Speaking at A&L Goodbody’s breakfast seminar, ‘GDPR – The Last Lap‘, Anna Morgan, Deputy Data Protection Commissioner, has warned that companies who ‘over-report’ and adopt an overly conservative approach to the GDPR’s breach notification requirements may risk enforcement action from the Data Protection Commission (DPC).
Daniel is a Trainee Solicitor in the IP & Technology Group at A&L Goodbody.
Daniel holds an LLB from Trinity College Dublin, where he studied Intellectual Property Law. Daniel also holds an LLM in Intellectual Property from King's College London, studying the law of copyright, the law of trademarks and the commercialisation of IP, obtaining a Distinction grade.
Daniel has a particular interest in IP litigation and the legal regulation of the music industry.
The Minister for Communications, Denis Naughten, has confirmed that plans to appoint a Digital Safety Commissioner for Ireland (DSC) will go ahead in 2018. The DSC will act as an ‘Internet regulator’, with powers of enforcement and responsibility for a ‘notice and takedown’ regime, to ensure the online safety of Internet users.
The proposal for a DSC is contained in a Report from the Law Reform Commission (LRC) on Harmful Communications and Digital Safety, which also contains a draft legislative proposal. The LRC has recommended that the scope of regulation by the DSC should include all ‘digital service undertakings’, which would be defined very broadly to cover intermediary service providers, internet service providers, internet intermediaries, online intermediaries, online service providers, search engines, social media platforms and websites and telecommunications undertakings.
The DSC mechanism is partially inspired by the systems in place in Australia and New Zealand, which have specific timelines linked to the obligation to unlawful material, with removal generally being required within 48 hours. In Ireland, under the current LRC proposals, the DSC will be mandated to develop a national Code of Practice for Take Down procedure, which would contain detailed and practical guidance on the procedure for ‘takedowns’, a requirement that the takedown procedure is made available free of charge and timelines within which offending materials should be removed.
It should be noted that the Australian and New Zealand regimes were implemented on a somewhat blank legislative canvas. Any proposal in Ireland must be compliant with the overarching requirements of the eCommerce Directive (which does not contain mandatory timelines, but requires internet intermediaries to ‘act expeditiously’ or risk losing its legal immunity). It remains to be seen whether an additional layer of Irish regulation on tech and Internet companies would have any impact on Ireland’s international reputation as an attractive place to do business.
An Taoiseach Leo Varadkar had previously indicated that Government plans to appoint a DSC were ‘on hold’, however, he has since clarified that he may have ‘mis-spoken’.
The Department of Communications has organised an open digital safety forum on March 8 at the Royal Hospital Kilmainham involving Gardaí, Interpol, NGOs, state bodies and parents groups. We await further detail on this proposal.
EU consumers of online content services such as Netflix, Spotify or Sky Sports will soon be able to access their subscriptions while on holiday in or when otherwise visiting another Member State, due to the lifting of existing restrictions by a proposed new EU Regulation.
The conference on Modernising Copyright, jointly organised by the Irish Centre for European Law and the School of Law, Trinity College Dublin, brought together a number of interesting academics, practitioners and commentators, for a lively discussion concerning various aspects of the future of copyright law in Europe. Among the issues addressed were the development of a Digital Single Market (DSM) in Europe, the nature of copyright exceptions and limitations, and the position of online service providers and intermediaries vís-a-vís copyright infringement.
The Office for Harmonization in the Internal Market (OHIM) last week published its decision in relation to the application of the well-known fast-food outlet Supermac’s for a Community Trade Mark (CTM). In a split decision, OHIM ruled that Supermac’s is not entitled to use its brand to sell fast-food/takeaway products or services or to use the brand as a CTM on certain foodstuffs (e.g. meat, fish, poultry, chicken, onion rings, hamburgers, nuggets or chips) in the EU. This decision comes following the filing of extensive opposition by arguably Supermacs’ biggest competitor, McDonald’s.
Europe is today celebrating Data Protection Day, with this year’s celebrations coinciding with the recent political agreement for the finalised text of the new General Data Protection Regulation (GDPR) (for further information – see our earlier blog post). One of the many events organised across Europe in conjunction with Data Protection Day was the National Data Protection Conference, which took place over the course of yesterday and today.
The draft of the General Data Protection Regulation (GDPR) took a significant step towards finally becoming European-wide law last week. The European Parliament’s Civil Liberties, Justice & Home Affairs Committee (LIBE) approved the final draft agreed by the European Council and Parliament as part of the trilogue negotiations. The text is available on the website of the European Parliament – under item 3 of the Committee Meeting agenda. The GDPR, which was first published in 2012, has gone through a number of iterations and extensive amendment on its journey to ratification. The final draft, which is expected to be ratified by the European Parliament and Council in Spring 2016, contains a number of compromise positions agreed by the EU institutions in an effort to get the GDPR across the line. Once ratified, there will be a two year period before the GDPR becomes directly applicable in all European Member States.