Quite a bit has changed since our March sessions - not just the Prime Minister and the country’s approach to Europe, but also a fair amount that affects day to day legal practice.
We’ll be cutting through the noise on Brexit and looking at what companies and other bodies are doing now, and what you can and should be doing, for what may be a few uncertain years.
You’ll have greater clarity as to how Brexit affects the different areas of law that are governed by European regulation, including technology law, commercial law, data protection, intellectual property rights and employment law.
In particular you’ll better understand what to do when advising your clients, dealing with contracts and new projects, and know where there are areas of emerging certainty. We’ll also be sharing drafting.
Not all that’s new is Brexit-related - so we’ll also be covering new regulations and new case law over the last 6-12 months, including how recent decisions affect offers to settle disputes.
https://www.brownejacobson.com/sectors-and-services/sectors/in-house-legal
3. Sham job applicants not covered
by discrimination law
Quotes from a recent application to one of our clients:
“The reasonable adjustments include the arrangement of safe travel provision as well
as overnight hotel rest before interview. And paid carer provision, taxis and meals.
This is to allow me the same opportunity to attend interview as all other able bodied
candidates.
If I am invited to interview and you make it impossible for me to attend that interview
as all other candidates will have the opportinuty to do, then I will seek to sue for
discrimination through Employment Tribrunral as is my legal right (sic). ”
4. Sham job applicants not covered
by discrimination law
Kratzer v R + V Allgemeine Versicherung AG C-423/15
• If an individual applies for a job only in order to
seek compensation for discrimination and not to
obtain employment, they will not be covered by
the protection of discrimination law.
5. Modern Slavery Statement
Reminder s54 of the Modern Slavery Act applies to a
commercial organisation which:
• Supplies goods or services
• Has a total turnover of £36m a year or more
(globally)
Statements are due at the end of September for
organisations whose financial year end was 31
March 2016.
6. Modern Slavery Statement
• The organisation will have to make a ‘slavery and
human trafficking statement’ stating the steps it
has taken during that financial year to ensure that
slavery and human trafficking is not taking place
in:
– Any part of its own business
– Any of its supply chains.
(Or issue a statement that it has taken no such steps)
7. Modern Slavery Statement
• The statement must be published on the
organisation’s website with a prominent link to the
statement on its homepage
• In the case of a company, the statement must be
approved by the board of directors and signed by a
director.
8. Gender Pay Gap Reporting
• The Regulations have been delayed – now expected
in April 2017
• In that case, the first “relevant date” under the
Regulations will remain at 30 April 2017, meaning
first gender pay gap reports due by the end of April
2018
9. Gender Pay Gap Reporting
Why do you need to think about it now?
• Although you don’t need to report until April 2018,
that is for data from April 2017.
• If the data reveals an issue, you will need to time
to address that before it is included in the data
that will need to be published
10. Gender Pay Gap Reporting
“UK women still far adrift on salary and promotion
as gender pay gap remains a gulf”
The Guardian, 23 August 2016
“Gender Pay Gap Hits Women With Children Hardest”
Sky News, 22 August 2016
“Mothers’ pay lags far behind men”
BBC News, 22 August 2016
“The Gender Pay Gap means that more women will be
in poverty later in life”
The Independent, 26 August 2016
11. Brexit and Employment Law
• In reality – little change in the short term
• Possibly changes to working time regulations,
collective consultation, agency worker regulations,
TUPE
12. Brexit and Employment Law
But what about now?
• Consider make-up of workforce
• Permanent Residence/Citizenship
• Apply for sponsor licence?
• No discrimination against EEA nationals in
recruitment
15. Hot Topic
Offers of settlement have been a “hot topic” in the Courts over the last 12 months.
Following the April 2015 changes to both the Pre-Action Protocols and the provisions of
CPR Part 36 we have seen a number of the Court’s decisions focusing on this aspect of
the litigation process.
In this session I intend to:
• review the changes to the Pre-Action Protocol;
• review the changes to Part 36; and
• look at the recent case law and practical implications of the Court’s decisions.
16. Pre-Action Protocols
“If proceedings are issued, the parties may be required by the Court to provide
evidence that ADR has been considered. A party’s silence in response to an
invitation to participate or a refusal to participate in ADR might be considered
unreasonable by the Court and could lead to the Court ordering a party to pay
additional Court costs.”
