Please click here to access the source post from our Global Regulatory Enforcement Law Blog.

In this blog, the authors delve into a significant decision by the German Federal Cartel Office (FCO) four years ago, accusing a major technology company of abusive behavior due to alleged violations of the General Data Protection Regulation (GDPR). Recently

On 12 June 2020, Enterprise Singapore and the Singapore Standards Council launched Technical Reference 76: the first-ever guidelines to set out a national standard for e-commerce transactions. The standard is aimed at boosting the digitalisation of SMEs, as well as the burgeoning e-commerce sector in Singapore.

Technical Reference 76 serves as a practical reference for e-retailers and online marketplaces. The guidelines cover a wide range of functions, from the pre-purchase activities of browsing and selection, to purchasing and payment processes, as well as post-purchase fulfilment, delivery, product tracking, returns, refunds and exchanges. They provide best practices for businesses looking to develop and implement the necessary operational procedures, customer support, merchant verification controls, as well as processes to ensure that consumer-facing communications are clear and enable customers to make informed choices.Continue Reading Singapore launches national e-commerce standard

Modern businesses have a more global reach than ever before. Technology has fundamentally changed the way employees work, communicate and collaborate. While global connectivity offers businesses opportunities, it also creates substantial challenges when it comes to archiving communications.

Earlier this month, we co-hosted a thought leadership event in New York City with Smarsh, a multinational

In a recent request for a preliminary ruling in a case concerning Amazon, the Advocate General Pitruzzella (AG) has given his opinion that the Consumer Rights Directive (2011/83/EU) (CRD) requires traders to offer their consumers a choice of means of communication, but this is not confined to the trader’s telephone number. The CRD includes the trader’s telephone number, fax number and e-mail address, “where available, to enable the consumer to contact the trader quickly and communicate with him efficiently”. The AG clarified that this is therefore not limited to a telephone number, and accordingly traders may use other means of communication with consumers as long as they are consistent with the technical means of the transaction being made.

Online trades imply sufficient knowledge of interacting over the internet

The Federation of German Consumer Organisations (Verbraucherzentrale Bundesverband) brought a claim asserting that Amazon did not offer sufficient contact channels to its consumers before the conclusion of an online sale – in spite of the online sales platform’s automated call-back facility and online chat service. There was a particular concern that consumers were not provided with the company’s fax number and were also prompted to follow an identity-verification process before they could have access to Amazon’s general helpline telephone number.Continue Reading Must online traders provide consumers with a contact telephone number? Advocate General says no…t necessarily

Singapore has set up a new Telecom Cybersecurity Strategic Committee (TCSC) to develop a plan to tackle ‘next-generation cyber threats’ in the telecommunications sector.

The committee is expected to publish a strategy report and outline a roadmap for telecommunications operators to develop cybersecurity capabilities later in 2019. The report and roadmap will include recommendations for new initiatives such as capability development, technology innovation, regulation and international partnerships.

In his opening address at the inaugural Infocomm Media Cybersecurity Conference on 25 January 2018, Dr Janil Puthucheary, senior minister of state for the Ministry of Communications and Information, highlighted the following points.

As “Singapore aims to be a Smart Nation and a leading digital economy”, there is a vital need for cybersecurity. He added that the telecom industry is key and fundamental to secure Singapore’s connectivity infrastructure and services.

The government and telecommunication industry players should collaborate on cybersecurity matters. To date, some examples of such collaborative efforts include:

  • The Infocomm Media Development Authority of Singapore (IMDA)’s launch of the Infocomm Singapore Computer Emergency Response Team in 2015 to respond to cybersecurity threats within the telecommunications and media sectors; and
  • IMDA’s revision in 2018 of the Telecommunications Cybersecurity Code of Practice to ensure that best practices from the industry can be applied to the telecom space.
  • The TCSC will identify challenges, key telecommunication technologies and market developments that will shape the cyber threat landscape. This is to ensure that Singapore keeps up to date on global, technological and industry trends.

Continue Reading Singapore announces series of initiatives to boost cybersecurity in the telecoms sector

Companies that employ algorithms, machine learning and artificial intelligence (AI) in their day-to-day business may face increased attention from federal antitrust and consumer protection regulators in the future. On November 13–14,  the Federal Trade Commission (FTC) addressed this topic in their hearings on “Competition and Consumer Protection in the 21st Century.” The panelists, an assembly

The Information Commissioner’s Office (ICO) has published its Technology Strategy for 2018 to 2021. The Strategy, part of the ICO’s focus on adapting to rapidly developing technologies, outlines eight “technology goals” and the measures that will be implemented to achieve them.

Technology goals

Broadly, these goals include increased technology training for the ICO’s staff and appointment of staff with technology expertise, greater public and industry engagement in terms of the data protection risks posed by technology, and engagement with other regulators internationally. It is apparent from the Strategy that the ICO is placing greater emphasis on adapting to the ever-changing technological environment, through increased engagement and enhancement of its technical expertise and technical solutions.

The ICO also commits to publishing further guidance and reports on the use of data protection design by default. This guidance will be “technically feasible and proportionate” and will likely include analysis of the data protection implications of emerging technologies, such as artificial intelligence (AI) and machine learning.Continue Reading ICO publishes Technology Strategy for 2018–2021

In the recent case of Sabados v Facebook Ireland [2018], the English High Court ordered Facebook to disclose the identity of a mystery individual who requested that the platform delete the profile of a deceased user of the platform.

Around six months after the death of Mr Mirza Krupalija, Facebook received a request from an individual to delete Mr Krupalija’s personal profile, as well as the page of his band. Facebook duly complied with this request, leaving his long-term partner, Ms Azra Sabados, “devastated by the loss of so much material”.

Ms Sabados made a subject access request to Facebook on the basis that some of that deleted information, (which included photographs, poems and messages between the couple) would have included her own personal data. In response to a subject access request, Facebook confirmed that the data from Mr Krupalija’s profile was no longer available and that it was not able to tell Ms Sabados who requested that her partner’s profile be deleted.Continue Reading The digital beyond: Facebook ordered to disclose circumstances around deleted profile

Earlier this month, the UK Department of Health and Social Care published an initial Code of Conduct for data-driven health and care technology. The code builds on the Department for Digital, Culture, Media and Sport’s Data Ethics Framework.

The code encourages the United Kingdom’s health and care system to form partnerships with suppliers of data-driven technologies, in order to deliver improved health care and position the United Kingdom as a “great place to do business on technology”.

Four key group stakeholders are identified by the code: patients and citizens, health and care professionals, commissioners, and innovators. The code aims to meet the “most important need” for each of these groups, which consist of those experiencing improved care, those delivering better care, those providing services that better meet users’ needs, and those working to make the United Kingdom become a centre for innovation.Continue Reading UK Code of Conduct for data-driven health and care technology