Regulations Archives - Tech Research Online

WeRide Partnership Takes Uber Robotaxis to the UAE

Silvia Hart — Wed, 25 Sep 2024 17:20:30 +0000

American ride-hailing company Uber has announced a strategic partnership with Guangzhou-based self-driving company, WeRide. Reuters reported that the Uber-WeRide deal will involve adding WeRide cars to Uber’s ride sharing platform and taking Uber robotaxis to the UAE. The two traveltech companies made their partnership public on Wednesday, September 25.

A Win-Win Situation

The Guangzhou WeRide Uber partnership is a win-win for the two companies. This is the first time that WeRide is collaborating with a global ride-hailing company, The Uber partnership will enable WeRide to expand its operations beyond the Chinese borders.

For Uber, the partnership presents an opportunity to incorporate more robotaxis into its platform. Uber has collaborated with several autonomous vehicle companies lately as it seeks to maintain its lead in the ride-hailing space.

Earlier this month, the ride-hailing company partnered with Waymo to onboard its robotaxis in Atlanta and Austin in the US. In August this year, Uber partnered with Cruise, the robotaxi unit at General Motors. Cruise robotaxis will operate through Uber’s autonomous vehicle platform from 2025.

Uber also announced a deal with Chinese electric vehicle manufacturer, BYD. The Uber BYD deal will see Uber add 100,000 Chinese-manufactured electric cars to its fleet of cars globally. Uber is currently working with UK-based autonomous vehicle company, Wayve. Uber made a strategic investment into Wayve to facilitate further development of its AI-powered self-driving technology.

UAE Entry

The collaboration between Uber and WeRide is set to commence in Abu Dhabi later this year. This means that when passengers request rides on the Uber app, they may be given the option of picking an Uber Chinese robotaxi in the UAE.

WeRide secured a national license for autonomous vehicles in the UAE in July this year. The Middle East has become the go-to market for many Chinese autonomous vehicle companies due to its friendly regulatory environment and funding.

With its first and only national license for self-driving vehicles, the Chinese company can test and operate robotaxis on public roads across the UAE.

The Regulation Challenge

WeRide has made attempts to list its shares in the US with a $5 billion valuation. However, this is yet to happen as its initial public offering was delayed. The company said it was completing the necessary documentation to proceed with the listing.

Regulation continues to pose a challenge to the entry of Chinese autonomous vehicles technology into the US market. On September 23, the Biden administration proposed new requirements that prohibit Chinese auto manufacturers from testing their autonomous vehicles on US roads. This includes vehicle hardware and software produced by US foreign adversaries like Russia.

Outside the US, Uber is contending with data protection challenges. Last month, the ride-hailing platform was slapped with a $324 million fine in the Netherlands. Dutch regulators fined the company after it established that Uber had been sending sensitive personal data belonging to Dutch drivers to the US without their consent. This violates the EU data protection laws.

The post WeRide Partnership Takes Uber Robotaxis to the UAE appeared first on Tech Research Online.

New US Regulator Bank Rules Set to Protect FinTech’s and Customer Funds

Ashley Cromwell — Thu, 19 Sep 2024 17:25:14 +0000

US Federal Deposit Insurance Corporation (FDIC) is set to introduce strict rules and regulations for banks that work with fintech companies.

According to Reuters, the new US regulator bank rules will require banks to reinforce recordkeeping for accounts that fintech companies hold on behalf of customers.

Custodial Accounts

In a statement posted on the FDIC website, the US regulator noted that banks hold customer funds in individual deposit accounts. Fintech companies- which are typically non-bank firms, don’t place funds belonging to their customers in individual accounts within banks. Instead, all customer funds are lumped up together in a one custodial account in a bank.

Often, custodial accounts hold funds belonging to thousands of fintech customers. This means that banks that host such accounts for fintechs may not necessarily know the individual owners of the funds held in the custodial accounts.

The new FDIC proposal for banks seeks to change this situation. Under the proposed rules, FDIC-insured banks will be required to maintain accurate records of individual owners of funds held in custodial accounts. Additionally, such banks will be expected to reconcile accounts for each individual owner each day.

Safeguarding Customer Funds

FDIC’s bank proposal comes months after Synapse Financial Technologies collapsed early this year. Synapse was a bank-fintech middleman whose collapse led to the freezing of numerous accounts. Through the new rules, the banking regulator will ensure that customers can access their funds in a timely manner, even in situations where there is a failure on the part of the bank.

“The Notice of Proposed Rulemaking approved by the FDIC Board today is an important step to ensure that banks know the actual owner of deposits placed in a bank by a third party such as Synapse, whether the deposit has actually been placed in the banks, and that the banks are able to provide the depositor their funds even if the third party fails,” FDIC Chairman Martin J. Gruenberg said.

