National Security” included Senator Saxby Chambliss, Partner, DLA Piper; Tom Fanning, Chairman, President, CEO, Southern Company; and Admiral Michael S. Rogers, US Navy, Commander, US Cyber Command, Director, National Security Agency/Chief, Central Security Service. This panel was moderated by Jim Halpert, Co-Chair of DLA Piper’s Cybersecurity practice. They discussed the ever-evolving cybersecurity landscape through the lenses of national security and

considerations for today’s business leaders.

The second panel, “Strategies for Staying Ahead of Cybersecurity Risk,” included a panel discussion with business executives on cybersecurity risk management. Panelists were Jim Eckart, Chief Information Security Officer, The Coca-Cola Company; Teresa Wynn Roseborough, Executive Vice President, General Counsel and Corporate Secretary, The Home Depot; and Jonathan Short, General Counsel and Corporate Secretary,

Intercontinental Exchange. This panel was moderated by Bob Sydow, EY, Americas Cyber Security Leader.

Panelists discuss strategies for staying ahead of cybersecurity risk. Left to right: Bob Sydow, Teresa Wynn Roseborough, Jim Eckar t, Jonathan Shor t.

DLA PIPER CYBERSECURITY GROUP HOSTS HIGH-PROFILE EVENT

Panelists discuss cyber-risk and national security. Left to right: Jim Halper t, Senator Saxby Chambliss, Tom Fanning, Admiral Michael S. Rogers.

Cyber Crime – Legal 500 USA 2016

Technology: Data Protection and Privacy – Legal 500 USA 2016

EU Regulatory: Privacy and Data Protection – Legal 500 EU 2016

Privacy & Data Security – Nationwide – Chambers USA 2016

Data Protection – Global-wide – Chambers Global 2016

TIER 1

BAND 2

DLA PIPER DATA PROTECTION, PRIVACY AND SECURITY RANKINGS

Partner Stan Panikowski, based in San Diego, focuses on IP, antitrust, appeals and other areas of business litigation. Reach him at stanley.panikowski@dlapiper.com.

Associate Brian Biggs, based in Wilmington, Delaware, represents clients across many technical fields in patent litigation. Reach him at brian.biggs@dlapiper.com.

Associate Andrew N. Stein, based in Washington, DC, focuses on patent litigation in federal district courts and §337 investigations. Reach him at andrew.stein@dlapiper.com.

Stephen Gombita, an associate based in Washington, DC, focuses on patent infringement cases involving a variety of technologies. Reach him at stephen.gombita@dlapiper.com.

WWW.DLAPIPER.COM/IP_GLOBAL 98 INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

WWW.DLAPIPER.COM/IP_GLOBAL 1110 INTELLECTUAL PROPERTY AND TECHNOLOGY NEWS

First proposed by the European Commission in 2013, the long-awaited draft Directive on Network Information Security (the NIS Directive) was agreed upon by the European Parliament and the Council in December 2015.1 In line with the EU’s broader Cyber Security Strategy, 2 the NIS Directive is a significant achievement towards a more secure cross-border cyberspace with a high shared level of network and information system security. It is expected that the European Parliament and Council will soon vote to implement the Directive. Member states will then be required to implement it within 21 months.

The NIS Directive’s scope The NIS Directive’s principles will apply to “digital services providers” (DSPs) and “operators of essential services” (OESs).

DSP refers to “any legal person that provides a digital service” and expressly encompasses online search engines, cloud computing services and online marketplaces. DSPs are required to take appropriate technical and organizational measures to manage risks related to the security of networks and information systems.

For classification as an OES, a service is deemed “essential” when it is (i) essential for maintenance of critical societal and/or economic activities; (ii) its provision depends on networks and information systems; and (iii) an incident involving network information systems would have a “significant” disruptive effect on the provision of such service. “Essential services” include energy, transport, banking, financial market infrastructures,

the health sector, water supply and distribution, and digital infrastructures. The actual identification of OESs is left to the member states. Internet exchange points, domain name systems service providers and top-level domain name registries are considered OESs (not DSPs).

