Mark Young

London

Featured in: Favicon

routledge.com Favicon

lexology.com Favicon

lexblog.com Favicon

giejournal.org Favicon

iclg.com

Articles

NIS2 implementation enters the final stretch - six months to deadline

Apr 18, 2024 | lexblog.com | Mark Young |Paul Maynard |Aleksander Aleksiev

In six months’ time, on 17 October 2024, Member State laws that transpose the EU’s revised Network and Information Systems Directive (“NIS2”) will start to apply. As described in more detail in our earlier blog post (here), NIS2 significantly expands the categories of organizations that fall within scope of EU cybersecurity legislation.
NIS2 implementation enters the final stretch - six months to deadline

Apr 18, 2024 | lexology.com | Mark Young |Paul Maynard |Aleksander Aleksiev

In six months’ time, on 17 October 2024, Member State laws that transpose the EU’s revised Network and Information Systems Directive (“NIS2”) will start to apply. As described in more detail in our earlier blog post (here), NIS2 significantly expands the categories of organizations that fall within scope of EU cybersecurity legislation.
Maintenance and Philosophy of Technology: Keeping Things Going

Mar 17, 2024 | routledge.com | Mark Young |Mark Coeckelbergh

Table of Contents Book Description1st EditionEdited By Mark Thomas Young, Mark CoeckelberghCopyright 2024346 Pages13 B/W IllustrationsbyRoutledge What can we learn about the nature of technology by studying practices of maintenance and repair? This volume addresses this question by bringing together scholarship from philosophers of technology working at the forefront of this emerging and exciting topic.
The Cyber Resilience Act is One Step Closer to Becoming Law

Mar 13, 2024 | lexblog.com | Mark Young |Paul Maynard

Yesterday, the European Parliament approved the Cyber Resilience Act (“CRA”), which sets out cybersecurity requirements for “products with digital elements” (“PDEs”) placed on the EU market. The term PDE is defined broadly to include both hardware and software products, such as antivirus software, VPNs, smart home devices, connected toys, and wearables. The approved text is available here.
The Cyber Resilience Act is One Step Closer to Becoming Law

Mar 13, 2024 | lexology.com | Mark Young |Paul Maynard

Yesterday, the European Parliament approved the Cyber Resilience Act (“CRA”), which sets out cybersecurity requirements for “products with digital elements” (“PDEs”) placed on the EU market. The term PDE is defined broadly to include both hardware and software products, such as antivirus software, VPNs, smart home devices, connected toys, and wearables. The approved text is available here.
UK ICO launches a consultation on “Consent or Pay” business models

Mar 8, 2024 | lexblog.com | Mark Young |Paul Maynard

On 6 March 2024, the ICO issued a on so-called “Consent or pay” models, where a user of a service has the option to consent to processing of their data for one or more purposes (typically targeted advertising), or pay a (higher) fee to access the service without their data being processed for those purposes. This is sometimes referred to as “pay or okay”. The ICO has provided an “initial view” of these models, stating that UK data protection law does not outright prohibit them.
Cyber security laws and reporting obligations in Europe

Dec 13, 2023 | cdr-news.com | Mark Young

Mark Young, special counsel in Covington & Burling’s London technology and media practice, outl... Mark Young, special counsel in Covington & Burling’s London technology and media practice, outlines the legislative and policy obligations companies face in the threat of cyber-attacksAlmost every week we hear about a new cyber-attack, resulting in massive losses of data, interrupted services and negative PR for the organisations concerned. The scale of the problem is daunting.
EU cyber regulation wave quietly rolls on - Commission set to finalize new cyber standards

Dec 5, 2023 | lexblog.com | Mark Young |Aleksander Aleksiev |Bart M.J. Szewczyk

Having served in senior advisory positions in the U.S. government, Bart Szewczyk advises on European and global public policy, particularly on technology, trade and foreign investment, business and human rights, and environmental, social, and governance issues, as well as conducts international arbitration. He also teaches grand strategy as an Adjunct Professor at Sciences Po in Paris and is a Nonresident Senior Fellow at the German Marshall Fund.
EU cyber regulation wave quietly rolls on - Commission set to finalize new cyber standards

Dec 5, 2023 | lexology.com | Mark Young |Aleksander Aleksiev |Bart M.J. Szewczyk

The recently agreed Cyber Resilience Act isn’t the only new EU cybersecurity rule set to be published this December: by the end of the year, the European Commission is expected to adopt its draft regulations to establish a European cybersecurity certification scheme (“ECCS”). Once finalized, the ECCS will be issued under the European Union’s Cybersecurity Act which allows for voluntary accreditation against the ECCS.
The EU’s Cyber Resilience Act Has Now Been Agreed

Dec 1, 2023 | lexblog.com | Mark Young |Aleksander Aleksiev

Yesterday, the European Commission, Council and Parliament announced that they had reached an agreement on the text of the Cyber Resilience Act (“CRA”). As a result, the CRA now looks set to finish its journey through the EU legislative process early next year. As we explained in our prior post about the Commission proposal (here), the CRA will introduce new cybersecurity obligations for a range of digital products sold in Europe.