“The Court may decide that there has been a failure of compliance when a party
has unreasonably refused to use a form of ADR, or failed to respond at all to an
invitation to do so.”
Pre-Action Protocol Practice Direction, April 2015
17. Pre-Action Protocols
Consequences of non-compliance
These include:-
• an order that the party at fault pays the costs of the proceedings, or part of the costs of
the other party or parties
• an order that the party at fault pay those costs on an indemnity basis
• if the party at fault is a claimant who has been awarded a sum of money, an order
depriving that party of interest on that sum for a specified period, and/or awarding
interest at a lower rate than would otherwise have been awarded
• if the party at fault is a defendant, and the claimant has been awarded a sum of money,
an order awarding interest on that sum for a specified period at a higher rate, (not
exceeding 10% above base rate), than the rate which would otherwise have been awarded
18. Form of Settlement Offers
Offers of settlement can take various forms
Open offer – an offer which is not subject of the privilege of
the without prejudice rule
Calderbank offers - an offer which can not be referred to the Court during
the course of litigation but can be in respect of costs
Without Prejudice offer – an offer which can not be referred to the Court during
the course of litigation or on the question of costs
Part 36 Offers - will be treated as an offer made without prejudice
save as to costs but will have the consequences
specified in CPR 36.13, CPR 36.14, and CPR 36.17
19. Use of Part 36 Offers
An important tactical step in the course of litigation
Provides a means of putting pressure on the other side
Protects, to some extent, a party’s position on costs
For claimants, can lead to enhanced recovery on interest and costs
20. Requirements for a Part36 Offer
CPR 36.5 - every offer made after 1 April 2015 must:
Be made in writing
Make it clear that it is made pursuant to CPR Part 36
Specify the relevant period
State the scope and/or extent of the offer
State whether it takes into consideration the settlement of any counterclaim
21. The Relevant Period
The “relevant period” means:
Where an offer is made not less than 21 days before trial, either:
the period specified in the Part 36 offer of not less than 21 days,
within which the defendant will be liable for the claimant’s costs
in accordance with CPR 36.13 or CPR 36.20 if the offer is accepted;
or
any longer period as the parties agree
Otherwise, the period until the end of such trial.
22. Changes to CPR Part 36
Time limited offers
CPR Part 36.9(4)(b) now provides that the offeror can serve advance notice
to withdraw its offer (or amend it on less favourable terms).
This introduces the possibility of more strategic offers to exert pressure on
the offeree.
23. Changes to CPR Part 36
Formalities
CPR Part 36.5(1) now states that a party only has to make it clear that its
offer is “made pursuant to Part 36”.
This is as opposed to the previous regime which required an offer to state on
its face that it was intended to have the consequences of Section 1 of Part
36.
24. Changes to CPR Part 36
Improving offers
CPR Part 36.9(5)(a) confirms that an improved offer shall be treated not as
the withdrawal of the original offer but as making of a new Part 36 offer on
improved terms.
This removes any previous confusion as to whether there can be multiple
offers on the table at the same time.
25. Changes to Part 36
Split trials
CPR Part 36.16 now states that after the hearing of preliminary issue, the
terms of any Part 36 offer (relating only to the concluded issues) may be
revealed to the Court.
Accordingly, parties may wish to consider sub-diving their settlement offers
so that certain terms can be disclosed at an earlier stage if appropriate.
26. Changes to CPR Part 36
Cynical offers
Historically the Courts have experienced some difficulty dealing with
‘cynical’ offers.
CPR Part 36.17(4)(b) now addresses such offers as it allows the Court to
take into account whether an offer was a genuine attempt to settle the
proceedings, when considering whether the automatic consequences of Part
36 should apply.
27. Changes to CPR Part 36
Costs budgets
The general rule is that where a party has failed to file a costs budget in
time, it is treated as having filed a budget limited to Court fees.
CPR Part 36.23 now provides that in these circumstances, a party’s
recoverable costs shall be limited 50% of the costs otherwise recoverable
(not limited to Court fees).
