Hello and welcome to the 19th week of Sunday morning shorts of IT Law updates. And a few weeks worth of shorts where data protection and privacy is not the main focus- an incident about which I am still shaken (EU lawyers will obvs agree as to why). Regardless, happy reading!
🎩 Competition
Google offers to commit to offer app developers the freedom to break away from Google Play’s billing system and use alternatives to process in-app payments. The move comes after UK’s CMA (“Competition and Markets Authority”) opened an investigation into Google’s conduct regarding distribution of apps on Android devices in the UK. The investigation is based in particular on Google Play’s rules which oblige certain app developers to use Google Play’s own billing system for in-app purchases. Under Google’s new proposal, app developers would be able to offer a different payment system of their choosing (Developer-only Billing’ (“DOB”)), or offer users a choice between an alternative payment system and Google Play’s billing system (User Choice Billing (“UCB”)). Consultations now open!
🔐 Cybersecurity
The European Commission has launched its proposal for a Cyber Solidarity Act. The Act aims to boost cooperation in preparation for and response to major cyber attacks. The proposal includes establishing a European Cyber Shield, made up of national and cross-border Security Operations Centres (SOCs), and creating a Cyber Emergency Mechanism with a new EU Cybersecurity Reserve for crisis response. The new regulation would also establish a Cybersecurity Incident Review Mechanism for post-incident reviews.
The EC also launched the Cybersecurity Skills Academy to address the growing demand for skilled cybersecurity professionals in the EU. The academy aims to increase the number of professionals in the field, close the gap between supply and demand, and enhance the quality and certification of cybersecurity skills. It will also facilitate public-private cooperation and ensure compliance with cybersecurity legal and policy requirements. Academics, training providers, and industry actors will have access to information on job market trends, funding opportunities, and inspiration for designing cybersecurity curricula.
🔏 Data Protection & Privacy
The European Data Protection Board (“EDPB”) adopted a final version of the Guidelines on the right of access of data subjects. These Guidelines shed light on the scope and aim of the right, the information that controllers must provide, access request formats, and modalities for providing access. For those of you that appreciate visuals and flowcharts, scroll down to page 61, though it lacks variation in colour and my favourite as you may have guess- emojis.
The EDPB also released updated Guidelines for identifying a controller or processor’s lead supervisory authority and Guidelines on data breach notification. These Guidelines now clarify that controllers bear the responsibility for notification. In response to stakeholders’ concerns about notifying multiple DPAs, the EDPB will publish a contact list for data breach notification with relevant links and accepted languages for all EEA DPAs on its website. An exhilarating dive into data protection guidelines overall.
🛒 E-Commerce & Digital Consumer
The EU Council reported to circulate a third compromise text on the proposal for a new Product Liability Directive (“PLD”), with clarification of the circumstances under which software providers would be held liable. The proposal aims to synchronise EU product liability regime with recent technological developments and would hold manufacturers, including software providers, liable for material damage caused by their products. Liability could be transferred if a substantial modification to the product caused the defect. The PLD does not cover non-material damages like discrimination and privacy infringement, but compensation can be sought on other legal grounds.
👩🏼🎨 Intellectual Property
The Court of Justice of the EU (“CJEU”) ruled broadcasting music in passenger transport constitutes a “communication to the public”, but installing sound equipment or software for broadcasting background music on a means of transport does not. Reason? The transport operator, knowingly and deliberately, provides customers access to the protected work, and the work is communicated to a public, as it reaches a significant number of people simultaneously or successively during transport. The ruling disregards the profit-making nature of such activities as a decisive factor for communication to the public.
🐆 AI in the Wild
OpenAI cofounder Greg Brockman showcased unreleased ChatGPT plug-ins in Session 2 of TED2023. Need a recipe, a visual of the recipe, a recording of this conversation, the ingredients, and a tweet of all of this? Don’t fret- there’s an AI for that. ChatGPT will now give you all of these with simple prompts. No need for those long conversations where you introduce all different components to ChatGPT. If your biggest recent flex was writing the best prompts (it’s me I’m the flex), be grateful for your few weeks worth of fame and move on. AI is taking all of our party tricks.
📄 Recommended Readings
Here’s a brief, yet dashing list –in no particular order– of recent publications that piqued my interest this week. Remember to grab a cuppa and settle in for some riveting reading.
Intellectual Property Law in Gaming and Artificial Intelligence by Enrico Bonadio & Alina Trapova
Mind over matter: Examining the implications of machine brain interfaces on privacy and data protection under the GDPR by Sabire Sanem Yılmaz & Habibe Deniz Seval
Disclaimer: I am in no way affiliated with the authors or publishers in sharing these, and do not necessarily agree with the views contained within. I try to include mostly open access publications due to, well you know, accessibility of knowledge and science.
So there you have it, folks – another week in the fascinating realm of IT Law. Remember to pop back next week for your latest dose of legal updates, served with a twist. Cheerio!
If you have any thoughts or suggestions on how to make this digest even more enjoyable, feel free to drop a line. Your feedback is always welcome!
Featured image generated using Midjourney.
