This Week’s Techlaw News Round-Up

January 12, 2024

UK law

CMA sets out approach to new digital markets regime

The CMA has set out its provisional approach to implement Part 1 of the Digital Markets, Competition and Consumer Bill. The document is in response to a request from the Department for Business and Trade and the Department for Science, Innovation and Technology for the CMA to set out how it intends to implement the new digital markets regime provided for under Part 1 of the Digital Markets, Competition and Consumer Bill. The document details the principles that will guide the CMA’s approach to its new role, including: tailoring its actions to the specific problems that are identified; focusing on where it can have the most impact for people, businesses and the UK economy; engaging with a wide range of stakeholders; and operating with transparency.

House of Lords committee examines Automated Vehicle Bill

Members of the House of Lords started their detailed check of the Automated Vehicles Bill in committee stage, on Wednesday 10 January 2024. The Automated Vehicles Bill will implement the recommendations of the four-year review carried out by the Law Commissions of England & Wales and Scotland to set the legal framework for the safe deployment of self-driving vehicles across Great Britain.

EU law

European Data Act enters into force

The European Data Act entered into force on 11 January 2024. The new rules aim to encourage the use of data and ensure it is shared, stored and processed in compliance with EU laws. The Data Act also enables the public sector to access and use data held by the private sector to help respond to public emergencies, such as floods and wildfires. It will also protect European businesses from unfair contractual terms in data sharing contracts, aimed at helping small businesses take a more active part in the data market. The Data Act will become applicable in 20 months, that is, on 11 September 2025.

New Cybersecurity Regulation enters into force

The new Cybersecurity Regulation setting out measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the EU, entered into force on 7 January 2024. The Regulation sets out measures for the establishment of an internal cybersecurity risk management, governance and control framework for each Union entity, and sets up a new Interinstitutional Cybersecurity Board (IICB) to monitor and support its implementation by Union entities. It provides an extended mandate of the Computer Emergency Response Team for the EU institutions, bodies, offices and agencies (CERT-EU), as a threat intelligence, information exchange and incident response coordination hub, a central advisory body, and a service provider. Under the Regulation, the Union entities will establish internal cybersecurity governance processes and will progressively put in place specific cybersecurity risk management measures foreseen by the Regulation. The IICB will be set up and will become operational as soon as possible, with the objective to ensure the strategic steering to CERT-EU under its extended mandate, provide guidance and support to the Union entities and monitor the implementation of the Regulation.

Commission launches calls for contributions on competition in virtual worlds and generative AI

The European Commission has launched two calls for contributions on competition in virtual worlds and generative artificial intelligence and sent requests for information to several large digital players. All interested stakeholders are invited to share their experience and provide feedback on the level of competition in the context of virtual worlds and generative AI, and their insights on how competition law can help ensure that these new markets remain competitive. The European Commission will review the responses and may organise a workshop in the second quarter of 2024 to bring together all different perspectives emerging from the contributions and continue this reflection. In addition, the European Commission is looking into some of the agreements that have been concluded between large digital market players and generative AI developers and providers. The European Commission is investigating the impact of these partnerships on market dynamics. Finally, the European Commission is checking whether Microsoft’s investment in OpenAI might be reviewable under the EU Merger Regulation. Interested parties are invited to submit their responses to the calls for contributions by 11 March 2024.

Coimisiún na Meán designates Video-Sharing Platform Services

Coimisiún na Meán, Ireland’s new regulator for broadcasters, on-demand services, and online media has published details of the designation of ten services as named video-sharing platform services. The designation process for these services was completed during December 2023. They include among others, Facebook, Instagram, Udemy, X and Pinterest. The draft Online Safety Code, which is currently subject to public consultation, can be applied to these services. The finalised Code will form part of Ireland’s overall online safety framework, taking effect from February this year. This framework will make a range of online services legally accountable for how they keep people safe online. This framework is based on the Online Safety and Media Regulation Act 2022, the EU Digital Services Act and the EU Terrorist Content Online Regulation.