October 6, 2015, CNBC Europe

Mark Young discussed a ruling from the highest court in the EU that invalidated a key EU-US data sharing agreement.

March 2016, eHealth Law & Policy

March 17, 2016, Covington Workshop

February 19, 2016, Law360

Mark Young and Libbie Canter are quoted in this Law360 article offering tips on how deal makers can mitigate cybersecurity risks.  According to Young, any discovered incidents can give buyers pause on how  — and if — they want to move forward. “We’ve dealt with at least a couple examples where deals were at least delayed if not reconsidered because of ...

March 15, 2014, InsidePrivacy Blog

October 2, 2017

WASHINGTON—Covington has promoted 16 lawyers to its partnership. “It’s a great tribute to the firm’s vibrancy that we’re continuing to build an exceptional pipeline of new partners from within our ranks,” said Timothy Hester, Covington’s chair. “We’re confident that all 16 will add importantly to the firm’s strengths and will drive further expansion of core ...

September 20, 2017, Inside Privacy

Last week, in his annual State of the European Union Address, the President of the European Commission Jean-Claude Juncker called out cybersecurity as a key priority for the European Union in the year ahead.  In terms of ranking priorities, President Juncker placed tackling cyber threats just one place below the EU leading the fight against...… Continue Reading

September 18, 2017, Covington Alert

Last week, in his annual State of the European Union Address, the President of the European Commission Jean-Claude Juncker called out cybersecurity as a key priority for the European Union in the year ahead. In terms of ranking those priorities, President Juncker placed tackling cyber threats just one place below the EU leading the fight against climate change, ...

August 31, 2017, Inside Privacy

Earlier this month, the UK Government published a consultation on plans to implement the EU Directive on security of network and information systems (the “NIS Directive”, otherwise known as the Cybersecurity Directive).  The consultation includes a proposal to fine firms that fail to implement “appropriate and proportionate security measures” up to EUR 20 ...

August 10, 2017, The Wall Street Journal

Mark Young is quoted in The Wall Street Journal's "Morning Risk Report" in an article regarding the Network and Information Systems directive. According to Young, “This is another data-related compliance requirement and it carries heavy penalties for failure to have in place appropriate network security measures."

June 22, 2017, API-IOGP Cybersecurity Europe Conference for the Oil and Natural Gas Industry

June 21, 2017, Facebook Design Jam

May 24, 2017, Covington Alert

One year from today, on May 25, 2018, employers will have to comply with a new data protection law, commonly referred to as the General Data Protection Regulation (the “GDPR”). This alert provides a practical checklist of key considerations for employers and human resources professionals preparing for the new regime, ahead of its implementation next year.

May 17, 2017, Covington Alert

Last Friday may mark the start of a new era in cyber crime. The first worldwide ransomware attack, commonly dubbed “WannaCry,” emerged on May 12. The malware is believed to have infected more than 300,000 computers in 150 countries to date. A cyber criminal or ring of criminals, taking advantage of an exploit made available by the ShadowBrokers hacker group that reportedly uses tools stolen from the U.S. National Security Agency, propagated an attack that installs malware to encrypt users’ data unless a ransom in Bitcoin is paid within a few days. While the actual ransom payment losses have reportedly been minimal, the more serious result of these attacks has been the disruption to victims’ business activities.

March 2017, Computer Law Review International

February 15, 2017, Webinar

January 24, 2017, Law360

Mark Young, Jennifer Martin, and Ian Hargreaves are quoted in a Law360 article regarding the high level of cyberattacks on the financial services industry and the resulting regulatory pressures. According to Young, “The GDPR [General Data Protection Regulation] is a massive text with groundbreaking change in the data privacy area, in terms of compliance ...

October 19, 2016, Inside Privacy

On Wednesday October 19, 2016 the Court of Justice of European Union (“CJEU”) issued its judgment in Case C-582/14, Patrick Breyer v Germany.  The CJEU held that a “dynamic” IP address constitutes personal data (agreeing with the Opinion of the Advocate General from May this year).  Dynamic IP addresses qualify as personal data, even if...… Continue Reading

October 19, 2016, Webinar

October 6, 2016, Inside Privacy

On October 5, 2016, the UK Information Commissioner’s Office (“ICO”) fined telecoms company TalkTalk a record £400,000 for failing to put in place appropriate data security measures and allowing a cyber-attacker to access TalkTalk customer data “with ease.”  The ICO highlighted several  technical and organizational deficiencies as justification for issuing its ...

