Digital Law Alert

In this edition of DLA Piper’s Digital Law Alert we bring you an overview of the key tech law developments of the previous month.

The European Commission has issued a draft declaration on digital rights and principles designed to support the targets for the digital age that Europe aims to reach by 2030. Rather than establish new rights, the draft declaration pulls together existing EU rights that apply to the digital age in a single point of reference. The seven key principles for a value-based digital governance established in the 2020 Berlin Declaration are reflected in the declaration, including the need to validate and respect fundamental rights and democratic values in the digital age and the need to create a resilient and sustainable digital society in line with the EU’s Green Deal. The draft declaration seeks to put people at the centre of digital transformation and foster a protected and secure online environment as part of its principles.

As previously reported in a DLA Piper Privacy Matters blog post, in early 2022 the UK government launched its cyber security strategy for 2022-2030 setting out how UK public services should look to address increasing rates of cyberattacks. According to the report, around 40% of the incidents managed by the National Cyber Security Centre during a period of one year prior to August 2021 affected the public sector. Both immediate and longer term action is clearly required to address this trend. The report focuses on detection and minimisation of the impact of cyberattacks and includes a Cyber Assessment Framework that has been developed by the NCSC to provide a means of assessing if risks to essential functions are being adequately managed.

The European Banking Authority, the European Insurance and Occupational Pensions Authority and the European Securities and Markets Authority have published a joint report of recommendations on future regulation of digital finance. Issued in response to the European Commission’s ‘Call for Advice on Digital Finance’, the report advocates a high level of consumer protection and focuses on ways of addressing the risks posed by increasing platformisation of consumer experience. Proposals set out in the report also include applying a holistic approach to the regulation of the financial services value chain and supporting further convergence in methods of addressing money laundering and terrorism financing in a digital context.

As discussed by Simon Kenyon and Paul Hogarth of DLA Piper in a recent insight, in the case of Transparently Limited v Growth Capital Ventures Limited [2022] EWHC 144 (TCC) the UK Technology and Construction Court refused to grant a mandatory injunction for the delivery up of bespoke software that was the subject of a dispute prior to the completion of its development. The judgment considers the ‘balance of convenience’ test to be applied when considering the grant of mandatory injunctions to deliver up unfinished software. The case serves as a useful reminder of the need to consider terms in a software development agreement carefully that could require partially developed software to be handed over upon early termination of the agreement.

The European Commission has proposed the introduction of a European Chips Act designed to confront semiconductor shortages and enhance Europe’s position as a leader in digital and green transition. The impact of recent semiconductive material shortages is still being felt around the world, exposing a need for legislative action to be taken to ensure a reduction in the dependency on component materials and existing designs of semiconductors as far as possible. The new Act recognises the need for innovation and investment in the design and manufacturing of chips and a mobilisation of both private and public investment around Europe to secure this.

15 February 2022 saw the launch of the first coordinated enforcement action of the European Data Protection Board (EDPB), which will involve investigations into public sector use of cloud services by 22 national data protection authorities across the European Economic Area. The investigation applies the EDPB’s Coordinated Enforcement Framework, which was set up in October 2020. The investigation has been prompted by an increase in the uptake of cloud services across the public sector, in part fuelled by the impact of COVID-19 and coupled with the realisation that many public bodies seeking to implement cloud technology may be at risk of breaching EU data protection legislation. We recommend that you keep an eye on our Privacy Matters blog for further reports on the investigation as it unfolds.

The UK government’s Department for Business, Energy & Industrial Strategy (BEIS) has updated its 2015 guidance on trialling automated vehicles (AVs) in public. The updated version of the guidance sets out clearer guidance on conducting trials safely and responsibly, improving trial transparency and how to engage with the public, authorities and other relevant bodies when planning trials. See also DLA Piper’s recent series "Man vs Machine: Legal liability in Artificial Intelligence contracts and the challenges that can arise".

Also of importance to the AV industry, the Law Commission of England and Wales and the Scottish Law Commission have issued a joint report recommending new laws to regulate AVs in Great Britain. The report has been produced following three rounds of consultation and hundreds of meetings with interested parties. It recommends a new statutory test to determine if an AV is ‘self-driving’ alongside the introduction of safety assurance schemes to be applied both before and after AVs are placed on the road. A summary of the report is also available.

The UK Artificial Intelligence Public-Private Forum, established by the Bank of England and the Financial Conduct Authority, published its final report highlighting the key findings of the Forum that over the course of a year discussed barriers to adoption, challenges and risks in relation to data, model risk and governance. The report provides examples of best practice of mitigating the risks identified and is intended to promote ongoing discussion of methods of safe adoption of AI in the financial services sector, noting that the discussion on the safe adoption of AI has only just begun.

As predicted in our first Digital Law Alert, the potential of quantum computing is coming increasingly into focus, as indicated by the launch of a UK consultation by BEIS on 14 February 2022 seeking views from the quantum research and business community and wider interested parties to inform the development of its quantum strategy. The consolation seeks input on technology adoption, the regulatory environment and the innovation ecosystem, amongst other things. The consultation closes on 10 March 2022.

For more information about any of the news referred to in this edition of Digital Law Alert please contact your usual DLA Piper Tech and Sourcing contact or email DigitalLawAlert@dlapiper.com.