Tag Archives: GDPR

European Union Seeks to Update and Centralize Internet Law

While issues relating to Brexit and Boris Johnson becoming the Prime Minister of England have tended to dominate the news across the pond, not to be lost in the shuffle are reports that the European Union is in the process of creating a new law that would add further regulation of online content. The new law, titled the Digital Services Act, seeks to replace an older commerce directive from two decades ago with an updated and legally binding law. The law is reported to address a wide array of digital platforms and supposedly would focus on all aspects of tech.

So, what are some of the reported features of the Digital Services Act?

Online Takedown Laws

The new law reportedly would allow unelected European Union officials to censor illegal content on major platforms such as Facebook and Google. Such censorship also could occur with respect to internet service providers, data storage services, and cloud services.

Perhaps most notable about the new law is that European Union nations reportedly no longer would have control of Internet laws enacted by their own governments. Instead, these nations would be under the ruling umbrella of a centralized European committee.

Flowing from this, major social media sites reportedly would be subject to the European Union mandatory notice and take down rules. As a consequence, they would be required to remove any content the EU does not approve of within an hour of notice of take down.

Also, hate speech, which has a broad definition, reportedly would be outlawed and swiftly punished.

In addition, any advertising considered political would be within the ambit of European rules.

What is at work here behind the scenes?

Online Companies, IRL Legal Distinctions

Perhaps the Digital Services Act aims to recapture enforcement powers back to the European Union that were granted to national governments pursuant to the General Data Protection Regulation. This could lead to a centralized tech sector within the European Union with the power to enforce rules. This might provide benefits to European tech companies and possible detriments to major international tech companies. The law also could help EU companies operate across various EU nations but at the sacrifice of national sovereignty when it comes to tech legal requirements.

Notwithstanding other important issues presented in the news, potentially affected businesses and individuals should pay attention with respect to coming developments relating to the Digital Services Act.

Eric Sinrod (@EricSinrod on Twitter) is a partner in the San Francisco office of Duane Morris LLP, where he focuses on litigation matters of various types, including information technology and intellectual property disputes. You can read his professional biography here. To receive a weekly email link to Mr. Sinrod’s columns, please email him at ejsinrod@duanemorris.com with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.

What Is Personal Information? In Legal Terms, It Depends

In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse.

[…]

Companies should not overthink [data privacy and personal information]. Instead, data privacy lawyers said businesses should pay attention to what information they collect and where they operate to best understand personal data protection and compliance.

As Duane Morris LLP intellectual property and cyber law partner Michelle Donovan said:

“What it comes down to, is, it doesn’t matter what the rules are in China if you’re not doing business in China. Companies need to figure out what jurisdictions apply, what information are they collecting, where do their data subjects reside, and based on that, figure out what law applies.”

To read the full text of this article, please visit the MalwareBytes website.

The General Data Protection Regulation (GDPR) Webinar Series

Duane Morris is presenting a series of webinars on strategic planning and compliance with the upcoming General Data Protection Regulation, a far-reaching EU law that affects any company doing business in the European Union. The GDPR establishes a broad range of requirements for enhanced data security, along with significant penalties for non-compliance. As the European Union focuses on protecting the data privacy of EU citizens, the GDPR has greatly expanded jurisdiction.

Join an interdisciplinary team of Duane Morris attorneys for an in-depth discussion of GDPR, along with timely and practical strategies to prepare your business for compliance with this complex rule.

For more information or to register online, please visit the Duane Morris LLP website.