August 10, 2016, Webinar

2017

Our Brexit Task Force is staffed by senior lawyers and advisors across London, Brussels, and Washington to monitor events and to keep clients apprised of legal, regulatory, and policy developments. We are advising clients across a wide range of businesses and industries on the impact and implications of Brexit, including on strategic policy and regulatory ...

June 24, 2016, Covington Alert

The UK has voted to leave the European Union in an advisory referendum. 52% leave - 48% remain. Were the UK to leave the EU, this would have significant implications for the UK and for international businesses operating in the UK. The longer term impact of the decision on the regulatory framework for the UK will depend, in part, on the relationship that the UK ...

June 21, 2016, Webinar

June 21, 2016

SILICON VALLEY—Covington advised Tencent Holdings Limited, a leading provider of internet service in China, in connection with its acquisition of a majority stake in Supercell from SoftBank. A consortium established by Tencent will acquire up to 84% of Supercell for $8.6 billion in a transaction valuing Supercell at approximately $10.2 billion. Supercell is a ...

May 26, 2016, Webinar

May 17, 2016, Inside Privacy

The EU Network and Information Security (NIS) Directive now looks likely to enter into force in August of this year.  Member States will then have 21 months to implement it into national law before the new security and incident notification obligations will start to apply to the following entities: designated* “operators of essential services” within...… ...

April 21, 2016, Covington Workshop

April 21, 2016, Webinar

March 1, 2016, Inside Privacy

The UK’s data protection regulator, the Information Commissioner’s Office (“ICO”), has imposed a fine of £350,000 on Prodial Ltd (“Prodial”) for making over 46 million unsolicited automated telephone calls to generate leads in relation to payment protection insurance refunds.  This is the highest fine issued by the ICO to date. The ICO investigated the ...

February 25, 2016, Webinar

February 23, 2016, Employment Lawyers Association

February 18, 2016, Inside Privacy

Industry eagerly awaits further guidance from data protection authorities (“DPAs”) relating to the EU-U.S. Privacy Shield as well as on the validity (or otherwise) of other mechanisms for transfers to the U.S. such as standard contractual clauses (“SCCs”) and binding corporate rules (“BCRs”).  As we explained in recent posts (here and here), publication of ...

February 18, 2016, Covington Alert

January 21, 2016, Covington Webinar

January 15, 2016, Inside Privacy

By Mark Young and Vera Coughlan Formal adoption of the EU Network and Information Security (NIS) Directive is a step closer following a vote on January 14 by the European Parliament’s internal market and consumer protection (IMCO) committee. As we reported in December, the European institutions reached an informal political agreement on the NIS Directive...… ...

December 21, 2015, Covington Alert

December 8, 2015, Inside Privacy

On December 7, 2015, the European institutions reached an informal agreement on the EU Network and Information Security (NIS) Directive — dubbed the Cybersecurity Directive (see press release from the Council).  Among other things, the NIS Directive imposes security and incident reporting obligations on operators of essential services in critical sectors and on ...

December 8, 2015, Law360

Mark Young is quoted in a Law360 article discussing the EU Network and Information Security Directive, which sets a cybersecurity and breach reporting baseline for both critical infrastructure operators, as well as digital service providers. This directive, which is the first of its kind, comes after two years of negotiations. According to Young, “There’s going ...

December 8, 2015, InsidePrivacy Blog

December 2015, E-Commerce Law and Policy

October 6, 2015, Inside Privacy

Today, the Court of Justice of the European Union (the “CJEU”) invalidated the European Commission’s Decision on the EU-U.S. Safe Harbor arrangement (Commission Decision 2000/520 – see here). The Court responded to pre-judicial questions put forward by the Irish High Court in the so-called Schrems case. More specifically, the High Court had enquired, in ...