28. Changes to CPR Part 36
Pre-issue offers
CPR Part 36.7 provides that an offer can be made at any time, including
before the commencement of proceedings
CPR Part 36.13 confirms that the claimant’s automatic entitlement to
reasonably incurred costs includes their recoverable pre-action costs
This amendment will hopefully encourage more early offers being made,
particularly given the recent substantial increase in issue fees for money
claims
29. Recent Case Law
Jockey Club Racecourse Ltd v Willmott Dixon
Construction Ltd [2016] EWHC 167 (TCC)
Offers as high as 95% of the claim value can still be viewed as a “genuine
attempt at settlement”
Each case will turn on its own facts
30. Recent Case Law
Sugar Hut Group Ltd & Oths v A J Insurance [2016]
EWCA Civ 46
There is no “near miss” rule
It does not matter by how much a claimant beats a Part 36 offer
The rules now expressly provides that an offer will be beaten if the Court’s
award is better in money terms by any amount, no matter how small
31. Recent Case Law
Hertel v Saunders [2015] EWHC 2848 (Ch)
Offer to settle was not a valid Part 36 offer as it only related to a claim put
forward in daft amended particulars of claim
Failed to comply with mandatory requirement under Part 36 to “state
whether it relates to the whole if the claim or to part of it or to an issue that
arises in it and if so which part or issue” CPR 36.5(1)(d)
32. Recent Case Law
Patience v Tanner [2016] EWCA Civ 158 and
Burrell v Clifford [2016] EWHC 578 (Ch)
Two cases where the Court refused to treat offers which fell outside the Part
36 regime as favourable as a Part 36 offer
Patience v Tanner – the defendant’s offer was not a Part 36 offer as it
did not offer to pay the claimant’s costs if accepted with the relevant period
Burrell v Clifford – offer fell outside the Part 36 regime because the amount
offered in respect of costs was fixed at a specified sum
33. Practical Implications
The key points to take from this
Courts will expect parties to have engaged in ADR and/or settlement
discussions pre-issue and there will be consequences for failing to do so
Settlement offers can take various forms but the form of the offer made
impacts on the manner in which the offer is treated and the level of
“protection” it provides the offeree
Changes to the provisions of Part 36 means that an early Part 36 offer is a
very useful pre-action settlement tool
34. Practical Implications
If you are making a Part 36 offer you must ensure that it is in the correct
form and meets all of the requirements of Part 36.5
Offer which do not meet all aspects of the strict requirements of Part 36.5
will fall outside of the Part 36 regime
Any offer made must be a genuine attempt to settle the dispute and this will
turn on the facts of each specific case
There is no “near miss” rule. The amount by which an offer is beaten is not
relevant
37. Areas to look at
• Brexit + contracts
• Digital Single Market Initiative/ Digital Signatures
• Case Law
38. Quick advert…
In house lawyer “checker” Product
- Free second opinion/expert view/check a point
– Approx 20 minutes on the telephone
- Equivalent to seeing a specialist at their desk
- Exclusively for in-house lawyers
Terms and conditions apply ☺
39. Brexit – effect on contracts?
Questions:
• Is it affected at all? (Term)
• European* Territory?
• Law/ Jurisdiction/ Enforceability?
– Rome (Law)
– Brussels (Jurisdiction/ Enforceability)
40. Brexit – effect on contracts?
Law:
Conflict of law rules pre-Rome (& UK common law)
Jurisdiction and enforceability:
– Lugano convention/ Hague convention on Choice of
Court Agreements
- New York Convention on Arbitral Awards
41. Brexit – effect on contracts?
• Unlikely FM or Frustration
• “Change of law” / “Material adverse change”
provisions
• Consider changes relating to specific areas of law
(e.g. data protection – hosting arrangements)
42. Brexit – effect?
Speculation:
- Tariffs/ restrictions/ licensing?
- Financial Services passporting?
- Exchange rate volatility - further drop in sterling?
- EU based law – insolvency, data protection,
House of Commons Briefing Paper 26 August 2016
43. So What?
For Long term contracts
- Stated law and jurisdiction?
- Reference to EU/Europe?
- Change likely given the subject matter/sector?
