The 13th Berry Picks on the 12th is, a little, just the one wrong facing pavement stone. As you’ll see below, this unfortunate line up is the only unlucky aspect of the 13th regarding IT Law.
Aftershocks of the earthquake in Türkiye continue to be recorded. Here is more on the issue, and how you can help. Please consider helping and sharing with others.
🔏 Data Protection & Privacy
The UK released its draft data protection reform, the Data Protection and Digital Information (No. 2) Bill. The Bill was released with the title “British Businesses to Save Billions Under New UK Version of GDPR”: a Brexit production, coming soon to a theater near you. The Bill differs from the GDPR in various ways. A should-be-discussed-variation comes from the definition of data in terms of the “identifiable living individual”: identifiability by controller through reasonable means at the time of processing, and identifiability by a third party (as a result of the processing) as can be or ought to be known by the controller. The Bill expands on and lists (though non-exhaustive) instances of data controllers’ legitimate interests and scientific research activities, includes a new test for adequacy regulations in international transfers and more expansions on cookies and direct marketing, inter alia, of course.
Council of Europe’s Consultative Committee of the Convention for the protection of individuals with regard to automatic processing of personal data has adopted the Guidelines on National Digital Identity. The document lists the justifications of national digital identity schemes and systems (“NIDS”) and draws upon the privacy risks that may arise. an objective assessment of all interests at stake. The guidelines “promote an objective assessment of all interests at stake in supporting legitimate policy objectives all the while minimising risk to individuals and groups.”
🤖 Artificial Intelligence
The proposed AI Act is gathering speed with the adoption of particularly important definitions such as significant risk, biometric authentication and identification. Star of the show though: it is reported that an AI definition is looming, and has been seen to be overlapping largely with the OECD definition. Apparently, an initial definition reads “Artificial intelligence system” (AI system) means a machine-based system that is designed to operate with varying levels of autonomy and that can, for explicit or implicit objectives, generate output such as predictions, recommendations, or decisions influencing physical or virtual environments.“
🛒 E-Commerce & Digital Consumer
WhatsApp has agreed to “comply fully with EU rules, informing users better and respecting their choices on contract updates.” WhatsApp’s compliance comes after alleged unfair practices following updates on their terms of service and privacy policy. WhatsApp has undertaken to explain changes to users’ contracts and to include the possibility to reject updated terms of service as prominently as the possibility to accept them. The platform will also ensure that the notifications informing about updates can be dismissed or the review of the updates can be delayed, and that users can refrain from sending recurring notifications. We’re all on pink candy floss clouds.
🎩 Competition
The Turkish Competition Board (“Board”) concluded its examination on the acquisition of the sole control of Twitter Inc. by Elon Musk. The Board’s decision includes that the transaction was subject to authorisation under Turkish Law and that the transaction will be authorised as it would not result in significant lessening of competition. However, Elon Musk is fined one in thousand of the gross revenues generated in Türkiye in 2022 as the transaction was carried out without prior authorisation.
📡 Telecoms
The European Union Agency for Cybersecurity (“ENISA”) published two whole new reports on telecom cybersecurity challenges. The first looks at eSIMs (embedded SIMs), and the second at fog and edge computing in 5G.
📱Embedded Sim Ecosystem, Security Risks and Measures provides and overview of eSIM technology, assesses the market potential in Europe and includes security challenges identified and proposed mitigation measures.
📡 Fog and Edge Computing in 5G provides an overview of fog and edge technologies in terms of 5G, in relation to their architecture, attributes, and security aspects. The report also introduces the architectural approaches and applications, whilst outlining standardisation solutions and an analysis of applications scenarios.
📄 Recommended Readings
Here is a concise list –in no particular order– of recent publications that caught my eye this week.
The Implications of ChatGPT for Legal Services and Society -epilogue by Andrew Perlman
An iterative regulatory process for robot governance by Hadassah Drukarch, Carlos Calleja & Eduard Fosch-Villaronga
I am in no way affiliated with the authors or publishers in sharing these, and do not necessarily agree with the views contained within. I try to include mostly open access publications due to, well you know, accessibility of knowledge and science.
One thought to “Berry Picks in IT Law #13”