The Digital Watcher

European telecoms and technology law and regulation

Thousands of European and US companies will have been relieved by the recent announcement that the EU-US Privacy Shield (the framework for regulating transatlantic exchanges of personal data) is secure for another year. However, it may be premature to rejoice: the EU Commission’s review highlighted two key issues: the continued reluctance by the US to institute fundamental safeguards for individuals’ personal data; and the imminent need to appoint an independent ombudsman. Coupled with the impending…
Data-driven technologies, particularly artificial intelligence and other complex algorithms, have the potential to enhance patient care and catalyse medical breakthroughs. However, these technologies are heavily reliant on data, which poses challenges in ensuring that patient information is handled in a safe, secure and legally compliant way. In response to early issues with the deployment of artificial intelligence and other algorithmic tools in healthcare, on 5 September 2018 the UK Department of Health & Social Care…
In today’s judgment, the UK Supreme Court held that rights-holders should bear the costs of implementing website blocking injunctions to prevent IP infringement. The judgment overturns the practice adopted by the English courts since 2011 of requiring internet service providers, as innocent intermediaries, to bear these costs.…
A recent judgment of the European Court makes it clear that in many circumstances more than one party may be a joint data controller. Whilst the judgment pre-dates the GDPR, its consideration of what constitutes ‘control’ and ‘joint control’ remains good law under the GDPR. The judgment means that parties who may have considered themselves ‘data processors’ in the past should review whether they are in fact ‘joint data controllers’ with others.…
On 13 September 2017, the Commission issued a proposal for a Regulation to strengthen the role of the EU Agency for Network and Information Security (ENISA) by: granting it a permanent mandate; clarifying its role as the information hub of the EU for cybersecurity; and tasking it with the responsibility of proactively contributing to policy in the area of network information and security. The proposal also introduces EU-wide cybersecurity certification schemes for ICT products and services, which…
On 14 September 2017 Ofcom, the UK communications industry regulator, adopted new statutory guidelines (Penalty Guidelines) on how it would assess and determine the penalties (fines) payable by regulated communications companies who breach their obligations under the Communications Act 2003 (Act). The revised guidelines follow Ofcom’s June 2017 adoption of new guidelines for enforcement in regulatory investigations (Enforcement Guidelines) and procedures for investigating breaches of competition related conditions in Broadcasting Act licences (…
The UK Government has released a “Future Partnership” paper setting out its vision for UK-EU data flows post-Brexit. In particular, the paper anticipates seeking an early UK-EU agreement that each area’s data protection laws provide equivalent protection, which would allow data to continue to flow between the EU, the UK and other third countries post-Brexit. …
With holiday season upon us, earlier this week Matt Hancock, the UK Government’s Digital Minister, announced proposals for a new UK data protection law. Previously covered on this blog here and here, little new of substance was announced, but in a slow news week, the announcement garnered significant UK media coverage and attention. …