The High Court has refused an application by the Irish Times for injunctions restraining the Times of London from using the words "The Times Irish Edition" in its forthcoming digital Irish edition of the newspaper. The new digital publication will be sold as a part of a subscription package with the Sunday Times and will be solely available digitally. The Irish Times had sought an injunction preventing Times Newspapers Limited (TNL) from using the "The Times Irish Edition" or any other title which may be confusingly similar to The Irish Times. TNL denied that the phrase would create any confusion due to the co-existence of the two publications in Ireland for 150 years as well as the fact that it was common knowledge that they intended to launch an Irish edition.
The Department of Communications, Energy and Natural Resources (DCENR) published its draft Broadband Intervention Strategy this week as part of its plan to provide the entire country with high-speed broadband.
Statewatch.org have recently published a leaked copy of the European Council’s draft of the proposed new Data Protection Regulation and it makes for interesting reading.
The European Commission has recently unveiled a 16 point plan for boosting the European digital economy entitled ‘A Digital Single Market Strategy for Europe’ (the Plan). The Plan envisages widespread revision of existing European internet, intellectual property and e-commerce law in a series of bold measures that the European Commission projects would add €415 billion to European GDP and also create 3.8 million new jobs.
Symantec released their annual Internet Security Threat Report (the Symantec Report) last week (available at http://www.symantec.com/security_response/publications/threatreport.jsp) and it makes for alarming reading. The risk of cyberattack is one that has been brought to the forefront of popular consciousness by the devastating cyberattacks on Sony Pictures Entertainment in 2014 and the Symantec Report shows that 2014 saw a worryingly exponential increase in the number, severity and sophistication of such attacks.
The Data Protection Commissioner, Helen Dixon, spoke at the Society for Computers and Law’s ‘The Evolution and Reform of Data Protection’ event this morning. The Commissioner gave an overview of the activities of the Office of the Data Protection Commissioner (ODPC) in 2014 and set out the aims of the ODPC for the year ahead.
On November 23rd, Symantec, the American antivirus company, announced the discovery of a piece of software called Regin, which it had found lurking on computers and stealing data in Ireland, Russia, Saudi Arabia and several other countries. Its sophistication and stealth led Symantec to conclude that it must have been created by a nation-state.
The Regin software appears to have been lurking on some computer systems from as long ago as 2008 and Symantec said it was unusually low-key, meaning it could be used on a target for several years before being noticed. Symantec have described the purpose of Regin as “intelligence gathering” and said: “It is used for the collection of data and continuous monitoring of targeted organizations". Regin appears to be significantly more sophisticated than most other examples of hacking software as it could take screenshots, control the cursor and steal passwords.
While most computer viruses and hacking malware are produced by individual hackers or criminal gangs, the sophistication of Regin has led commentators to conclude that it must have been produced by a nation state. This is just the latest in a growing trend of sophisticated, state sponsored hacking attacks. The most famous example of such an attack is the ‘Stuxnet’ virus. Stuxnet was discovered in 2010 and was designed (according to experts in the field, almost certainly by America and Israel) to hijack industrial-control systems. It was deployed against Iran’s nuclear program, and caused widespread damage by destroyed centrifuges that were being used to enrich uranium.
Ireland has the fourth highest rate of infiltration by Regin in the world with almost 10% of infiltration incidences happening in Ireland. Irish companies should be aware of the threat posed by increasingly sophisticated hacking attacks particularly from software such as Regin which could be used for industrial espionage.
Under Irish law, infiltrations such as those carried out by Regin could be considered an offence under a number of different grounds. From a data protection perspective, pursuant to section 22 of the Data Protection Acts 1988 and 2003, it is an offence to obtain access to personal data without the prior authority of the data controller by whom the data is kept and to disclose the data to another person while sections 2 and 5 of the Criminal Damage Act 1991 could also make infiltrations such as those carried out by Regin an offence. Finally, section 9 of the Criminal Justice (Theft and Fraud Offences) Act 2001 could make the infiltrations carried out by Regin an offence as section 9 states that it is an offence for a person to "dishonestly, whether within or outside the State, operates or causes to be operated a computer within the State with the intention of making a gain for himself or herself or another or of causing a loss to another". Further legislative provision to deal with such hacking attacks will be provided in the forthcoming Criminal Justice (Cybercrime) Bill, the heads of which have been agreed and is currently being drafted.
In the Irish Government Budget for the forthcoming year published on 14 October, it was announced that the so called ‘Double Irish’ tax mechanism was being phased out. One of the mechanisms that is being considered to replace the ‘Double Irish’ is a new ‘Knowledge Box’ scheme. This scheme would be similar to the recently introduced Patent Box in the United Kingdom and would be of significant benefit to intellectual property holders in Ireland and those seeking to establish themselves in Ireland. Commentators suggest the Knowledge Box scheme will include a tax rate likely to be at least as low as 6.25 per cent and perhaps lower on intellectual property assets managed in the scheme. A 6.25 per cent tax rate would be half the standard Irish corporate tax rate of 12.5 per cent. The exact scope and conditions for qualifying for the scheme have yet to be determined.
Apple Pay: an Introduction
One of the most exciting elements of the Apple iPhone 6 launch in September was the announcement by Apple of the Apple Pay feature. Apple Pay is a near field communication (NFC) based mobile payment system that comes pre-installed on the iPhone 6. NFC technology involves a short-range, low power wireless link evolved from radio-frequency identification technology that can transfer small amounts of data between two devices held a few centimetres from each other. It is the same technology that is behind the ‘tap and pay’ debit cards that have been rolled out by Irish banks in the last number of years.
While Apple Pay was launched with the iPhone 6 in the US, it has not yet been rolled out in Europe with rumours predicting an Apple Pay European launch in 2015.
It is clear that Apple Pay has the potential to be a ground breaking technology that may change the way that consumers use their phones and, indeed, how consumers pay for goods and services.
Following the referral of the High Court to the Court of Justice of the European Union (CJEU) in Schrems v Data Protection Commissioner (No.2)  IEHC 351, as reported in two previous blogs, the plaintiff in that case, Max Schrems, has successfully signed up over 25,000 applicants to pursue a quasi "class action" suit against Facebook Ireland Limited in a civil case before the Commercial Court for Vienna.
The number of applicants was capped at 25,000 for practical reasons with the cap being reached within a week of its launch and as of Friday 8th August the number of applicants stood at over 45,000.