Tech, Data, Telecoms & Media updates

Austria

Contributed by Schoenherr
Third COVID-19 Act: lawfulness of processing employee health data
  • Austria
  • 08 May 2020

Parliament recently enacted the Third, Fourth and Fifth COVID-19 Acts. Although these laws have significantly changed the Austrian legal framework, none of them include data protection provisions. Thus, the legislature appears to have overlooked a significant data protection issue arising from the new law – namely, the conflict of interests between the amended Social Insurance Act and the EU General Data Protection Regulation.

COVID-19: telecoms and data protection developments
  • Austria
  • 01 May 2020

Due to the COVID-19 pandemic, telecoms providers must now send mass alerts (eg, regional access prohibitions) via text message on order of the government and provide traffic and location data for the purposes of evaluating whether individuals are complying with quarantine orders. In addition, a number of legislative developments have taken place with respect to data protection. This article outlines these recent changes.

Article 15(3) of GDPR and right to access files or documents – an Austrian perspective
  • Austria
  • 20 December 2019

With the adoption of the EU General Data Protection Regulation, the EU legislature intended to strengthen the rights of individuals (ie, data subjects or applicants) by giving them greater control over how their personal data is used. Applicants must be informed of the processing of their personal data and be able to verify whether such processing is lawful. Accessing documents is not necessary to achieve that goal. This view is supported by two recent Austrian decisions.

Influencer marketing – Advertising Council adopts specific rules
  • Austria
  • 15 March 2019

'Influencer marketing' means taking advantage of bloggers and other persons who have their own social media channels to promote goods and services. While the concept of transmitting arguably hidden advertising is problematic, there are many variations of this and the lines between hidden advertising and personal opinion are often blurred. As such, the Advertising Council recently issued guidelines for dealing with influencer marketing as a specific means of marketing communication.

GDPR implementing legislation in Austria
  • Austria
  • 07 December 2018

The EU General Data Protection Regulation (GDPR) has created a new understanding and awareness of data protection. Despite being a directly applicable legal act, the GDPR has created significant work for the Austrian federal legislature, which has chosen to impose it by implementing the narrow but general Data Protection Act and introducing amendments to ordinary legal acts individually. However, these amendments are essentially limited to wording adjustments and restrictions on data subjects' rights.


Belgium

Contributed by AKD
DPA fines social media platform for data processing during referral programme
  • Belgium
  • 03 July 2020

The Belgian Protection Authority (DPA) recently fined a social media platform €50,000 for processing personal data during the scope of a referral programme without an appropriate legal basis. This decision is particularly relevant because it was rendered on the basis of the one-stop-shop mechanism and all of the national authorities concerned validated the DPA's reasoning.


Brazil

New data protection law enacted
  • Brazil
  • 18 September 2018

The president recently approved, with a partial veto, the Project for a General Law regarding Data Protection. The law will regulate the processing of personal data in Brazil. Even though this adaptation may be costly and time consuming, the enforcement of the law is expected to guarantee greater protection of personal data, increasing confidence in Brazil's economic environment.


China

Contributed by AnJie Law Firm
App governance panel issues special governance report on illegal collection of personal information
  • China
  • 07 August 2020

The App Special Governance Panel recently issued the 2019 Special Governance Report on Apps for Illegal Collection and Use of Personal Information, summarising governance efforts from January 2019. According to the report, illegal collection and use activities by apps will be cracked down on and enterprises' capacity to protect personal information will be greatly improved. Further, knowledge of personal information protection by apps should be extensively available.

Mobile financial apps must be filed with National Internet Finance Association of China
  • China
  • 31 July 2020

According to the Notice of the People's Bank of China on Issuing Financial Industry Standards on Strengthening the Security Management of Mobile Financial Client Application Software, the National Internet Finance Association of China has organised a real-name filing for mobile financial apps. There are 73 apps in the first batch to be filed with the association.

MIIT finds that 16 app operators infringed users' rights and interests
  • China
  • 24 July 2020

The Ministry of Industry and Information Technology (MIIT) recently established third-party testing institutions to monitor mobile apps and ordered app operators found to have infringed users' rights and interests to rectify this problem. The MIIT subsequently found that 16 app operators had failed to meet the rectification requirements and ordered them to comply with its request.

Network Security Department achieves preliminary results in campaign against illegal apps
  • China
  • 17 July 2020

In the first quarter of 2020, the Network Security Department of the national public security organs reportedly developed its functions, strengthened the protection of citizens' personal information and investigated and dealt with 386 illegal apps for collecting citizens' personal information in accordance with the law. This article provides a brief summary of the department's activities.

Cyberspace Administration of China launches 2020 clean up the Internet campaign
  • China
  • 10 July 2020

To further regulate the dissemination of information online and protect the public interest, the Cyberspace Administration of China (CAC) recently launched a nationwide clean up the Internet campaign lasting for eight months from May 2020. According to the CAC, the campaign comprehensively covers various online communication channels and platforms and aims to remove illegal and harmful information from the Internet.


Croatia

Contributed by Macesic & Partners
AI regulation – an overview
  • Croatia
  • 07 August 2020

At present, the regulation of the AI sector in Croatia is practically non-existent, as is the case in many other EU member states. This might be viewed as troublesome, as the technology is advancing rapidly without a specific legal control system to provide guidance. However, the issues arising from the use of AI are complex and difficult to foresee, which makes the legislative process time consuming and demanding.

Data protection, constitutional rights and COVID-19
  • Croatia
  • 24 April 2020

Croatia has among the lowest number of infected persons and persons requiring hospital care due to the COVID-19 outbreak. Despite this fact, the government has amended the Electronic Communications Act enabling the legal use of mobile data as an additional tool in its strategy to combat the pandemic. However, the process has been deterred by the opposition finding the amendments potentially unconstitutional and unjustified.

GDPR implementation grows nearer: will Croatia be ready?
  • Croatia
  • 27 February 2018

The European Commission's recent communication shows that only two member states have adopted the national legislation required to implement the EU General Data Protection Regulation. Others, Croatia included, are at different stages of the process. To meet the May 25 2018 deadline, Croatia should promptly address its national approach to open issues – in particular, its policies surrounding administrative fines.