Under the new US regulator strengthened rules third parties such as Synapse will have to maintain beneficiary records for as long as they meet specific requirements. These requirements include banks maintaining open access to beneficiary records even in the event of insolvency or bankruptcy.

Synapse filed a bankruptcy application in April 2024. Accounts belonging to thousands of customers from partner banks were frozen. One of its partner banks, Evolve Bank & Trust, was providing banking services like deposit accounts to fintech firms.

Bank Merger Regulation

The US banking regulator is planning to introduce a new policy to tighten scrutiny of bank mergers that combine banks with assets that are valued at over $100 million. The new policy will underscore the need to maintain stability in the banking sector. The policy is set to update FDIC’s merger guidelines that have been in existence for the last 16 years.

The post New US Regulator Bank Rules Set to Protect FinTech’s and Customer Funds appeared first on Tech Research Online.

Yelp Sues Google for Self-Preferencing Customer Reviews

Eric Watkins — Thu, 29 Aug 2024 09:37:57 +0000

Review website Yelp has sued Google over illegal monopoly in local search. Yelp sued Google for prioritizing its reviews over those of competitors. The latest antitrust lawsuit points to the growing legal challenge that the search giant continues to face weeks after a US Judge ruled that Google is an illegal monopoly.

According to Yahoo Finance, the online review site alleges that Google has an unfair advantage in the local search market and advertising.

Anticompetitive Conduct

Yelp has considered Google’s conduct as anticompetitive for over a decade now. The California-based firm has been striving to compete with Google in local search and advertising by developing detailed reviews of local businesses like beauty parlors and restaurants.

The timing of the Yelp Google antitrust legal suit suggests that more businesses may take action against the search giant in the coming months. Besides businesses, government agencies have stepped up antitrust probes against big tech companies. In June this year, US agencies agreed to commence probes on OpenAI, Microsoft, and Nvidia.

Speaking in an interview, Aaron Schur, Yelp’s General Counsel said that Yelp drew from Google’s antitrust case ruling earlier this month to demonstrate that the tech giant used its monopoly power to dominate other spaces.

“Our case is asserting that Google has abused that illegal monopoly in general search that has already been decided by Judge Mehta, and it’s using that monopoly to self-preference that inferior content in the adjacent market of local search and also the local search advertising market,” Schur said.

Self-Preferencing

Yelp’s lawsuit is about stopping Google from prioritizing its reviews above those of competitors. The lawsuit outlines how Google sought to get users off its search page and onto the web fast. This move led to the creation of thriving ecosystems like Yelp that provided consumers with the information they were seeking.

However, Google decided to enter into this market when it noticed how lucrative it was to help users find which pizza to order or which handyman to hire.

“First and foremost we want Google to end its unlawful self-preferencing- which hurts consumers, hurts competition, and hurts the businesses that pay for local search advertising. That is really what we are focused on in this case,” Schur said.

In a statement released by Google’s spokesperson, the tech giant said it will mount a vigorous defense against Yelp’s allegations that the company considers to lack merit. Google says that Yelp’s claims are not new and that similar allegations had been dismissed by the Federal Trade Commission a few years ago.

A Long Battle

Yelp has been accusing Google of monopolizing the internet search market in the US and the EU for several years now. Specifically, the online review company has been accusing Google of using its dominance to place its reviews higher than those of rivals on search results.

In the wake of the landmark antitrust ruling, the US Department of Justice is considering pursuing a forceful break up of the tech giant. If this happens, this will be the first push to break up a company for illegal monopolization in two decades after efforts to split Microsoft failed. A forceful breakup of the tech giant would be the largest in the US since the 1980’s when AT&T was dismantled.

The DoJ may opt for a less severe option like requiring the tech giant to share data with rivals or eliminating its default status in mobile devices.

The post Yelp Sues Google for Self-Preferencing Customer Reviews appeared first on Tech Research Online.

The Essential Guide to Data Masking

Tech Research Online — Tue, 18 Jun 2024 17:16:58 +0000

Data masking (or data anonymisation) is increasingly used to protect sensitive data (e.g., personally identifiable information or PII) from unauthorised disclosure risks and to comply with strict privacy regulations (e.g., GDPR, HIPAA, CCPA).

The post The Essential Guide to Data Masking appeared first on Tech Research Online.

Top 10 Strategies to Ensure GDPR Compliance Across Industries

James Hughes — Thu, 31 Aug 2023 11:06:27 +0000

Introduction

In May 2018, the General Data Protection Regulation (GDPR) took effect in the European Union. This law was enacted to curb widespread data breaches that exposed personal data, putting the security and trust of citizens at risk. With non-compliance fines exceeding €20 million, the GDPR is perhaps the most strict data privacy protection law in the world.

