European Commission looks to regulate IoT security through the Radio Equipment Directive
The European Commission is taking steps to move from the self-regulation of IoT security (and other types of radio equipment) to the adoption of delegated act(s) on data and privacy protection, as well as protection from fraud. Before publishing its draft delegated act(s), the Commission has both expert and public consultations running until 30 September 2019 and 15 November 2019 respectively. The delegated act(s) are authorised under the Radio Equipment Directive.
Dutch competition authority supports ex ante regulation of online platforms
The Netherlands Authority for Consumers and Markets supports introducing an ex ante intervention mechanism in EU competition rules “to prevent anticompetitive behaviour by dominant companies acting as gatekeepers to the relevant online ecosystems”.
Colombia consults on connectivity and digital transformation road map
The Colombian Ministry of Information Technology and Communications (MinTIC) is consulting on its road map for connectivity and digital transformation for the period between 2018-2022. The road map seeks to close the digital divide and the gender gap, bring connectivity to rural and urban areas, as well as increase internet access and improve digital inclusion. The consultation is open until 16 August 2019.
Security breaches in the EU in 2018 recap: telecoms and trust service providers
Electronic communications providers and trust service providers (e.g. digital signature providers) in the EU are subject to mandatory notification requirements for significant security incidents. This flash analyses the 2018 incidents reported to the EU cybersecurity agency for both types of providers, including a comparison of the regimes and incident trends. It also looks forward to how the notification requirements will change under the European Electronic Communications Code (EECC).
Open consultation on French 5G security law implementation
Stakeholders can respond to an expedited public consultation (only until 6 August 2019) on the implementation of a French law that creates an authorisation requirement for the use by telecoms operators of certain 5G network equipment. The law foresees criminal penalties, and the consultation relates, in particular, to the list of equipment impacted and authorisation process.
Facebook Like button makes websites responsible for data, EU’s top court says
The Court of Justice of the EU (CJEU) ruled that website operators who embed Facebook Like buttons or similar third-party plug-ins are jointly responsible (together with Facebook) for the personal data processing that ensues. However, the website operator is only responsible for the collection and transmission to Facebook of the personal data of visitors to its website. The website operator is not responsible for the subsequent data processing carried out by Facebook after it receives the data.