(See the HC report)
- Include mechanism for unforeseen consequences
- Use the time to prepare
45. Digital Single Market
“One Territory – One Market” online
Multiple regulations and initiatives including:
- Cybersecurity Directive (2016)
- GDPR (2016)
- Geo-blocking: Regulation 2017
- Cross border parcel delivery regulation
- Consumer Protection Co-operation protection
46. So what?
- Over next couple of years – EU regulation to
standardise digital economy
- Will affect businesses selling into EU
- Unclear what measures UK will adopt
47. Case law
Two cases on “no variations”:
Globe Motors v RW Lucas CA 2016
MWB v Rock Advertising CA 2016
48. So what?
Bluff factor – Know when you’re bluffing!
Similarly:
- Binding “only when signed” (Revielle v Anotech
2016)
- “No Waiver” - (if affirmed) Tele2 International
Card Co SA & others v Post Office Ltd - 2009
49. So what?
Future is uncertain
Some things predictable
- Changes in long term contracts
- EU regulation – towards single market
- Contracts will be varied
- Some clauses have “bluff” value only
- Lawyers relentlessly market their products
53. Brexit and Data Protection
• General Data Protection Regulation (GDPR)
• Network Information Security (NIS)
• ePrivacy Directive update
• Cybersecurity and Brexit
• Are we adequate?
54. EU-US Privacy Shield
• Background
• Principles
• Structure of Privacy Shield
• What to ask your provider
• Practical steps for Providers
• Enforcement
55. Cyber Security
• ICO Report 2015
• Ashley Madison Report
• Insurance and insurers
• Recent hacking
56. Recent Cases
• Bangura v Loughborough University
• Camera di Commercio, Industria, Artigianato e
Agricoltura di Lecce v Mnni
• Weltimmo
• Verein für Konsumenteninformation v Amazon EU
Sàrl
• Vidal-Hall update
59. The agenda
• Software and the Commercial Agency Regulations
• Website blocking orders
• Cloud computing
• Regulation of drones
• Cyber Security Directive
60. Software and the Commercial Agency Regs
The Software Incubator Ltd v Computer Associates
Limited [2016]
Held: Software falls within the definition of “goods”
• Dispensed with distinction tangible / intangible
• Commission based arrangements require review
• But what about subscription fee basis or cloud
hosted – more a service?
61. Website blocking orders
• 6 July 2016 Cartier International AG v British Sky
Broadcasting – follows Cartier I
• CoA dismissed appeals against orders requiring ISPs
to block access to sites that infringe TMs
• Extension from copyright to trade marks - Article
11 – IP Enforcement Directive
62. Alternative measures?
• Proceedings against operator of target websites
• Notice and takedown against website host
• Payment processors suspend merchant accounts
• Search engines to de-index
• Domain name seizures
• Customs seizures
63. Cloud computing
FCA Guidance – what does it say?
• What is it?
• What are its characteristics?
• What types of services are there? SaaS, IaaS, PaaS
• Who provides it and how?
64. Key issues
• Control over service and data security
• Data residency - processing in multiple locations
• Data integrity and recoverability
• Regulatory compliance and auditing
65. Mitigation strategies
• Due diligence – entire supply chain, services in
different jurisdictions
• Review proposed terms of use, privacy policy,
acceptable usage policy, SLA
• Getting the contract right – controls on data
processing, audit rights, information sharing,
change management, access to premises, remedies
for breaches
• Update policies and documentation
66. Contract issues to look out for
• Liability – loss of data/ service outage, DP, privacy and
confidentiality
• IPR – ownership of developed / adapted materials
• Hidden charges – user thresholds, storage limits, set-up
fees, security/back-up, upgrades / premium fees
• Termination – minimum periods, short notice periods
• Governing law and jurisdiction -arbitration
• Lock-in/exit – grace period for data recovery
• Slalom paper
67. Drones
• Facebook’s Aquila drone
• Amazon testing for drone delivery service
• HMP Pentonville drugs and mobile phones
• Civil Aviation Authority regulation
• Geofencing
• Breach of privacy, trespass, nuisance, harassment
• Registration?