GDPR provisions apply to all industries as long as a company collects and processes personal data from residents of the European Union. It gives EU residents control of their personal data. Companies that collect such data must do so in accordance with the regulations while respecting the right of data owners to control their data. They must also protect private data from exploitation, misuse, and compromise.

10 Strategies for Boosting GDPR Compliance in Every Industry

Below are 10 easy strategies to help your company become GDPR-compliant in 2024:

1. Conduct a Personal Data Audit

The first strategy that companies can use to ensure GDPR compliance across industries in 2024 is auditing the personal data. The audit should identify the nature of private data the companies hold, the source and who it’s shared with.

GDPR regulations place responsibilities on companies to adhere to data protection principles that include putting in place effective procedures and policies. For example, companies must inform their partners of any data anomalies and inaccuracies they note in the data they share for purposes of making corrections.

2. Document Legal Reasons for Processing Personal Data

Another GDPR compliance strategy is to change corporate data privacy rights based on legal reasons for collecting and processing personal data. For instance, where companies use consent as their legal basis, regulators can demand deletion of the data. To avoid this, identifying and documenting legal reasons for collecting and processing personal data will be critical. Companies must also understand the different kinds of data processing they conduct.

3. Commission a Data Protection Impact Assessment

This assessment helps in identifying and mitigating risks relating to collection and processing of personal data. Understanding the gaps and risks enables you to craft relevant policies and take the right security measures.

4. Review the Privacy Policy

GDPR compliance requires companies to guarantee data owners or subjects of their personal data rights. In 2024, companies can review their privacy policies to ensure that website visitors and customers can:

Ask them to delete their personal data
Deny permission to process their data
Ask and receive all the details a company collect about them
Rectify and update inaccurate or incomplete information
Place restrictions on how the company uses their data
Get a copy of the personal data the company holds and stores
Ask for information on how the company uses their personal data

5. Review Consent Procedures

GDPR compliance requires companies to be more transparent in the way they collect, process and use personally identifiable information. In 2024, companies can comply with this requirement by reviewing their consent procedure. They can align their procedures to GDPR requirements by demonstrating that they:

Inform people about collection of personal data in advance
Give them a valid reason for collecting their data
Limit data collection to the specified reason
Seek consent to process data from data owners through opt-ins or check boxes
Specify the duration of data storage
Inform their audience of changes to the data collection process

6. Improve Data Security

Under the GDPR compliance requirements, the responsibility to protect private data from exploitation, misuse, and compromise lies with data collectors and processors. In 2024, companies can comply with this requirement by adopting better cybersecurity solutions. These include:

Protecting networks with VPNs, firewalls and layered approaches
Securing data through the use of up-to-date antivirus, data backups, encryptions, and tokenization
Implementing insider risk management tactics like monitoring employees, analyzing user and entity behavior and tracking third-party activities
Managing access controls through multi-factor authentication, identity management and private access

7. Get a Designated Data Protection Officer (DPO)

Another strategy that will ensure GDPR compliance in the business world is having a designated officer to handle data protection issues within companies. The DPO function can be outsourced or hired in-house to ensure a company complies with the IT requirements in the GDPR. The key roles of a DPO is to create awareness about GDPR requirements, support data protection impact assessments, monitor GDPR compliance, and report risks relating to data breach.

8. Document GDPR Compliance Procedures

Part of GDPR compliance is your ability to demonstrate adherence to the regulation and provide evidence that data processing complies to legal and security requirements. An effective way to do this is to document internal compliance processes, including how you secure personal data. Some of the essential documentation to include in your documentation are:

Details of data protection officer and controllers
Descriptions of the administrative and technical data security measures you implement
Flow of data in your company
Results of the data protection impact assessment

9. Set Up Data Breach Procedures

Personal data breaches like identity theft that are likely to harm data subjects must be reported as soon as they occur. This GDPR requirement means that companies must establish clear processes of detecting, reporting and probing data breaches. It’s important to note that failing to report data breaches can attract multiple fines under the GDPR.

10. Create GDPR Awareness

Sensitize employees and decision makers about GDPR regulations and data security practices. This awareness can enhance their cooperation and mobilize resources (financial, human resources, and technical) necessary for GDPR compliance. It would also help them to understand the impact of non-compliance to the company.

Conclusion

For many companies, complying with the GDPR can feel overwhelming. But this doesn’t have to be the case. Legal adherence can become easier for your company if you focus on implementing the GDPR compliance practices and strategies discussed above.

The post Top 10 Strategies to Ensure GDPR Compliance Across Industries appeared first on Tech Research Online.