digital economy regulation

The French data protection authority, CNIL, fined Microsoft, Apple and TikTok respectively with €60m, €8m and €5m in December 2022 for breaching the provisions on cookies. The companies did not properly obtain the consent of users or did not allow them to refuse consent as easy as providing it.

Chile publishes new fintech law regulating technology-intensive financial services and creating an open banking system.

This week’s edition features stories about an update on the future EU-US data privacy framework; Google’s commitments to address concerns by European consumer protection authorities; a report by European data protection authorities reflecting a common approach on cookie banners; a step towards the adoption of the draft e-Evidence Regulation; and an update of Cullen International’s 5G security Benchmark. It also lists events taking place this week.

Speaking in the European Parliament, Didier Reynders, European commissioner for justice, said he was optimistic that the future EU-US data privacy framework (DPF) will withstand any legal challenge before the EU’s top court. In his opinion, the DPF is not just an evolution of the former EU-US privacy shield agreement, but a “very different” data transfer tool.

Following a coordinated investigation launched by the EU Consumer Protection Cooperation Network, Google committed to address the concerns raised by consumer protection authorities regarding some of its services. The company has already implemented most commitments.

The Court of Justice of the EU found that the remedies foreseen in the GDPR can be exercised “concurrently with and independently of each other” within the same EU country. However, contradictory decisions by national courts would put into question the GDPR’s objective of ensuring a consistent application of its provisions across the EU.