This Week’s Techlaw News Round-Up

April 28, 2023

UK law

Product Security and Telecommunications Infrastructure Act 2022 (Commencement No 2) Regulations 2023 SI 2023/469 made

The Regulations have been made to bring into force certain provisions in the Product Security and Telecommunications Infrastructure Act 2022. They are the second commencement regulations made under the Act. Regulation 2 brings into force on 26th April 2023 section 66 of the Act. Regulation 3 bring into force on 29th April 2024 those provisions in Part 1 of the Act which are not already in force. Section 66 of the Act inserts into the Electronic Communications Code a power for the Secretary of State to give a certificate to the court in certain circumstances. These circumstances are when an operators applies to the court for an order under paragraph 20, 26 or 27 of the Code which would impose an agreement between the operator and another person and where the Secretary of State is satisfied that such an order would be likely to prejudice national security, defence or law enforcement. The court must refuse the application of the Secretary of State gives such a certificate to the court. Part 1 of the Act creates a new regulatory regime for UK consumer connectable products and imposes duties on relevant persons who make these products available to customers in the UK.

Charities Commission issues guidance for trustees including on cryptoassets

The Charities Commission has issued guidance which explains the role strong internal financial controls play in ensuring trustees can safeguard their charity’s resources. The Department for Science, Innovation and Technology has published research which reported that 24% of charities experienced a cyber-attack in the last 12 months. The Charities Commission guidance now covers issues including using mobile payments systems, such as Google Pay and Apple Pay; and considering donations of cryptoassets, such as cryptocurrency and NFTs. Risks from cryptoassets highlighted include vulnerability to theft by hackers; potential sudden changes in value; difficulty in tracing donors, and a lack of protection from the Financial Services Compensation Scheme or the Financial Conduct Authority if something goes wrong.

EU law

European Commission selects Very Large Online Platforms and Search Engines

The European Commission has designated 17 Very Large Online Platforms (VLOPs) and two Very Large Online Search Engines (VLOSEs) under the Digital Services Act. The list of VLOPs includes, among others, Twitter, Amazon Store, Apple Appstore, Google Maps, Google Shopping, Snapchat, TikTok and the VLOSEs are Bing and Google. The designated companies reach at least 45 million monthly users. The platforms have been designated based on the user data that they had to publish by 17 February 2023. Following their designation, the companies will now have to comply, within four months, with the full set of new obligations under the DSA. These aim at empowering and protecting users online, including minors, by requiring the designated services to assess and mitigate their systemic risks and to provide robust content moderation tools.

European Commission calls for evidence for delegated Regulation on data access provided for in EU DSA

The European Commission is calling for evidence about a new framework for vetted researchers’ access to data from very large online platforms and very large search engines. This is a key measure of the Digital Services Act, to increase platforms’ transparency and accountability. The Commission is to adopt delegated acts to further specify the conditions under which sharing of data should take place and, the purposes for which the data may be used and relevant procedures, considering the rights and interests of those involved and, if necessary, independent advisory mechanisms. The call for evidence ends on 23 May 2023.