In today’s judgment, the UK Supreme Court held that rights-holders should bear the costs of implementing website blocking injunctions to prevent IP infringement. The judgment overturns the practice adopted by the English courts since 2011 of requiring internet service providers, as innocent intermediaries, to bear these costs.

Continue Reading UK Supreme Court: rights-holders must pay costs of blocking IP-infringing websites

A recent judgment of the European Court makes it clear that in many circumstances more than one party may be a joint data controller. Whilst the judgment pre-dates the GDPR, its consideration of what constitutes ‘control’ and ‘joint control’ remains good law under the GDPR. The judgment means that parties who may have considered themselves ‘data processors’ in the past should review whether they are in fact ‘joint data controllers’ with others. Continue Reading Are joint data control relationships now the norm rather than the exception?

On 29 November 2017, the Court of Justice of the European Union (ECJ) confirmed that, under the Copyright Directive (the Directive), the making available of copies of television programmes saved in the cloud must be authorised by the holder of the copyright or related rights. Continue Reading ECJ confirms rights holders can stop cloud-based television recording services

On 13 September 2017, the Commission issued a proposal for a Regulation to strengthen the role of the EU Agency for Network and Information Security (ENISA) by:

  • granting it a permanent mandate;
  • clarifying its role as the information hub of the EU for cybersecurity; and
  • tasking it with the responsibility of proactively contributing to policy in the area of network information and security.

The proposal also introduces EU-wide cybersecurity certification schemes for ICT products and services, which will be prepared by ENISA. This aims to address current market fragmentation and provide a comprehensive set of cybersecurity rules, technical requirements, standards and procedures. Continue Reading EU Commission proposes stronger mandate for ENISA and EU-wide cybersecurity certification

On 14 September 2017 Ofcom, the UK communications industry regulator, adopted new statutory guidelines (Penalty Guidelines) on how it would assess and determine the penalties (fines) payable by regulated communications companies who breach their obligations under the Communications Act 2003 (Act). The revised guidelines follow Ofcom’s June 2017 adoption of new guidelines for enforcement in regulatory investigations (Enforcement Guidelines) and procedures for investigating breaches of competition related conditions in Broadcasting Act licences (Broadcasting Investigation Procedures).

Although on their face the changes to the guidelines seem relatively minor, when considered against the background of (i) Ofcom’s increasingly pro-active enforcement policy; and (ii) the increased difficulty of challenging Ofcom’s decisions, following the 20 July 2017 change in the standard of review of decisions on appeal from an ‘on the merits‘ review to ‘judicial review principles‘, we expect the changes to make it easier for Ofcom to take action against regulated communications companies and more difficult for those companies to defend and appeal Ofcom’s decisions. As a net result, regulated communications companies need to take Ofcom enforcement action more seriously. Those companies are now financially incentivised to engage early with Ofcom and consider early settlement to secure a settlement discount, especially as they will find it more difficult to challenge Ofcom’s decisions on appeal. Continue Reading What is the impact of the new Ofcom penalty guidelines?

The UK Government has released a “Future Partnership” paper setting out its vision for UK-EU data flows post-Brexit. In particular, the paper anticipates seeking an early UK-EU agreement that each area’s data protection laws provide equivalent protection, which would allow data to continue to flow between the EU, the UK and other third countries post-Brexit.  Continue Reading UK Government seeks EU equivalency for UK data protection law post-Brexit

With holiday season upon us, earlier this week Matt Hancock, the UK Government’s Digital Minister, announced proposals for a new UK data protection law. Previously covered on this blog here and here, little new of substance was announced, but in a slow news week, the announcement garnered significant UK media coverage and attention.  Continue Reading UK’s Digital Minister announces changes to UK data protection law

Ofcom published its annual Communications Market Report this week. This report provides a reference for industry, stakeholders and consumers across the sectors Ofcom regulates.  A handy bite-size version of the report is available here.

What has the 2017 report revealed? Continue Reading A nation of binge-watchers: Ofcom reveals the UK’s TV and online habits in its annual report

This week heralded further progress for the European Digital Single Market strategy, with the online content portability regulation mentioned previously on this blog coming into force on 20 July 2017, following publication of this regulation in the EU Official Journal on 30 June 2017. The regulation itself sets out a number of key dates during next year and onwards for content providers and consumers alike to watch for. Continue Reading ‘Watch like at home’: dates worth watching for

Following the Government’s decision to include a revised data protection law in the Queen’s Speech last month, the House of Lords EU Home Affairs Sub-Committee reviewed the potential implications on national security, stability and public safety of the UK exiting the European Union without an agreement to ensure there is unhindered data flow between the two sides. The Committee issued a stark warning that it was “struck by the lack of detail” on how the Government would ensure that the UK data protection regime continues to allow data transfer with the European Union in a post-Brexit world.

Continue Reading UK Data protection post-Brexit: a “cliff-edge”?