68. Some good advice
• consent by notices, signs, media, publicity
• operate only with sensor equipment necessary for
purposes intended and only record data to achieve
purposes intended
• robust security and access controls
• mechanism to auto blur unintended face capture
• software to delete personal data once task
completed
69. Cybersecurity Directive
Cybersecurity Directive – published 19 July 2016
• To be implemented 10 May 2018
• Transitional measures from 9 February 2017
“An Open, Safe and Secure Cyberspace”
Priorities:
cyber resilience reducing cyber crime
cyber defence policy development of resources
coherent international policy
70. Cybersecurity Directive
Obligations to regulate:
• operators of “essential services”
• digital service providers - online marketplaces,
cloud computing services, search engines
Essential – energy, transport, banking, financial
market infrastructure, health, water, digital
infrastructure
74. What’s new
• Brexit + Patents/Trade Marks/Designs/Copyright
• The new Trade Mark regime
• Case law - your trade mark - use it or lose it: but
how much and where?
75. Our Brexit resources hub…
• Take a look - “what you need to know” about Brexit
www.brownejacobson.com/trainingandresources/resources/brexit
• Search for “Brexit resources”
• Much of UK IPR legislation derives from the EU –
without the CJEU, increasing divergence is likely
76. Brexit – Patents
• The change is: “nothing is going to change”
• The UPC will probably still happen (although
delayed beyond 2017) but the EU Unitary Patent
will not cover the UK (at least post Brexit)
• The EU Unitary Patent will cover the participating
EU Member States (all except Croatia & Spain)
• So for protection in the UK – no change - the UK
national patent and EP (UK) patent regime (not an
EU creature) will continue “as is”
77. Brexit – EU Unitary IPR
There will be significant changes/but what?
• EU Trade Marks (formerly Community Trade Marks)
– New Treaty (EU+) - nothing changes (wishful)
– Automatic free UK TM - all or pre-existing - (BO EU TM
GOF UK TM) (possible)
– Elected UK TM add on - free or fee/with or without
examination (likely)
• Community Registered Designs
– As for first 2 above
78. Brexit – other EU IPR
• Community Unregistered Designs (CUD)(3 years)
– Different creature to UK Unregistered Designs
– An IPR loss for those entitled prior to Brexit?
– No CUD unless & until “disclosed” in the EU
– But prior designs disclosed world-wide (e.g. post
Brexit UK) can impact novelty/individual character
79. Brexit – other EU IPR initiatives
• Trade Secrets Directive – came into force on 5 July
2016
– EU Member States must implement the Directive by
mid 2018
– Will we bother?
• Copyright reforms (new leaked draft Directive)
– New compulsory exceptions & rights
– Impact unlikely
80. So What?
• Key brands - where you only have an EU TM and
you want to avoid any uncertainty, apply for a UK
TM now (dual filing has always had benefits)
• Consider filing a UK RD design as well as/instead of
a CRD, particularly approaching Brexit (12-month
grace period)
• Use the time to audit your IPR - what IPR is really
core to your business?
– so as to act fast and cost effectively when needed
81. New Trade Mark Regime
• EU member states have until 14 January 2019 to
implement the changes made by the EU Trade
Marks Directive (harmonises national trade mark
law)
– Will we bother?
• However most of the amendments to the EU Trade
Marks Regulation (governs EU TMs) came into force
in March 2016
82. New EU Trade Marks Rules
• Whether or not EU TMs cover post Brexit UK, still
good value for many businesses (covers all the 27
remaining EU Member States)
• Changes implemented this year are
– new fee structure (1-2 classes cheaper/multi-class -
more expensive)
– no need now to represent EU TMs “graphically”
– grounds of refusal/invalidity which related only to
“the shape of goods” now extend to other
“characteristics” of goods
83. New EU Trade Marks Rules
• Changes re enforcement
– Use of a trade mark as a company name may now
infringe and the “own name” defence is now limited
to individuals
– Non-use now a defence as well as a grounds for
revocation (burden on claimant to prove use in
relevant 5 year period)
84. So what?
• Review your portfolio – there are now additional
challenges for non-standard marks
• Enforcement or defence strategies need to take
into account the changes re company and business
names
85. EU Trade marks & 5 years non-use
Use it or lose it, but how much and where?
Recent cases:
• Just UK (or France or Germany etc.) unlikely to be
enough anymore
• Need an adequate scale/volume of use too
• Does your evidence of use paint a convincing
picture that you have a market or are creating a
market “in the EU”?
