Court of Appeal upholds grant of injunction before FRAND trial, Joint Committee on the National Security Strategy call for evidence on ransomware, Department for Education warned by ICO after gambling companies benefit from learning records database; and more in this week's round-up of UK and EU techlaw news developments not covered elsewhere on the SCL website.
Court of Appeal upholds grant of injunction before FRAND trial
In Optis Cellular Technology LLC and others v Apple Retail UK Ltd and others  EWCA Civ 1411, the Court of Appeal upheld the Patent Court's decision. The Patent Court has held that the owner of a standard essential patent was entitled to an injunction in a qualified FRAND form after the patent had been found to be valid and infringed, even though there had not yet been a trial to establish the terms of a suitable FRAND licence. The court also upheld the Patent Court's rejection of the patent owner's arguments that the injunction should have been unqualified. The Patent Court had had to interpret the IPR policy of the European Telecommunications Standards Institute (ETSI) relating to standard essential patents. The parties had claimed the interpretation was incorrect, but the Court of Appeal rejected those arguments. Arnold LJ said "these appeals illustrate yet again the dysfunctional state of the current system for determining SEP/FRAND disputes. Apple's behaviour in declining to commit to take a Court-Determined Licence once they had been found to infringe EP744, and their pursuit of their appeal, could well be argued to constitute a form of hold out (whether Apple have in fact been guilty of hold out is an issue for [trial]); while Optis' contention that an unqualified injunction should be granted would open the door to hold up. Each side has adopted its position in an attempt to game the system in its favour. The only way to put a stop to such behaviour is for...enforceable arbitration of such disputes to be part of...IPR policies."
Joint Committee on the National Security Strategy call for evidence on ransomware
The Parliamentary Joint Committee on the National Security Strategy has launched a call for evidence on ransomware. Evidence is invited on: the extent and nature of the ransomware threat (including sources), modes of extortion, and how the threat could evolve in future; levels and sources of vulnerability of UK organisations to ransomware, including operators of critical national infrastructure; the UK victim experience, including sources of support for prevention, detection and recovery, public-private partnerships, the role of the media, access to and availability of insurance cover, and regulatory requirements placed on ransomware victims; the effectiveness of the response to ransomware by the UK government, law enforcement agencies and other UK state actors, including key operational challenges and ministerial oversight; reforms that might enhance the UK's resilience to ransomware, reduce the economic and societal damage that it causes, and/or support the law enforcement response; the scope for international cooperation to combat the global ransomware threat more effectively, including on crypto-currency regulation; and lessons that could be learned from other countries' approaches and responses to ransomware. The call for evidence ends on 16 December 2022.
Department for Education warned by ICO after gambling companies benefit from learning records database
The ICO has issued a reprimand to the Department for Education following the prolonged misuse of the personal information of up to 28 million children. An ICO investigation found that the DfE's poor due diligence meant a database of pupils' learning records was ultimately used by Trust Systems Software UK Ltd (Trustopia), an employment screening firm, to check whether people opening online gambling accounts were 18. The DfE has overall responsibility for the learning records service database, which provides a record of pupils' qualifications that education providers can access. The ICO found the DfE continued to grant Trustopia access to the database when it advised the DfE that it was the new trading name for Edududes Ltd, which had been a training provider. Trustopia was in fact a screening company and used the database for age verification, a service they offered to companies including GB Group, which helped gambling companies confirm that customers were over 18. This data sharing meant the information was not being used for its original purpose, in breach of data protection law. The ICO issued a reprimand to the DfE setting out clear measures it needs to action to improve their data protection practices so children's data is properly looked after. The ICO is taking a different approach to enforcement with public bodies now, but it said that previously it would have levied a fine of £10 million.
House of Commons Science and Technology Committee issues a report on space industry
The House of Commons Science and Technology Committee has issued a report on the space industry. It says that in the past few years, the UK government has signalled its support for the UK space industry, with investments made to establish UK launch sites and the publication of the National Space Strategy and the Defence Space Strategy. The government also made a significant investment when it purchased the satellite communications company OneWeb. Despite these interventions, the government's strategy for the UK space industry lacks coherence and more must be done to secure the sector's future success. There have also been significant concerns about the government's investment in OneWeb. The government must also improve its approach to leadership on space. Currently, the approach to space policy across Whitehall is disjointed and unclear. This has been exacerbated by the National Space Council, which was only established in 2020, being disbanded earlier this year without explanation or clarification of new governance arrangements. The Government must clarify the new governance arrangements for space and publish detailed implementation plans for the National Space Strategy, which lacks specifics and a clear programme of work. Since the UK lost access to the secure Position, Navigation and Timing provided by the EU's Galileo system, the government has failed to take appropriate action to ensure that the UK has access to secure PNT if the US's Global Positioning System fails. Due to the considerable public investment, the government should report annually to parliament on the state of the government's investment in OneWeb. To ensure the success of the space sector more broadly, interventions are required to inspire a diverse range of people to train and take up jobs within the sector.
IPO consults on potential legislative changes for IPO digital transformation
The IPO is consulting on potential legislative changes for IPO digital transformation The One IPO Transformation programme is designed to modernise and improve the IPO's services. By 2025, the IPO intends to have replaced its existing processes with a single, integrated system for all registered IP rights (patents, trademarks and designs). This aims to provide customers with more efficient digital services that transform the way they interact with the IPO. As well as building these new services, the government needs to make sure that a legal framework is in place to support them. The current framework assumes a system built around paper forms and correspondence. The IPO wants the law to have the flexibility to adapt to new technologies, and to be more consistent in how things work across rights. The consultation sets out changes which the government considers may be needed to achieve those goals, and seeks views on them. The proposed changes aim to remove legal barriers to the IPO's digital transformation work and address inconsistencies between the different rights. The consultation ends on 6 January 2022.
Irish DPC submits Article 60 draft decision on inquiry into Yahoo!
The Data Protection Commission (DPC) has submitted a draft decision in an inquiry into Yahoo! EMEA Limited to other Concerned Supervisory Authorities (fellow regulators), across the EU. The inquiry, which commenced on 1 August 2019, centred around Yahoo!'s compliance with its obligations under Articles 5(1)(a), 12, 13 and 14 of the GDPR, which deal with the processing of personal data, in the context of its products and services across the EU.