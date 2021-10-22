CMA publishes compliance guidance for auto-renewing antivirus contracts, FCA perimeter report calls for legislative change to protect consumers, MHRA launches public consultation on future of medical device regulation, New Phone paid Services Authority Code in force on 5 April 2022 and more in this week’s round-up of UK and international techlaw news developments not covered elsewhere on the SCL website.

UK



CMA publishes compliance guidance for auto-renewing antivirus contracts



The CMA has published new Compliance Principles for anti-virus software businesses that use automatically renewing contracts with consumers in the UK. It says that following the principles will help businesses to comply with consumer protection law. The CMA has written to anti-virus companies across the sector calling on them to review their current auto-renewal practices and terms and, where necessary, change them to help ensure they are treating their customers fairly and align with the Compliance Principles. This follows the conclusion of CMA enforcement action earlier in 2021, which led to leading anti-virus software providers giving formal commitments (as part of the CMA’s McAfee investigation and Norton investigation) to make changes designed to make their automatically renewing contracts easier to understand and exit, as well as ensuring customers who auto-renew have extended refund rights.



FCA perimeter report calls for legislative change to protect consumers



The FCA publishes an annual Perimeter Report as part of its accountability to the UK parliament and to support regular dialogue with the UK government on the regulatory regime. Its latest report recommends that duties on internet companies in the Online Safety Bill should extend to paid-for advertising, as well as user-generated content. The FCA also believes that the Bill should designate content relating to fraud offences as ‘priority’ illegal content and so require monitoring and preventative action by platforms. The FCA has also called again for amendments to the Financial Promotions Order. Current exemptions to the order mean more ordinary investors are at risk of receiving financial promotions, including for high-risk products, that don't have to comply with the FCA's rules. The FCA have also outlined other areas where legislative change is needed such as extending the Senior Managers and Certification Regime to payment and e-money firms. The report highlights where the FCA is working with other agencies to prevent harm when issues fall outside its perimeter. This includes work with law enforcement agencies like the Serious Fraud Office, the National Crime Agency and the National Economic Crime Centre.



MHRA launches public consultation on future of medical device regulation



The MHRA is the regulator for medical devices used in the UK. Medical devices in the UK are currently regulated under the Medical Devices Regulations 2002. It is consulting on a future UK-wide scheme for regulating medical devices. The consultation covers a broad range of regulatory issues, from requirements for running clinical investigations, to how devices are assessed before being placed on the market through to importer and distributor obligations and post-market surveillance to transparency and the role of patients. The consultation ends on 25 November 2021.



New Phone paid Services Authority Code in force on 5 April 2022



The Phone-Paid Services Authority has issued its new PSA Code of Practice (Code 15) which sets out standards and requirements that providers of phone-paid services must comply with. It will replace the current Code 14 and introduces a new approach to regulation by: raising expectations in the market by replacing outcomes with regulatory standards; focusing on the prevention of harm rather than cure; and being simpler to implement and comply with. It introduces ten regulatory standards which aim to be easy to understand and provide regulatory certainty while enabling innovation and retaining flexibility to support good services and a healthy market. It will come into force on 5 April 2022.



UK government launches call for evidence on Wireless Infrastructure Strategy



The UK government has launched a call for evidence on its wireless infrastructure strategy. It says that it is committed to making the UK a global leader in digital connectivity. The government says that the pandemic has thrown the importance of connectivity into sharp relief, and it will continue playing a critical role in growing the UK economy, delivering the UK’s levelling up agenda and ensuring that the UK meets its Net Zero ambitions. The Wireless Infrastructure Strategy will set out the framework for the development, deployment and adoption of 5G and future wireless networks in the UK over the next decade. To support this, the government has launched a call for evidence to better understand what wireless connectivity the UK will need over the next decade and what more needs to be done to deliver it. The consultation ends on 25 November 2021.



EU



European Commission consults on proposed adapting of civil liability rules



The European Commission is consulting on an initiative on the subject of civil liability and the adapting of liability rules to the digital age and AI. It says that investment in and societal acceptance of emerging technologies require legal certainty and trust. Current rules on products aim to ensure that producers compensate consumers for damage caused by defective products. This initiative proposes to adapt this framework to take account of developments linked to the move towards a circular and digital economy on liability for damage caused by new and refurbished products. The initiative will also address challenges brought about by artificial intelligence. The consultation ends on 10 January 2022.



EDPB adopts Guidelines on restrictions of data subject rights under Article 23 GDPR following public consultation



During its October plenary, the European Data Protection Board adopted a final version of the Guidelines on restrictions of data subject rights under Article 23 GDPR following consultation. The guidelines aim to recall the conditions surrounding the use of such restrictions by member states or the EU legislator in light of the Charter of Fundamental Rights and the GDPR. They analyse the criteria to apply restrictions, the assessments that need to be observed, how data subjects can exercise their rights after the restrictions are lifted, and the consequences of infringements of Article 23 GDPR. Additionally, the guidelines analyse how the legislative measures setting out the restrictions need to meet the foreseeability requirement and examine the grounds for the restrictions listed by Article 23(1) GDPR, and the obligations and rights which may be restricted.