• UK national marks – scale of use now matters too
86. EU Trade marks & 5 years non-use
Sofaworkshop Limited v Sofaworks Limited (IPEC)
• “implied default requirement that use beyond one
Member State is a necessary ingredient of genuine
use in the Community as a whole”
• Owner of EU TM for “Sofaworkshop” made
“extensive” use of it in the UK but 1 sale only
elsewhere in the EU (in Denmark)
• Not “genuine use” in the EU = EU TM revoked
87. EU Trade marks & 5 years non-use
Jumpman (Appointed Person – UK IPO)
• Turkish company (with EU TM for JUMP) opposed
Nike’s attempt to convert its application for a EU
TM for JUMPMAN to a UK TM
• In relevant period 55,000 pairs of JUMP branded
footwear sold (value $476,000 approx.) to a single
Bulgarian company
• Sold on to end users/170 sold on a Romanian Co.
• “Real commercial” use (not sham or token)
• Not genuine use in the EU – opposition failed
88. So what?
• You should review your trade mark portfolio to
identify your mature marks (5 years +)
• Consider whether they are still being used at all
– don’t pay “money for nothing”
– but consider whether you would object to others
using them (nostalgia brands) & deterrent effect
• Consider how those you want to keep renewing
would withstand a non-use challenge
• Consider new (layered) filings – worth the cost?
Hard to avoid talking about it
- Very likely still in the EU for the next couple of years – once Article 50 triggered UK starts process that ends in 2 years or less with UK outside the EU
Hard to avoid talking about it
- Very likely still in the EU for the next couple of years – once Article 50 tri
Hard to avoid talking about it
- Very likely still in the EU for the next couple of years – once Article 50 tri
The new regulations refers to
“Qualified digital signatures” – which can not be discriminated against. If accepted in one MS, must be accepted in all of the others
Other digital signatures (i.e. simple ones) cannot be discriminated against across borders – and must be available as evidence in court .
Service providers (e.g. Docusign) can choose to become accredited by a Supervisory body in a MS. This is at a national level.
So, given the UK has voted to leave the EU, should we still care what happens to European privacy law over the next few years? Clearly, the answer is yes.
First, Brexit is only relevant, to any degree, to businesses whose European operations are headquartered in the UK, or who use data processing equipment located in the UK. For those with offices or equipment in other EU member states, European privacy law should go on largely uninterrupted, including with reforms as scheduled.
Second, it's unlikely that there will be any substantial change in UK data protection law in the foreseeable future. Brexit has a two-year runway so the English Data Protection Act 1998 and privacy directives from Brussels will remain the law of the land in the short-to-medium term.
Even in the long-term, post-Brexit it seems doubtful that the UK would choose a substantially different path from the rest of Europe. Significant commercial and trading hurdles could emerge if the European Commission found reason to declare UK privacy law 'inadequate', and compliance costs for UK businesses would dramatically increase. The more logical view is that the UK would, in the same way Switzerland has done, maintain a set of privacy laws that it knows to be consistent and harmonised with EU standards, minimising the disruption for UK businesses with customers and trading partners elsewhere in Europe.
However, the timeframe for Brexit means that UK businesses, and overseas companies who need to comply with UK data privacy law (ie. S.5 DPA: (a) the data controller is established in the United Kingdom and the data are processed in the context of that establishment, or
(b)the data controller is established neither in the United Kingdom nor in any other EEA State but uses equipment in the United Kingdom for processing the data otherwise than for the purposes of transit through the United Kingdom), will need to adopt practices compliant with the new GDPR when it is implemented in May 2018. So even as the UK is walking towards the exit, businesses will have to keep up with privacy law reform when the GDPR comes into force, and then re-adjust to whatever post-Brexit privacy regime replaces it.
The upshot is that it should largely be business as usual for overseas businesses in terms of the need for them to comply with European data protection laws. While the demise of Safe Harbour, its replacement with the Privacy Shield, the new GDPR and Brexit amount to a generation of reform and upheaval in the space of less than a year, it remains as important as ever for privacy compliance to remain near the top of the agenda for all businesses operating in Europe.
