Time flies when you’re having fun, or if it’s been a pretty uneventful week in terms of IT law? Either way, it’s never flatlined, and for that we here are grateful. Scroll down for the same number of consumer news as data news. I know, we’re full of surprises here.
🎩 Competition
The Netherlands Authority for Consumers and Markets (“ACM”) rejected Apple’s objections over penalty payments for abuse of its dominant position. The AMC had imposed these orders on Apple, back in August 2021, for imposing unfair conditions on dating-app providers, particularly concerning in-app payment processing and referring to external payment methods. Despite a provisional-relief judge reducing the penalty, ACM found Apple non-compliant post-grace period, leading to a €50 million penalty. Apple’s objections, focusing on ACM’s alleged wrong market definition, dominance, and abuse, were deemed invalid. Sometimes you need to just own up to it.
🔐 Cybersecurity
The European Commission published a recommendation on critical technology areas for the EU’s economic security for further risk assessment with Member States. The recommendation includes thoroughly reviewing and evaluating the risks associated with four crucial technology areas—Advanced Semiconductors, Artificial Intelligence, Quantum Technologies, and Biotechnologies—by the end of 2023. The call to action arises from the growing geopolitical tensions and rapid tech evolution, aiming to identify and scrutinize major vulnerabilities, especially focusing on the security aspects of these technologies and their potential misuse in both civil and military fields, as well as in human rights contexts. With this joint risk assessment, the Commission is looking to spark an ongoing conversation among the Member States and the private sector.
🔏 Data Protection & Privacy
The CJEU delivered its decision on the COVID-19 mobile application case (Case C-659/22). The case revolved around whether the use of an application for verifying “infection-free” conditions constituted processing by automated means of personal data. The app, by scanning COVID certificates, allowed temporary access to personal data to check compliance with sanitary rules. The Court held that processing under the GDPR had a broad scope, affirming that displaying information on a screen can be considered data processing under GDPR, even without data storage or transfer.
A European Parliament study was published on the emergence of non-personal data markets. The document highlights the potential of non-personal data markets, especially in the transport and energy sectors, despite challenges like data ownership and standardization. The study advocates for broader standardization, enhanced data literacy, and further regulatory measures to mitigate risks and promote a data-sharing culture across sectors.
🛒 E-Commerce & Digital Consumer
The CJEU issued a decision stating that a consumer’s right to withdraw from an initially free and automatically extended subscription made via distance contract is guaranteed only once. However, if the consumer has not been informed in a clear, comprehensible and explicit manner, when booking the subscription, that after the initial free period payment will be required for that subscription, he or she must have a new right of withdrawal after that period. A moment of silence for all those free-initial-period-turned-into-paid-subscriptions we’ve all most likely had. Moves on in guilty.
An FTC report found online shopping scams are the most commonly reported social media scam, but consumers reported losing more money to investment scams, in the year 2023. The report revealed a whopping $2.7 billion in reported losses since 2021, and that’s likely just the tip of the iceberg. Scammers exploit social media by fabricating personas or hacking profiles to deceive individuals’ contacts, and use advertisement tools to target potential victims. It seems no age group is spared, although the younger lot seems to bear the brunt of it. To mitigate risks, individuals are advised to tighten privacy settings, verify unexpected requests from contacts, exercise caution with new online acquaintances, and research companies before making purchases. Using common sense is always encouraged.
📄 Recommended Readings
Here’s a couple –in no particular order– of recent publications that piqued my interest this week. Remember to grab a cuppa and settle in for some riveting reading.
The outcome efficacy of the entity risk management requirements of the NIS 2 Directive by Donald David Stewart Ferguson
Developing Artificial Intelligence-Based Content Creation: Are EU Copyright and Antitrust Law Fit for Purpose? by Juha Vesala
Disclaimer: I am in no way affiliated with the authors or publishers in sharing these, and do not necessarily agree with the views contained within. I try to include mostly open access publications due to, well you know, accessibility of knowledge and science.
If you have any thoughts or suggestions on how to make this newsletter more enjoyable, feel free to drop a line. Your feedback is always welcome!
Featured image generated using Midjourney.
