A law aimed at establishing a digital majority and combating online hate (the “Digital Majority Law” or “Law”) was enacted on 7 July 2023[1]. 1. The Digital Majority Law creates new obligations for social network service providers operating in France. According to this Law, an online social network service is defined as “any platform enabling end-users to connect and communicate with each other, share content and discover other users and content, across multiple devices, in…
In a significant step towards modernizing the European Union (EU) design protection system, the Council and the European Parliament reached a provisional agreement on December 5, 2023, to modernize Council Regulation (EC) No 6/2002 of 12 December 2001 on Community designs and Directive 98/71/EC on the European Parliament and of the Council of 13 October 1998 on the legal protection of designs (“EU Design Protection System”). The EU Design Protection System has been in force…
Late in the evening on Friday 8 December in Brussels was a historic moment for AI regulation in Europe. After three days of extensive final debate the EU Parliament, Council and Commission finally announced provisional agreement on the EU AI Act, the bloc’s landmark legislation regulating development and use of AI in Europe. It is one of the world’s first comprehensive attempts to regulate the use of AI. The EU AI Act awaits formal adoption…
What makes the Regulatory Sandbox that Spain has just approved (on November 9; coinciding with the Spanish presidency of the Commission of the European Union) so interesting? It is a sort of practical “general rehearsal” of compliance with the future EU AI Act. Participating companies will be able to make mistakes and learn without incurring the legal risks that will follow from non-compliance with the EU AI Act, when it enters into force. In addition,…
The EU has published its draft Standard Contractual Clauses for the procurement of AI (AI SCCs). These are drafted for public organisations wishing to procure AI systems developed by an external supplier, and are based on the requirements for high-risk AI systems in the EU AI Act. The AI SCCs might be a good starting point, but dig a little deeper, and you’ll find that the clauses are based on some fundamental (but questionable) assumptions.…
*Article originally posted on Law.com authored by Cassandre Coyer at LegalTech News.* This summer marked a key development in the history of data transfers between the U.S. and European Union when the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework after two prior invalidated agreements. But whether that milestone is translating to a wave of companies registering to get certified under the new framework is less apparent. Given the looming possibility of a Schrems…
Brief refresher on the Data Governance Act (DGA): We covered the new wave of EU data-centric legislation that is being implemented to usher in stronger regulatory guardrails for data in our recent article on the EU Data Strategy, with one of the discussed laws being the Data Governance Act. The Data Governance Act (DGA) is aimed at increasing accessibility to data by regulating the re-use of publicly held protected data, increasing data sharing through the…
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”). US companies that participate in the DPF will be deemed to provide “adequate protection” under Article 45 of the EU General Data Protection Regulation (“GDPR”) for personal data transfers received from the European Union (“EU”) and European Economic Area (“EEA”). Why did the EC need to adopt the adequacy decision for the DPF? As we have previously written, the…
The European Data Act is part of a comprehensive package of data-focused regulations proposed in February 2020 to achieve Europe’s data strategy. The strategy recognises that individuals are at the centre of data generation and that the use of personal data must prioritise its data subject’s protection but it also identifies that much of the data created is non-personal and represents an untapped source of growth and innovation. This is why the EU seeks to strike a…
The US Office of the Director of National Intelligence (“ODNI”) announced today that it has fully implemented new safeguards under Executive Order 14086. See INTEL – ODNI Releases IC Procedures Implementing New Safeguards in Executive Order 14086. These steps clear the path for the European Commission to adopt the draft “adequacy decision” for cross-border data transfers pursuant to the EU-U.S. Data Privacy Framework. By way of brief background, in July 2020, the Court of Justice…