ICO fine, Ofcom plan of work, RUSI paper on AI and national security, Joint Statement on contract tracing, IPO study, delay to drones law and national surveillance camera strategy in this week’s round-up of techlaw news from the past week.
Joint Statement on Digital Contact Tracing published
Alessandra Pierucci, Chair of the Committee of Convention 108, and Jean-Philippe Walter, Data Protection Commissioner of the Council of Europe, have published a joint statement on digital contact tracing. The statement says that because contact tracing tools use personal data, it is crucial to ensure that the measures and related data processing are necessary and proportionate in relation to the legitimate purpose pursued and that they reflect, at all stages, a fair balance between all interests concerned, and the rights and freedoms at stake. The statement considers, among other things, the effectiveness of the tools, trust, impact assessment and privacy by design, purpose specification, sensitivity, quality and minimisation of data, automated decision-making, de-identification, security, architecture, interoperability, transparency, and oversight and audit.
IPO publishes feasibility study on AI-assisted patent prior art searching
The Intellectual Property Office has published a research study. The IPO sought to understand the feasibility, technical complexities and effectiveness of using AI solutions to improve operational processes of registering IP rights. In particular, the IPO was interested in a proof of concept for an AI-powered prior art search/due diligence check that could form part of the online patent filing and patent examiner prior art searching processes. The study concludes that it is not possible to provide a fully automated solution as part of the patent application filing process.
RUSI publishes paper on AI and UK national security
The Royal United Services Institute for Defence and Security Studies was commissioned by GCHQ to conduct an independent research study into the use of AI for national security purposes. The aim was to establish an independent evidence base to inform future policy development regarding national security uses of AI. The findings show that AI offers numerous opportunities for the UK national security community to improve efficiency and effectiveness of existing processes. AI methods can rapidly derive insights from large, disparate datasets and identify connections that would otherwise go unnoticed by human operators. However, in the context of national security and the powers given to UK intelligence agencies, use of AI could give rise to additional privacy and human rights considerations which would need to be assessed within the existing legal and regulatory framework. For this reason, enhanced policy and guidance is needed to ensure the privacy and human rights implications of national security uses of AI are reviewed on an ongoing basis as new analysis methods are applied to data. The research highlights three ways in which intelligence agencies could seek to deploy AI: automation of administrative organisational processes; cybersecurity; and intelligence analysis, including natural language processing and audio-visual analysis, filtering and triage and behavioural analytics.
CAA announces delay to the applicability date of EU UAS Regulation on drones
Because of the disruption caused by the COVID19 outbreak, the CAA has announced that it will postpone the introduction of the new EU UAS Regulation within the UK, so the earliest that it will come into force will be 1 November 2020. The CAA says that is aware that the European Commission is also considering a postponement, but the decision on this may not be made for some time. The CAA has decided to make the decision to delay now to provide some certainty. It is possible that the EC may subsequently delay the applicability beyond 1 November, in which case the CAA will update its deadline. The CAA is updating its guidance to reflect the change.
National surveillance camera strategy for England and Wales updated
The Surveillance Camera Commissioner has published its updated national surveillance camera strategy for England and Wales. It contains information about the Surveillance Camera Commissioner's objectives and plans, including in relation to technology and data protection.
Black Lion Marketing Ltd fined £171,000 for making unsolicited direct marketing calls
The ICO has issued Black Lion Marketing Limited with a monetary penalty under section 55A of the Data Protection Act 1998. This was in relation to a breach of regulations 21 and 24 of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). 240,576 calls were made to subscribers who had been registered with the Telephone Preference Service. There were 233 complaints made regarding unsolicited direct marketing calls and no evidence of consent from subscribers. When considering the level of fine, the ICO also took into account the evidence that BLM Ltd used fictitious trading names in the course of its direct marketing; an action which would be likely to contravene the requirements of Regulation 24 of the PECR.
The European Parliament issues study on enforcement and co-operation between member states, e-Commerce and the future Digital Services Act
The European Parliament has issued a study on Enforcement and co-operation between member states, E-Commerce and the future Digital Services Act. The study presents an overview of possible options for an effective model of enforcement for a future Digital Services Act. Four key areas of regulatory design are emphasised; the failure of self-regulation in relation to platforms; the importance of correct regulatory framing; the necessity of focusing on the internal operations of platforms; and that the scope of a DSA should be limited but include robust transparency and enforcement measures. A range of enforcement strategies are then evaluated across a suite of Digital Single Market legislation, alongside barriers to member states’ cooperation and effective enforcement. The paper sets out several options for enforcement and concludes with a recommendation of a specific enforcement model for a new DSA.
Ofcom publishes plan of work 2020/21 and extends fibre networks consultation
Ofcom has published its plan of work for 2020/21 – setting out its priorities and work programme for the new financial year. Ofcom has adapted its plan to take account of the exceptional circumstances that have unfolded since its consultation. As well as supporting people and businesses through the current challenges, the strategic themes of its programme of work are: better broadband and mobile; fairness for customers; supporting UK broadcasting; ensuring online communications work for people and businesses; enabling strong, secure networks; sustaining the universal postal service; continuing to innovate in regulation and data to help people and businesses; increasing diversity and inclusion; and support through the EU exit transition period and continued international relationships. Ofcom’s focus is on delivering the work it had planned in full over the course of this year. However it will monitor the evolving coronavirus situation closely and keep plans flexible. To reflect this, it will publish an updated plan in September, as well as quarterly updates on its progress against the plan.
Separately, it has extended the deadline for responses to its proposals for promoting investment and competition in fibre networks to 22 May 2020.