Sometimes I feel like weekly picks are akin to Moriarty popping up on your screen, just when you thought he was gone. Here again, “Did you miss me?” –Berry Picks in IT Law
🤖 Artificial Intelligence
The Council of Europe adopted the first international legally binding treaty on artificial intelligence (AI) to ensure respect for human rights, democracy, and the rule of law. The treaty covers the lifecycle of AI systems, adopting a risk-based approach to address potential negative consequences while promoting responsible innovation. It requires transparency, oversight, accountability, and equality, including gender equality and privacy rights. The treaty mandates measures to prevent AI from undermining democratic institutions and provides legal remedies for human rights violations. It also establishes an independent oversight mechanism and will be open for signature on September 5, 2024
A class action lawsuit was filed against LOVO, a Berkeley-based AI startup that created Genny (a publicly accessible AI-driven text-to-speech generator). The lawsuit alleges LOVO used actors’ voices without permission. Complainants claim that LOVO misled them into providing voice recordings for supposed academic research, which were later used commercially, including on a YouTube channel and in promotional materials. The lawsuit cites violations of New York Civil Rights Law, the New York Deceptive Practices Act, the False Advertising Act, and the Lanham Act, as well as claims of unjust enrichment, tortious interference, and fraud. The plaintiffs seek over $5,000,000 in damages, an injunction against further unauthorized use, restitution, punitive damages, and legal fees. This case underscores the complex legal issues arising from AI technology’s impact on personal rights, potentially setting significant precedents for protecting voice actors in the AI industry.
The Autorité de la concurrence, France’s competition authority, fined Google, its parent company Alphabet, and two subsidiaries €250 million for breaching a 2022 agreement related to using copyrighted news content. Google had pledged to negotiate in good faith with news publishers for compensation and provide transparency about how it profits from news content. However, the authority found that Google failed to share necessary information, did not provide full details on revenue from news content, and used news articles to train its Bard AI (now Gemini) without publisher consent or an opt-out option. Google introduced an opt-out tool, Google Extended, only in September 2023. The tiem for GenAI x copyright regulation is apparently now here.
🔏 Data Protection & Privacy
The EDPB published an opinion on the use of facial recognition to streamline airport passengers’ flow (compatibility with Articles 5(1)(e) and(f), 25 and 32 GDPR. The EDPB emphasized the heightened risks associated with biometric data, particularly facial recognition, and the necessity of impact assessments and exploring less intrusive alternatives. They assessed four scenarios of biometric data storage: individual device storage, centralized airport storage, centralized operator storage, and cloud storage by airlines. The EDPB concluded that storing biometric templates on individual devices under passenger control could comply with GDPR if proper safeguards are implemented. However, centralized storage within the airport, under the airport operator’s control, or in the cloud by airlines poses significant security risks and does not meet GDPR’s necessity and proportionality principles due to increased exposure to data breaches and prolonged data retention. The EDPB recommends less intrusive methods to achieve the same objectives without compromising data subjects’ rights and freedoms.
🛒 E-Commerce & Digital Consumer
The European Commission initiated formal proceedings to determine if Meta (Facebook and Instagram) has violated the DSA concerning the protection of minors. The investigation is based on concerns that Meta’s algorithms may encourage addictive behaviors and create “rabbit-hole effects” in children. Additionally, the Commission is scrutinizing Meta’s age-verification methods and overall compliance with DSA obligations to safeguard minors’ privacy, safety, and security. These proceedings follow a preliminary analysis of Meta’s risk assessment report and its responses to formal inquiries. The Commission will investigate Meta’s adherence to DSA requirements, particularly regarding the mitigation of risks linked to their platforms’ design and the effectiveness of age-verification tools. If violations are confirmed, it could mean breaches of Articles 28, 34, and 35 of the DSA. This follows previous proceedings against Meta for issues related to deceptive advertising and political content.
The Netherlands Authority for Consumers and Markets fined Epic Games €1,125,000 for “unfair commercial practices” in Fortnite, targeting children. The investigation revealed that Epic exploited children’s vulnerabilities by using urgent phrases like “get it now” and “buy now” in ads and employing countdown timers for items that remained available after the timer expired, creating a false sense of scarcity. Epic received two fines of €562,500 each for these practices. The ACM emphasized that traders must account for children’s susceptibility to such tactics. Epic has until June 10, 2024, to address these issues and has started by removing countdown timers and implementing changes to item availability. From May 24, 2024, items will only be visible to Dutch players under 18 if available for at least 48 hours. Epic reportedly plans to appeal the decision, stating the ACM’s findings contain factual errors. yes, grab your popcorn
📄 Recommended Readings
Here’s a few –in no particular order– of recent publications that piqued my interest this week. Remember to grab a cuppa and settle in for some riveting reading.
Power and dignity: the ends of online behavioral advertising in the European Union by Aleksandre Zardiashvili
Reconstitutionalising Privacy: EU-US data transfers and their impact on the rule of law, rights and trust by Franziska Boehm, Sergio Carrera & Valsamis Mitsilegas
Private Enforcement of the DMA Rules before the National Courts by Assimakis Komninos
Disclaimer: I am in no way affiliated with the authors or publishers in sharing these, and do not necessarily agree with the views contained within. I try to include mostly open access publications due to, well you know, accessibility of knowledge and science.
If you have any thoughts or suggestions on how to make this digest more enjoyable, feel free to drop a line. Your feedback is always welcome!
Featured image generated using Midjourney.
