February 27, 2018, International Privacy + Security Forum, George Washington University

September 18, 2017, Covington Alert

Last week, in his annual State of the European Union Address, the President of the European Commission Jean-Claude Juncker called out cybersecurity as a key priority for the European Union in the year ahead. In terms of ranking those priorities, President Juncker placed tackling cyber threats just one place below the EU leading the fight against climate change, ...

June 22, 2017, API-IOGP Cybersecurity Europe Conference for the Oil and Natural Gas Industry

October 6, 2015, CNBC Europe

Mark Young discussed a ruling from the highest court in the EU that invalidated a key EU-US data sharing agreement.

March 14, 2019, Inside Privacy

Following a political agreement at the end of 2018, earlier this week the European Parliament approved a new cybersecurity regulation known as the EU “Cybersecurity Act” This forms part of the EU’s Cyber Package, first announced in September 2017 (which we blogged about here). In addition to reinforcing the mandate of ENISA — now to...… Continue Reading

October 15, 2018, FT Cyber Security Summit, London

July 6, 2018, Inside Privacy

By Mark Young and Gemma Nash The UK Financial Conduct Authority (“FCA”) published on July 5 a joint Discussion Paper with the Prudential Regulation Authority (“PRA”) and the Bank of England (“BoE”) on “Building the UK financial sector’s operational resilience.” The Discussion Paper focuses on the ability of regulated firms and financial market infrastructures ...

April 17, 2018

March 5, 2018, Client Presentation, Tokyo, Japan

January 30, 2018, Law360

Law360 highlights the promotion of Covington's newest partners, including John Balzano, Lindsay Burke, Bradley Chernin, Christopher DeCresce, Guy Dingley, Matthew Dunn, Laura Flahive Wu, Pamela Forrest, Alexa Hansen, Megan Keane, Sam Pyun, Kyle Rabe, Ansgar Simon, Andrew Soukup, Emily Ullman, and Mark Young.

January 8, 2018, Inside Privacy

As we summarized last fall, the EU Commission published a new Cybersecurity Communication in September that, among other things, sets out proposals for an EU cybersecurity certification framework as part of ‎an EU “Cybersecurity Act” (see our post here and a more detailed summary here).  Just before the holidays, on December 20, 2017, the UK Government published ...

December 26, 2017

SILICON VALLEY—The Financial Times has recognized Covington among the most innovative firms in 2017 in the category of "Enabling Business Growth," for advising "Tencent in its acquisition of a $8.6bn majority stake in Supercell, the Finnish gaming company, while maintaining Supercell’s creative culture and retaining its employees by introducing incentive ...

December 14, 2017, Inside Privacy

By Mark Young, Joseph Jones and Ruth Scoles Mitchell The Article 29 Working Party (WP29) has published long-awaited draft guidance on transparency and consent under the General Data Protection Regulation (“GDPR”).  We are continuing to analyze the lengthy guidance documents, but wanted to highlight some immediate reactions and aspects of the guidance that we ...

November 2017, Pratt's Privacy & Cybersecurity Law Report

October 2, 2017

WASHINGTON—Covington has promoted 16 lawyers to its partnership. “It’s a great tribute to the firm’s vibrancy that we’re continuing to build an exceptional pipeline of new partners from within our ranks,” said Timothy Hester, Covington’s chair. “We’re confident that all 16 will add importantly to the firm’s strengths and will drive further expansion of core ...

September 20, 2017, Inside Privacy

Last week, in his annual State of the European Union Address, the President of the European Commission Jean-Claude Juncker called out cybersecurity as a key priority for the European Union in the year ahead.  In terms of ranking priorities, President Juncker placed tackling cyber threats just one place below the EU leading the fight against...… Continue Reading

August 31, 2017, Inside Privacy

Earlier this month, the UK Government published a consultation on plans to implement the EU Directive on security of network and information systems (the “NIS Directive”, otherwise known as the Cybersecurity Directive).  The consultation includes a proposal to fine firms that fail to implement “appropriate and proportionate security measures” up to EUR 20 ...

August 10, 2017, The Wall Street Journal

Mark Young is quoted in The Wall Street Journal's "Morning Risk Report" in an article regarding the Network and Information Systems directive. According to Young, “This is another data-related compliance requirement and it carries heavy penalties for failure to have in place appropriate network security measures."

June 21, 2017, Facebook Design Jam

May 24, 2017, Covington Alert

On May 25, 2018, employers located or with staff in the European Union (“EU”) will have to comply with a new data protection law—Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data—commonly referred to as the General Data Protection Regulation (“GDPR”). This will ...

