The overview of interesting Data & IT Law articles and news in August 2016!
What is an impact of General Data Protection Regulation on ePrivacy Directive?
DLA Piper published a study on the impact of EU General Data Protection Regulation (GDPR) on ePrivacy Directive 2002/58/EC.
Firstly, it focuses on the areas of law, in which the scopes of GDPR and the ePrivacy Directive overlap. GDPR influences the regulation of a security of processing, location data, traffic data, cookies and other tracking mechanisms or unsolicited communications. It also addresses the topic of a confidentiality of communications. This point requires clarification, as “the revised principle should in any event be technology-neutral, not be limited to traditional telecommunications services and be transferred to more horizontal legislation covering all services that allow interpersonal communications.”
Finally, it addresses the necessity of the non-privacy-related provisions of the ePrivacy Directive. “Given the current state of the market, the non-privacy-related provisions of the ePrivacy Directive are no longer required and can be repealed. However, in case those provisions would still be considered relevant by the European legislator, they should be transferred to the updated regulatory framework covering a broader range of communication services.”
Blockchain as a technology basis for copyright protection?
The article analyses an idea to use blockchain-powered technology for copyright protection. It lists several advantages:
- may be “ideal for cataloging and storing original works of art, documents, manuscripts, photographs and images, away from any central authority”
- “Even if the copyright service ceases to exist, there will still be a verifiable copy of an original work on the blockchain.”
- it may enable “a registry of ownership (history of assignments). It can be very difficult to trace the ownership chain for copyrighted works (especially with multiple authors, e.g. sound + video + text)”
However, the article quotes a lawyer specialising in new technologies, who argues that: “The much more pressing problem is removing infringing content and for that you will generally have to fall back on legal means.” Another problem is that “the reality of copyright is that it’s at once global but also local. Copyright is governed by a patchwork of local laws that differ in sometimes important ways.“
Finally, the article addresses another problem – the hashtag issue:
“A hash of a work isn’t the same as the work itself and copyright is generally broader than just the specific arrangement of bits. Even a slightly modified work is likely to still be covered by the original work’s copyright but the hash will be completely different. I think that’s a challenge for anyone seeking to make a blockchain for images (or other digital goods).”
For more information about the use of blockchain technology to solve legal issues, look at the article about health data & blockchain and blockchain and anonymity issues.
How to legally commercialize user-generated content?
The article deals with the legal issues of using a user-generated content for commercial purposes. For example, a situation in which an undertaking uses social media posts in an advertisement. However, such activity may result in a violation of copyright legislation, data ownership or terms and conditions of third parties.
Therefore, the article gives an overview of five best practices how to prevent such risks:
- “review social media platform terms
- seek permission
- make available terms and conditions for “Promotional” Hashtags (create a form of “browsewrap” agreement)
- adopt an internal curation process
- adjust the approach for high-risk uses”
The “Right To Be Forgotten” spreading to Asia
In its case no. C-131/12, the European Court of Justice held that individual’s privacy rights include a “right to be forgotten”. An individual has a right to request a removal of certain search results. The right is also a part of the new General Data Protection Regulation.
The article in Socially Aware issue addresses the spread of the right into Asia. In South Korea, the Korean Communications Commission released non-binding “Guidelines on Requests for Access Restrictions on Internet Self-Postings”. User-contributed content websites, as well as search engines, may receive requests to remove information, however, it is only voluntary to follow. The reason for such solution is to find a balance between privacy rights and freedom of expression.
The article paid attention to a situation in China. It refers to a case before Haidian District People’s Court in Beijing. In this particular case, the court did not grant the individual a right to be forgotten. On the other hand, the court identified three criteria under Chinese law: “the personal interest at issue must (1) encompass a right not already categorized; (2) be legitimate; and (3) require the protection of law.” Accordingly, it is possible to exercise the right to be forgotten, but only if the situation meets certain criteria.