Member state laws shall ensure that OESs and DSPs are required to take appropriate technical and organizational steps to manage risks related to network and information system security, and to prevent and minimize the impact of incidents affecting network and system security. For incidents having a “significant impact on the continuity of essential services,” OESs and DSPs are required to notify the national authority in charge of cybersecurity matters or the national Computer Security Incident Response Team (CSIRT).

MEMBER STATE COOPERATION

The Directive creates an operational network among EU member states on cybersecurity focusing on risks and incidents affecting networks and information systems in the EU and including representatives from all member states, the European Commission, and the European Network and Information Security Agency. Another network of representatives from member states’ CSIRTs will exchange information on services, operations and cooperation capabilities, coordinate incident responses and support member states in addressing cross-border

1 http://www.consilium.europa.eu/en/policies/cyber-security/

2 Available here: http://register.consilium.europa.eu/doc/srv?l=EN&f=ST%206225%202013%20INIT

incidents. Member states are required to develop a national NIS strategy with clear objectives and appropriate policies and regulatory measures to achieve a higher level of network and information system security.

WHAT NOW?

At this stage, the scope and obligations of the NIS Directive are vague, leaving few avenues for businesses that wish to prepare for it.

Because the NIS Directive leaves identification of OESs to the member states, potential OESs − i.e., operators meeting the criteria set forth by the NIS Directive − should closely monitor the implementation of the Directive in the EU countries where they are established. Engaging with member states in establishing OES lists may also be beneficial. Given that no formal identification procedure currently exists regarding DSPs, businesses must carefully self-assess whether they fall within the broad definition. Importantly, the NIS Directive also applies to DSPs that merely offer digital services within the EU, even if they are not established in a member state.

Operators likely to fall within the Directive’s scope should, as a first step, review their security measures and notification procedures and perform a gap analysis. Although many businesses already face similar local obligations, for others the new regime may be a significant operational challenge, requiring preparation and important investments.

Carol Umhoefer, a par tner in the Data Protection, Privacy and Security group and based

in New York, is admitted to practice in New York and Paris. Her practice encompasses

information technology, e-commerce and commercial matters as well as related regulatory

compliance. Reach her at carol.umhoefer@dlapiper.com.

Par tner Patrick Van Eecke, co-chair of the global Data Protection, Privacy and Security

practice, advises telecoms companies, ISPs, software developers, governments and companies

using IT related services. He is based in Brussels. Reach him at patrick.vaneecke@dlapiper.com.

Mathilde Hallé, an IPT associate based in Paris, advises private companies and public entities in

their projects in France and abroad. Reach her at mathilde.halle@dlapiper.com.

EU: NEW OBLIGATIONS FOR DIGITAL SERVICES PROVIDERS AND OPERATORS OF ESSENTIAL SERVICESBy Carol Umhoefer, Patrick Van Eecke and Mathilde Hallé

WWW.DLAPIPER.COM/IP_GLOBAL 11

GLOBAL PRIVACY

Mr. Stephen Kai-yi Wong, Privacy Commissioner

for Personal Data, Hong Kong, addresses

the room.

DLA Piper held an invitation-only dinner in Washington, DC during the Global Privacy Summit 2016, hosted by IAPP (International Association of Privacy Professionals) on April 4. At our dinner, guest speaker Mr. Stephen Kai-yi Wong, Privacy Commissioner for Personal Data, Hong Kong, discussed the privacy landscape in Hong Kong.

Thirty guests attended, among them Florence Raynal, Head of the Department of European and International Affairs, Commission Nationale de l’Informatique et des Libertés (CNIL). A number of DLA Piper lawyers from around the world were also in attendance.

The IAPP is the largest and most comprehensive global information privacy community and resource. More than 3,500 people attended the Summit from all over the world.

www.dlapiper.com

DLA PIPER #1 IN FRANCHISE LAW

14 DLA Piper attorneys

are Legal Eagles

– Franchise Times

LEADING FIRM

DLA Piper is “the leading

global authority”

– Chambers Global

Franchise law firm of the

year – 12 years in a row

– Who’s Who Legal

Law firm of the

year 2016

– U.S. News & World Report