Ted Karch

Associate

Ted Karch received his law degree from Stanford Law School in 2016.

Subscribe to all posts by Ted Karch

Covington Artificial Intelligence Update: China’s Framework of AI Standards Moves Ahead

China has set out on an ambitious agenda of aiming to become the world leader in artificial intelligence by 2030. Policy experiments for a critical part of China’s AI development strategy, and to that end multiple government think tanks have set out formulating standards that may impact AI innovation in China. The China Electronics Standardization … Continue Reading

China Seeks Public Comments for Draft Cybersecurity Regulations

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply with different levels of … Continue Reading

Updates to California Auto-Renewal Law Take Effect on July 1, 2018

Companies that offer or are considering subscription-based plans should take note that new requirements for automatic renewal offers (“auto-renewals”) take effect in California on July 1, 2018.  California Senate Bill No. 313 (“SB 313”) amends existing law to extend additional protections to consumers where an auto-renewal offer includes a free gift or trial or where … Continue Reading

Interactive Advertising Bureau Europe Opens Registration for Transparency and Consent Framework

IAB Europe opened the registration process for vendors and consent management providers (“CMPs”) to apply for approved status under IAB Europe’s Transparency and Consent Framework (“Framework”). The Framework intends to provide publishers that have decided that the interest-based advertising products available on their platforms require user consent to deploy a standardized framework to (1) disclose … Continue Reading

Covington Artificial Intelligence Update: China’s Vision for The Next Generation of AI

Artificial intelligence promises to be a paradigm shift for many applications from manufacturing to finance, and from defense to education.  Given the vast potential, focus on AI has sharpened around the world, including in China.  Decision makers in Beijing and around the country are paying attention and have begun shaping a legal and policy regime … Continue Reading

California Bill Would Mandate Expedient Software Updates for Credit Bureaus

Following the Equifax data breach in 2017, there has been heightened awareness surrounding how credit reporting agencies handle consumers’ personal information. At the same time, recent high-profile attacks, such as the “WannaCry” ransomware attacks, have focused media and regulatory attention on vulnerabilities associated with unpatched systems. In response to these two concerns, on January 10, … Continue Reading

California Bill Poised to Change Regime Governing the Internet of Things

A bill pending in the California legislature, if passed, would create new obligations for manufacturers of “connected devices.” S.B. 327 (also known as the “Teddy Bear and Toaster Act”) would operate somewhat differently than existing laws, such as the California Online Privacy Protection Act (“CalOPPA”). Security obligations. Manufacturers of connected devices that sell those devices … Continue Reading

China Seeks Public Comments on Draft Regulation on the Protection of Critical Information Infrastructure

On July 11, 2017, the Cyberspace Administration of China (CAC) released the draft Regulation on the Protection of the Critical Information Infrastructure (“Draft Regulation”) for public comment (official Chinese version available here). The comment period ends on August 10, 2017. Aiming to add greater clarification to the Cybersecurity Law, which took effect on June 1, … Continue Reading

Chinese Authorities Release Catalog of Network and Cybersecurity Products Subject to Pre-Sale Inspection

On June 9, 2017, the Cyberspace Administration of China (“CAC”), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch) (“the Catalog,” original Chinese version available here).  It specifies network products that must be certified before they can be marketed in China. China’s Cybersecurity Law (see our … Continue Reading

Three Weeks On: What We Know about The Enforcement of China’s Cybersecurity Law – Part 3

Part 3 of this three-part entry discusses a separate, but equally important, legal development in China’s data protection environment. On May 8, 2017, the Supreme People’s Court and the Supreme People’s Procuratorate issued an interpretation of criminal law regarding infringement of citizens’ personal information (the “Interpretation”).  The Interpretation examines the provision in China’s Criminal Law, … Continue Reading

Three Weeks On: What We Know about The Enforcement of China’s Cybersecurity Law – Part 2

Part 1 of this post clarified which parts of China’s latest Cybersecurity Law (the “Law”) are currently ready to be enforced and which parts are awaiting clarification in the form of implementing regulations or standards. In this post, we will discuss latest landscape of implementing regulations and national standards that supplement the Law.   Implementing … Continue Reading

Three Weeks On: What We Know about The Enforcement of China’s Cybersecurity Law – Part 1

On June 1, 2017, China’s new Cybersecurity Law (the “Law”) finally went into effect. It is the first Chinese law that systematically lays out the regulatory requirements on data privacy and cybersecurity, subjecting to government scrutiny many activities in cyberspace that were previously unregulated or addressed in a sector-by-sector fashion. Three weeks after the Law … Continue Reading

New Proposed Standard Sheds Light on Cross-Border Security Assessment in China

On May 27, 2017, China’s National Information Security Standardization Technical Committee (“NISSTC”), a standard-setting committee jointly supervised by the Standardization Administration of China (“SAC”) and the Cyberspace Administration of China (“CAC”), released Information Security Technology – Guidelines for Data Cross-Border Transfer Security Assessment (Draft Version) (the “draft Standard”) for public comments.  The official Chinese version of … Continue Reading

NAI and DAA Launch New Opt-Out Tools

The Network Advertising Initiative and the Digital Advertising Alliance jointly launched new opt-out tools today.  These tools (available at both the NAI and DAA pages) offer users a simple interface to learn more about and exercise choice over interest-based advertising.  They are designed to have an optimized interface for mobile devices and an intuitive display … Continue Reading

“Cybersecurity Review” Takes Shape in China

When China’s Cybersecurity Law was enacted last November, one question (among many) that surfaced was how the government would implement the “national security review” that the law requires for certain network products and services.  The law, which takes effect this June, provides that any network products and services that might affect national security procured by … Continue Reading

FTC Releases Cross-Device Tracking Report

The Federal Trade Commission yesterday released its report on cross-device tracking.  The report, which follows the Commission’s November 2015 Cross-Device Tracking Workshop, describes some of the current approaches to track consumers across multiple connected devices, discusses industry self-regulatory approaches to protect consumer privacy, and offers recommendations for how to apply longstanding FTC principles like transparency, … Continue Reading

House Members Reintroduce Email Privacy Act

On January 9, 2017, Representatives Kevin Yoder (R-Kan.) and Jared Polis (D-Colo.) reintroduced the Email Privacy Act.  According to Rep. Yoder’s spokesman, the text of the bill is similar to the version the House of Representatives unanimously approved last April, but which did not pass the Senate.  As we previously reported, the proposed changes would … Continue Reading

Data Breach Allegations Sufficient for Standing After Spokeo, Court Says

On Monday, the U.S. District Court for the District of Kansas ruled that the named plaintiff for a putative class of CareCentrix employees whose personal information was compromised had alleged enough harm for standing under Spokeo, Inc. v. Robins.  The case is Hapka v. CareCentrix, Inc. In early 2016, a phishing attack compromised defendant CareCentrix’s systems, … Continue Reading

California Attorney General Issues Recommendations for Privacy in Ed Tech

On November 2, 2016, California Attorney General Kamala Harris released a report outlining best practices for the education technology industry (“Ed Tech”).  In Ready for School: Recommendations for the Ed Tech Industry to Protect the Privacy of Student Data, Attorney General Harris noted the need to implement robust safeguards for collection, use, and sharing of … Continue Reading
LexBlog