This week’s Techlaw News Round-Up

March 27, 2020

Ofcom suspends work due to coronavirus outbreak

Ofcom has issued a statement on its work in the light of the coronavirus outbreak.  Its priority for its sectors through the coming months is to maintain support for consumers and businesses. It recognises that its planned work programme will need to be adapted and rescheduled so that time and effort can be focused on business-critical matters. It is also ready to adapt its regulatory approach during this period. Ofcom will publish a revised plan of work at the end of April and provide a revised timetable. However, it is confirming in advance that it is suspending all existing consultation deadlines and information requests and putting on hold new consultations, decisions and information requests.  It is discussing with the UK government the implementation deadlines of the European Electronic Communications Code. At the same time, Ofcom needs to ensure markets operate with integrity, and measures to ensure fairness for customers remain important. Accuracy in broadcasting is essential, and it will expedite any standards enforcement cases involving potentially harmful broadcast content relating to the coronavirus. Finally it says that it will take a pragmatic approach to enforcement during this time. Compliance with regulatory obligations continues to be important. However, Ofcom recognises that the impact of the coronavirus means that it will not always be possible to meet these obligations. In such circumstances, industry should take decisions that support critical services, vulnerable people and those who are relying on communications services. It will support those decisions where they are in the interests of consumers and businesses. 

DCMS extends deadline for call for evidence relating to online advertising

In light of the coronavirus outbreak, the DCMS has extended the deadline for responses to its online advertising call for evidence from 23 March to 6 April.

Scottish AI strategy consultation deadline extended

The public consultation on The AI of the Possible: Developing Scotland’s Artificial Intelligence Strategy opened on 17 February 2020. The consultation was due to close on 27 March 2020 but in light of the current ongoing COVID-19 situation the deadline has been extended to 8 May 2020.

DCMS Sub-committee issues Online Harms and Disinformation call for evidence

The DCMS Sub-committee on Online Harms and Disinformation has issued a call for evidence relating to COVID-19. It plans to hold hearings with social media companies among others to focus on what is being done to tackle deliberate attempts to present false narratives about COVID-19. Examples sent in by members of the public will be considered as evidence to be presented to the Government and to social media companies. The call ends on 20 April 2020.

CMA alleges music firms illegally prevented discounts

The Competition and Markets Authority has issued separate Statements of Objections to Roland and Korg, which supply electronic drum kits, and hi-tech music equipment and synthesizers to UK retailers. The CMA has provisionally decided that both companies operated policies restricting online price competition. The CMA’s investigations follow recent fines issued to the keyboard supplier Casio and the guitar maker Fender for similar behaviour. Developments in software have also made it easier for suppliers and retailers to monitor online prices, with Roland and Korg both subscribing to these services. As a result, suppliers can identify lower online prices and put pressure on retailers to increase them. This is also likely to force more retailers to comply with pricing rules in the first place, for fear of being caught and sanctioned. The CMA’s findings are provisional, and no final decision has been made about whether there has been a breach of competition law. The CMA says that it will now carefully consider any representations from both companies before reaching any final decision in either case.

EDPB issues statement on processing personal data in context of COVID-19

The European Data Protection Board has adopted a formal statement on the processing of personal data in the context of the COVID-19 outbreak. The statement considers the lawfulness of processing, the core principles relating to processing personal data, the use of mobile location data and employment-related data issues.

IAB issues guidance on transparency in digital advertising

IAB Europe’s Programmatic Trading Committee has launched a third version of its Supply Chain Transparency Guide. Now in its third version, the guide provides a mechanism by which industry players can gain transparency in the key areas of data, cost and inventory source. It lists the crucial questions stakeholders from each digital advertising category should ask at different stages of the supply chain. A new Quality & Transparency Task Force has also been established. The role of the Task Force is to mitigate quality and transparency concerns among the stakeholder community and to work with the industry to boost consumer trust and encourage continued brand investment.  

ICO fines council employee £400 for illegally deleted audio file

A council employee has been fined £400 for an offence under Section 77 of the Freedom of Information Act of deliberately obstructing records with the intent to prevent disclosure. A town clerk was entrusted with the role of ‘proper officer’ whose responsibility it is to handle FOI requests to the council. An individual asked for a copy of the audio recording of a council meeting. The requester believed that elements of the written minutes of this meeting had been fabricated, and requested the audio file to see if this was the case. They were informed that the file had already been deleted according to council policy. A complaint was then sent by the requester to the ICO and, following an investigation, the ICO discovered that the clerk was, after initially denying it, aware of the FOI request and had deleted the audio file some days later. Section 77 of the FOIA states a person “is guilty of an offence if he alters, defaces, blocks, erases, destroys or conceals any record held by the public authority, with the intention of preventing the disclosure by that authority of all, or any part, of the information to the communication of which the applicant would have been entitled.”

ICO and SCC launch updated data protection impact assessment template and guidance

The Surveillance Camera Commissioner and ICO have updated the data protection impact assessment for surveillance cameras. The new template and associated guidance notes are jointly issued by the Commissioners to fully reflect updated data protection requirements as set out in the Data Protection Act 2018 and the General Data Protection Regulation as well as comply with the requirements of the Protection of Freedoms Act 2012.  Where organisations are operating surveillance cameras in public places they are required to carry out a data protection impact assessment. Organisations who are introducing new surveillance camera systems or upgrading existing systems can use the template to help them ensure they are complying with relevant legislation.

Insurance Europe publishes response to EDPB consultation on processing personal data related to connected vehicles and mobility related application

Insurance Europe has published its response to a consultation by the European Data Protection Board (EDPB) on draft guidelines on processing personal data related to connected vehicles and mobility related applications, where it called for several clarifications to be made. The guidelines should be revised to fully recognise the equal footing of all legal bases under the GDPR that allow insurers to access and process data from connected vehicles, so that they can continue to provide telematics-based insurance products. Moreover, the guidelines should be adjusted to reflect a better understanding of how insurance telematics works in practice. Finally, the guidelines should show a more flexible approach to insurer’s access to raw data to enable them to provide innovative telematics products that customers demand. For example, the guidelines should acknowledge that an insurer needs access to at least one identifier to know which policyholder they are dealing with, so they can deliver the right service and charge the correct individual.

BEREC and the European Commission issue statement on network connectivity

The Body of the European Regulators of Electronic Communications and the European Commission have issued a joint statement on how to cope with the increased traffic load due to the COVID-19 pandemic and is setting up a special process to monitor the situation and be ready to respond to any crisis of supply on the telecom network.

EDPS closes investigation into European Parliament’s 2019 election activities

The European Data Protection Supervisor has closed its investigation into the European Parliament’s use of a US-based political campaigning company to process personal data as part of its activities relating to the 2019 EU parliamentary elections. Taking into account previous controversy surrounding the company, the EDPS launched an investigation in February 2019, to determine whether the Parliament’s use of the website, and the related processing of personal data, complied with the rules applicable to the EU institutions, set out in Regulation (EU) 2018/1725. The investigation resulted in the first ever EDPS reprimands issued to an EU institution.