Tech Law News Round-Up

July 18, 2019

European Commission opens investigation into possible anti-competitive conduct of Amazon

The European Commission has opened a formal antitrust investigation to assess whether Amazon’s use of sensitive data from independent retailers who sell on its marketplace is in breach of EU competition rules. 

The Commission intends to review the standard agreements between Amazon and marketplace sellers, which allow Amazon’s retail business to analyse and use third party seller data. It will focus on whether and how the use of accumulated marketplace seller data by Amazon as a retailer affects competition; and the role of data in the selection of the winners of the “Buy Box” and the impact of Amazon’s potential use of competitively sensitive marketplace seller information on that selection. The “Buy Box” is displayed prominently on Amazon and allows customers to add items from a specific retailer directly into their shopping carts. Winning the “Buy Box” seems key for marketplace sellers as a vast majority of transactions are done through it  If proven, the practices under investigation may breach EU competition rules on anti-competitive agreements between companies (Article 101 of the Treaty on the Functioning of the European Union and/or on the abuse of a dominant position (Article 102). The opening of a formal investigation does not prejudge its outcome.

Common Understanding of G7 Competition Authorities on “Competition and the Digital Economy” published

The competition authorities of the G7 nations have published a common understanding on competition and the digital economy. It reflects the G7 competition authorities’ common understanding of the issues raised by the digital economy for competition analysis. The initiative seeks to include competition law among the relevant issues to be considered in the context of the digital economy, and to provide competition enforcers with an opportunity to further advance current thinking and cooperation on competition issues.

Guidelines 3/2019 on processing of personal data through video devices (on which stakeholders may comment before 9 September 2019), Joint Opinion 1/2019 on the processing of patients’ data and the role of the European Commission within the eHealth Digital Service Infrastructure and Joint Response to the LIBE Committee on the impact of the US Cloud Act on the European legal framework for personal data protection.

House of Commons Science and Technology Committee publishes report on Biometrics Commissioner and Forensic Science Regulator

The House of Commons Science and Technology Select Committee has published a report on the Biometrics Commissioner and Forensic Science Regulator.  The Committee expresses concern that the long-term viability of the market for forensic science services and the significant risk that

this poses to the effective functioning of a criminal justice system. Although the Biometrics Strategy has been published, the Committee argues that it lacks a coherent, forward looking vision and fails to address the legislative vacuum around new biometrics. The UK government should learn from the Scottish Government’s approach to biometrics and commission an independent review of options for the use and retention of biometric data that is not currently covered by the Protection of Freedoms Act 2012. The results of the review should be published along with a government response, and a public consultation should follow. This process should culminate in legislation being brought forward that seeks to govern current and future biometric technologies. The Committee also calls on the government to issue a moratorium on the current use of facial recognition technology and says no further trials should take place until a legislative framework has been introduced and guidance on trial protocols, and an oversight and evaluation system, has been established.

Former motor industry worker ordered to pay £25,500 from proceeds of data theft

A motor industry employee has been ordered to pay a £25,500 confiscation order in a case brought by the ICO.  He had previously worked for an accident repair firm and gained access to thousands of customer records without permission. He used his colleagues’ log-in details to access a software system that estimates the cost of vehicle repairs, known as Audatex. He continued to do this after he started a new job at a different car repair organisation which used the same software system. The records contained customers’ names, phone numbers, vehicle and accident information. This led to an investigation by the ICO and, in November 2018, he became the first person to be imprisoned following an ICO prosecution, which was brought under the Computer Misuse Act 1990. He was also ordered to pay £8,000 costs.