October 6, 2015, Covington Alert

September 23, 2015, InsidePrivacy Blog

September 17, 2015, InsidePrivacy Blog

July 1, 2015, Webinar

June 12, 2015, InsidePrivacyBlog

May 13, 2015, Employment Lawyers Association Annual Conference (Leeds)

May 2015, Privacy Laws & Business UK Report

April 17, 2015, Global In-House Employment Lawyers' Society (Cliveden)

March 13, 2015, CDR News

February 28, 2015, InsidePrivacy Blog

February 5, 2015, Covington and China Luxury Advisors (London)

December 9, 2014, Microsoft eHealth Conference (Brussels)

October 15, 2014, Employment Lawyers Association (London)

October 6, 2014, Covington E-Alert

August 5, 2014

LONDON, 5 August, 2014 — Covington & Burling advised Illumina on its partnership with Genomics England to provide infrastructure and expertise for a four-year project that aims to make the UK the world leader in genetic research into cancer and rare diseases, through funding research to decode 100,000 human genomes - a patient's personal DNA code. The deal is ...

May 14, 2014, InsidePrivacy Blog

May 1, 2014, IAPP Europe (London)

May 2014, Privacy Laws & Business

April 17, 2014

WASHINGTON, DC, April 17, 2014 — Covington & Burling is pleased to announce the promotion of four lawyers to of counsel and three lawyers to special counsel, effective April 1, 2014. The new of counsel are as follows: Lindsay Burke advises U.S., international, and multinational employers on employee management issues and international HR compliance. Her domestic ...

April 8, 2014, InsidePrivacy Blog

February/March 2014, World Trademark Review

November 27, 2013, Covington E-Alert

October 24, 2013, InsidePrivacy Blog

October 24, 2013, Covington E-Alert

October 18, 2013, InsidePrivacy Blog

September 2013, Wayra

August 30, 2013, Covington E-Alert

June 26, 2013

LONDON, 26 June, 2013 — The UK Information Commissioner's Office has authorised GlaxoSmithKline’s 'Binding Corporate Rules' (BCRs) – a set of internal policies and procedures used to protect personal data across GSK’s operations globally. The privacy and data security team at Covington & Burling was instrumental in the development, implementation and ...

March 14, 2013, Inside Compensation

On 7 March 2013, the UK Information Commissioner’s Office (ICO) issued new guidance for employers on the use of personal devices for business purposes.  The guidance is largely informed by a survey commissioned by the ICO and carried out by the market research firm YouGov.  According to the survey, 47 percent of adults in the UK...… Continue Reading

March 14, 2013, InsideCompensation Blog

February 7, 2013, InsidePrivacy Blog

September 2012, Publisher Roundtable on Data Privacy in conjunction with The Publishers Association

March 27, 2012, Covington E-Alert

January 25, 2012, Covington E-Alert

December 8, 2011, Bloomberg Technology Law Report

July 2011, Privacy Laws & Business

March 8, 2011, InsidePrivacy Blog

February 15, 2011, EuroWatch

February 10, 2011, Covington Advisory

January 2011, 5th Annual Privacy & Data Protection Conference Ireland - The Law Society of Ireland (Dublin)

May 2010, Privacy Law & Business

March 2010, Westminster Legal Policy Forum and eForum Briefing Paper: Surveillance and Data Protection

November 20, 2009, Covington Advisory

October 2009, Privacy Law & Business

September 2009, Digital Publishing Forum, hosted by The Publishers Association, UCL, and EDItEUR

June 24, 2009, Covington E-Alert

June 2009, IT Law Today

March/April 2009, Landslide

October 2008, Trademark World

October 2008, Frankfurt Book Fair, International Publishers Association International Publishing Update 2008

September 2008, ICOMP Meeting (London)

July 19, 2008, Covington E-Alert

July/August 2008, World Trademark Review

July/August 2008, Trademark World

November 2007, presented at Edition Formation Entreprise (EFE) training day on e-commerce and pharmaceutical products (Paris)

September 2007, Patent World

8/6/2007

LONDON, 6 August, 2007 — Covington & Burling LLP is pleased to announce the appointment of two associates in the London office: Janet Kidd joins the European Life Sciences Group and Mark Young joins the European TMC Practice. Before qualifying as a solicitor, Janet spent 15 years in the pharmaceutical industry where she worked for household names such as Pfizer, ...

July/August 2007, Trademark World

October 2006, Computer and Telecommunications Law Review

August 2006, Entertainment Law Review

April 2006, E-Commerce Law & Policy

Summer 2005, International Journal of Law and Information Technology