May 17, 2017, Covington Alert

Last Friday may mark the start of a new era in cyber crime. The first worldwide ransomware attack, commonly dubbed “WannaCry,” emerged on May 12. The malware is believed to have infected more than 300,000 computers in 150 countries to date. A cyber criminal or ring of criminals, taking advantage of an exploit made available by the ShadowBrokers hacker group that ...

March 2017, Computer Law Review International

February 15, 2017, Webinar

January 24, 2017, Law360

Mark Young and Ian Hargreaves are quoted in a Law360 article regarding the high level of cyberattacks on the financial services industry and the resulting regulatory pressures. According to Young, “The GDPR [General Data Protection Regulation] is a massive text with groundbreaking change in the data privacy area, in terms of compliance requirements and the new ...

October 19, 2016, Inside Privacy

On Wednesday October 19, 2016 the Court of Justice of European Union (“CJEU”) issued its judgment in Case C-582/14, Patrick Breyer v Germany.  The CJEU held that a “dynamic” IP address constitutes personal data (agreeing with the Opinion of the Advocate General from May this year).  Dynamic IP addresses qualify as personal data, even if...… Continue Reading

October 19, 2016, Webinar

October 6, 2016, Inside Privacy

On October 5, 2016, the UK Information Commissioner’s Office (“ICO”) fined telecoms company TalkTalk a record £400,000 for failing to put in place appropriate data security measures and allowing a cyber-attacker to access TalkTalk customer data “with ease.”  The ICO highlighted several  technical and organizational deficiencies as justification for issuing its ...

August 10, 2016, Webinar

2018

Our Brexit Task Force is staffed by senior lawyers and advisors across London, Brussels, and Washington to monitor events and to keep clients apprised of legal, regulatory, and policy developments. We are advising clients across a wide range of businesses and industries on the impact and implications of Brexit, including on strategic policy and regulatory ...

June 24, 2016, Covington Alert

The UK has voted to leave the European Union in an advisory referendum. 52% leave - 48% remain. Were the UK to leave the EU, this would have significant implications for the UK and for international businesses operating in the UK. The longer term impact of the decision on the regulatory framework for the UK will depend, in part, on the relationship that the UK ...

June 21, 2016, Webinar

June 21, 2016

SILICON VALLEY—Covington advised Tencent Holdings Limited, a leading provider of internet service in China, in connection with its acquisition of a majority stake in Supercell from SoftBank. A consortium established by Tencent will acquire up to 84% of Supercell for $8.6 billion in a transaction valuing Supercell at approximately $10.2 billion. Supercell is a ...

May 26, 2016, Webinar

May 17, 2016, Inside Privacy

The EU Network and Information Security (NIS) Directive now looks likely to enter into force in August of this year.  Member States will then have 21 months to implement it into national law before the new security and incident notification obligations will start to apply to the following entities: designated* “operators of essential services” within...… ...

April 21, 2016, Covington Workshop

April 21, 2016, Webinar

March 17, 2016, Covington Workshop

March 1, 2016, Inside Privacy

The UK’s data protection regulator, the Information Commissioner’s Office (“ICO”), has imposed a fine of £350,000 on Prodial Ltd (“Prodial”) for making over 46 million unsolicited automated telephone calls to generate leads in relation to payment protection insurance refunds.  This is the highest fine issued by the ICO to date. The ICO investigated the ...

March 2016, eHealth Law & Policy

February 25, 2016, Webinar

February 23, 2016, Employment Lawyers Association

February 19, 2016, Law360

Mark Young and Libbie Canter are quoted in this Law360 article offering tips on how deal makers can mitigate cybersecurity risks.  According to Young, any discovered incidents can give buyers pause on how  — and if — they want to move forward. “We’ve dealt with at least a couple examples where deals were at least delayed if not reconsidered because of ...

February 18, 2016, Covington Alert

January 21, 2016, Covington Webinar

December 21, 2015, Covington Alert

On December 15, the EU institutions finally agreed the text of the new EU data protection law, the General Data Protection Regulation (“GDPR”), completing a process that began in January 2012. The LIBE committee has published the consolidated version of the GDPR text. The GDPR heralds a new era of data protection. It replaces the existing data protection ...

December 8, 2015, InsidePrivacy Blog

December 8, 2015, Law360

Mark Young is quoted in a Law360 article discussing the EU Network and Information Security Directive, which sets a cybersecurity and breach reporting baseline for both critical infrastructure operators, as well as digital service providers. This directive, which is the first of its kind, comes after two years of negotiations. According to Young, “There’s going ...

