Last week MoneyConf firmly put Dublin in the Fintech spotlight. The pressure on financial services firms to make better use of technology to reduce costs and improve customer service shows no sign of relenting. At the same time they need to carefully navigate the related regulatory challenges around technology outsourcing. A member of the ECB Supervisory Board recently observed that banks are not “technological houses” and said that the fragmentation of banks’ services across a range of external providers creates a “challenge” for banks’ leaders, who retain responsibility. This statement will resonate, in particular, with financial institutions looking to understand how much they are currently using, and how they can make more and better use of, cloud based technology solutions.
The Minister for Communications, Denis Naughten, has confirmed that plans to appoint a Digital Safety Commissioner for Ireland (DSC) will go ahead in 2018. The DSC will act as an ‘Internet regulator’, with powers of enforcement and responsibility for a ‘notice and takedown’ regime, to ensure the online safety of Internet users.
The EU Court of Justice (CJEU) has ruled that a supplier of luxury goods can, by contract, prohibit its authorised distributors from selling those goods on third-party internet platforms such as Amazon. The CJEU held that such a prohibition is appropriate; does not in principle go beyond what is necessary to preserve the luxury image of the goods; and is not necessarily an unlawful restriction of competition (Coty Germany GmbH v Parfümerie Akzente GmbH (Case C-230/16)).
Heading into the Christmas period, festive shoppers may notice an increasing number of retailers are offering receipts via email (e-receipts) rather than the traditional paper docket. Providing a receipt through email has a number of advantages for retailers and consumers. There is the obvious environmental benefit and it provides an easier means for customers to store and find receipts than an over-stuffed wallet.
However, new guidance from the Data Protection Commissioner (DPC) has stressed the need for retailers to ensure that when customers provide their details for the purpose of receiving e-receipts, they should be fully informed and consent to how that data may be used. Of central concern is the retailers’ use of email addresses for subsequent direct marketing.
The European Commission (EC) has opened an online public consultation on the targeted revision of EU consumer law (the Consultation). The Consultation follows the EC’s publication of the results of its Fitness Check on consumer and marketing law and of the evaluation of the Consumer Rights Directive (Directive 2011/83/EU) (the CRD).
The European Council has finalised its position on the directive setting out new rules relating to the supply of digital content and digital services, acknowledging it as a priority for the Digital Single Market. The makings of the proposed directive were initially presented by the European Commission in late 2015 as part of the move towards a connected digital single market. On 8 June 2017, the European Council adopted its position on the scope of the proposed directive, the remedies for lack of supply and non-conformity, supplier liability and burden of proof restrictions.
In Case C-375/15 (the BAWAG case), the CJEU examined the scope of a payment service provider’s obligation to communicate changes to information and conditions, and to framework contracts, to e-banking customers. In particular, the CJEU considered whether a bank may notify its customers of account information and contractual changes via an electronic banking mailbox. The CJEU clarified the conditions that must be met for information to be “provided” to customers on a “durable medium”, as required by the Payment Services Directive (PSD) (2007/64/EC).
In Muwema v Facebook Ireland Ltd  IEHC 69, the Irish High Court refused to grant a Norwich Pharmacal order against Facebook, requiring disclosure of the identity and location of an anonymous third party operating a Facebook page containing defamatory content. The Court found that if Facebook disclosed such information it would endanger the life of the third party. The Court held that the right to a good name must give way to the right to life and bodily integrity in the event of a conflict.
The High Court in Muwema v Facebook Ireland Ltd  IEHC 519 held that Facebook had no duty to remove defamatory content posted by an anonymous third party. Justice Binchy did, however, make a Norwich Pharmacal order requiring Facebook to disclose the identity and location of the person operating the page involved.
In GS Media v Sanoma Media Netherlands and Others (C-160/15), the CJEU held that the posting of a hyperlink on a website, giving access to copyright-protected work on another website, will not constitute a "communication to the public" under Article 3(1) of the Copyright Directive 2001/29/EC, if the person posting the link did not do so to seek financial gain, and did not know that the hyperlink was published illegally without the consent of the copyright holder. In contrast, if a hyperlink is provided for profit, knowledge of the illegality of the publication on the other website must be presumed.