GDPR and Brexit
Safe Harbor allowed US companies to self-certify a commitment to protect personal data in accordance with standards which were accepted to meet European requirements. The European Commission's 'Safe Harbor Decision' confirmed that transfers to such companies were deemed 'adequately protected'. Over 4000 US companies have signed up to the regime.
The CJEU decision in Maximillian Schrems v Data Protection Commissioner (C-362/14) invalidated the Safe Harbor Decision with immediate effect. From 6 October 2015, the Safe Harbor regime therefore ceased to provide a valid legal basis for EEA-US transfers of all types of personal data.
On Tuesday 2 February, less than 24 hours after a tentative update to the European Parliament's LIBE committee, the European Commission announced that a political agreement had been reached on the replacement for Safe Harbor.
The Article 29 Working Party responded to the Commission proposal, titled the "EU-US Privacy Shield", in a live press conference on Wednesday 3 February. In this conference, Working Party Chair Isabelle Falque-Pierrotin confirmed that regulators would continue to permit transfers to the US based on Standard Contractual Clauses (SCCs) and Binding Corporate Rules (BCRs) but warned that transfers still reliant on Safe Harbor were now illegal. In April the WP concluded that the Shield did not meet European Standards (areas of concern: no data retention principle, position on massive and indiscriminate collection of data for national security purposes is unclear, the legal remedies are insufficient – in particular the independence and powers of the Ombudsman are unclear).
Privacy Shield: what is it?
Going live on 1st August, the Privacy Shield guarantees that everyone in the EU has a number of rights when their data is processed, such as the right to ask a company for further information about the data they hold about them, or to amend their records if the data are outdated or inaccurate. Also they will benefit from several accessible and affordable dispute resolution mechanisms. Ideally, the complaint will be resolved by the company itself; or free of charge Alternative Dispute resolution (ADR) solutions will be offered. Individualscan also go to their national Data Protection Authorities, who will work with the U.S. Department of Commerce and Federal Trade Commission to ensure that complaints by EU citizens are investigated and resolved.
Still self certified
Hard to avoid talking about it
- Very likely still in the EU for the next couple of years – once Article 50 tri
Hard to avoid talking about it
- Very likely still in the EU for the next couple of years – once Article 50 tri
The new regulations refers to
“Qualified digital signatures” – which can not be discriminated against. If accepted in one MS, must be accepted in all of the others
Other digital signatures (i.e. simple ones) cannot be discriminated against across borders – and must be available as evidence in court .
Service providers (e.g. Docusign) can choose to become accredited by a Supervisory body in a MS. This is at a national level.
The new regulations refers to
“Qualified digital signatures” – which can not be discriminated against. If accepted in one MS, must be accepted in all of the others
Other digital signatures (i.e. simple ones) cannot be discriminated against across borders – and must be available as evidence in court .
Service providers (e.g. Docusign) can choose to become accredited by a Supervisory body in a MS. This is at a national level.
Cybersecurity Directive – published in July – provides for a higher standard of cyber security for certain providers of essential serivces – e.g. transport, health, finance +digital service providers (including Cloud)
Each MS to designate an authority responsible for dealing with Cyber threats
EU Digital Single Market Initiative – designed to make e-commerce across Europe easier by
Updating the E-Commerce Directive
Prevent Geo-blocking (where websites prevent access from other countries)
To simplify VAT treatment – proposal planned autumn 2016
Cybersecurity Directive – published in July – provides for a higher standard of cyber security for certain providers of essential services – e.g. transport, health, finance +digital service providers (including Cloud)
Each MS to designate an authority responsible for dealing with Cyber threats
EU Digital Single Market Initiative – designed to make e-commerce across Europe easier by
Updating the E-Commerce Directive
Prevent Geo-blocking (where websites prevent access from other countries)
To simplify VAT treatment – proposal planned autumn 2016
Cybersecurity Directive – published in July – provides for a higher standard of cyber security for certain providers of essential serivces – e.g. transport, health, finance +digital service providers (including Cloud)
Each MS to designate an authority responsible for dealing with Cyber threats
EU Digital Single Market Initiative – designed to make e-commerce across Europe easier by
Updating the E-Commerce Directive
Prevent Geo-blocking (where websites prevent access from other countries)
To simplify VAT treatment – proposal planned autumn 2016