December 2015, E-Commerce Law and Policy

October 6, 2015, Covington Alert

September 23, 2015, InsidePrivacy Blog

September 17, 2015, InsidePrivacy Blog

July 1, 2015, Webinar

June 12, 2015, InsidePrivacyBlog

May 13, 2015, Employment Lawyers Association Annual Conference (Leeds)

May 2015, Privacy Laws & Business UK Report

April 17, 2015, Global In-House Employment Lawyers' Society (Cliveden)

March 13, 2015, CDR News

February 28, 2015, InsidePrivacy Blog

February 5, 2015, Covington and China Luxury Advisors (London)

December 9, 2014, Microsoft eHealth Conference (Brussels)

October 15, 2014, Employment Lawyers Association (London)

October 6, 2014, Covington E-Alert

August 5, 2014

LONDON, 5 August, 2014 — Covington & Burling advised Illumina on its partnership with Genomics England to provide infrastructure and expertise for a four-year project that aims to make the UK the world leader in genetic research into cancer and rare diseases, through funding research to decode 100,000 human genomes - a patient's personal DNA code. The deal is ...

May 14, 2014, InsidePrivacy Blog

May 1, 2014, IAPP Europe (London)

May 2014, Privacy Laws & Business

April 17, 2014

WASHINGTON, DC, April 17, 2014 — Covington & Burling is pleased to announce the promotion of four lawyers to of counsel and three lawyers to special counsel, effective April 1, 2014. The new of counsel are as follows: Lindsay Burke advises U.S., international, and multinational employers on employee management issues and international HR compliance. Her domestic ...

April 8, 2014, InsidePrivacy Blog

March 15, 2014, InsidePrivacy Blog

February/March 2014, World Trademark Review

November 27, 2013, Covington E-Alert

October 24, 2013, InsidePrivacy Blog

October 24, 2013, Covington E-Alert

October 18, 2013, InsidePrivacy Blog

September 2013, Wayra

August 30, 2013, Covington E-Alert

June 26, 2013

LONDON, 26 June, 2013 — The UK Information Commissioner's Office has authorised GlaxoSmithKline’s 'Binding Corporate Rules' (BCRs) – a set of internal policies and procedures used to protect personal data across GSK’s operations globally. The privacy and data security team at Covington & Burling was instrumental in the development, implementation and ...

March 14, 2013, Inside Compensation

On 7 March 2013, the UK Information Commissioner’s Office (ICO) issued new guidance for employers on the use of personal devices for business purposes.  The guidance is largely informed by a survey commissioned by the ICO and carried out by the market research firm YouGov.  According to the survey, 47 percent of adults in the UK...… Continue Reading

March 14, 2013, InsideCompensation Blog

February 7, 2013, InsidePrivacy Blog

September 2012, Publisher Roundtable on Data Privacy in conjunction with The Publishers Association

March 27, 2012, Covington E-Alert

January 25, 2012, Covington E-Alert

December 8, 2011, Bloomberg Technology Law Report

July 2011, Privacy Laws & Business

March 8, 2011, InsidePrivacy Blog

February 15, 2011, EuroWatch

February 10, 2011, Covington Advisory

January 2011, 5th Annual Privacy & Data Protection Conference Ireland - The Law Society of Ireland (Dublin)

May 2010, Privacy Law & Business

March 2010, Westminster Legal Policy Forum and eForum Briefing Paper: Surveillance and Data Protection

November 20, 2009, Covington Advisory

October 2009, Privacy Law & Business

September 2009, Digital Publishing Forum, hosted by The Publishers Association, UCL, and EDItEUR

June 24, 2009, Covington E-Alert

June 2009, IT Law Today

March/April 2009, Landslide

October 2008, Trademark World

October 2008, Frankfurt Book Fair, International Publishers Association International Publishing Update 2008

September 2008, ICOMP Meeting (London)

July 19, 2008, Covington E-Alert

July/August 2008, World Trademark Review

July/August 2008, Trademark World

November 2007, presented at Edition Formation Entreprise (EFE) training day on e-commerce and pharmaceutical products (Paris)

September 2007, Patent World

8/6/2007

LONDON, 6 August, 2007 — Covington & Burling LLP is pleased to announce the appointment of two associates in the London office: Janet Kidd joins the European Life Sciences Group and Mark Young joins the European TMC Practice. Before qualifying as a solicitor, Janet spent 15 years in the pharmaceutical industry where she worked for household names such as Pfizer, ...

July/August 2007, Trademark World

October 2006, Computer and Telecommunications Law Review

August 2006, Entertainment Law Review

April 2006, E-Commerce Law & Policy

Summer 2005, International Journal of Law and Information Technology