Header graphic for print

Global Media and Communications Watch

The International Legal Blog for the Tech, Media and Telecoms Industry

Posted in Copyright, Entertainment & Content Penny ThorntonDr. Nils RauerEva Vonau

Hyperlinking in Hamburg and Prague: How national courts apply GS Media

9251839_Text_images_jpgOn 8 September 2016, the European Court of Justice (CJEU) handed down judgment C-160/15 on the means of hyperlinking which caught quite some attention. It has become known as the GS Media decision (see our blog post). In essence, this CJEU judgment imposed new verification duties on commercial website owners who embed hyperlinks to third-party content in their web sites. A Swedish court was first to apply the new criteria (Attunda Tingsrätt, case ref.: FT 11052-15) and now, judgments in Germany and the Czech Republic which deal with the new set of considerations developed in Luxembourg have been handed down.

District Court of Hamburg

With its court order of 18 November 2016, the Regional Court of Hamburg decided upon a case where a link was embedded leading to a photo on a source website where the photo had been made available without meeting the license terms set out by the right holder. Specifically, the linked image featured an edited version of the original photo. The changes were not permissible under the applicable creative commons license.

The German court, in applying GS Media criteria, affirms that hyperlinking in this manner constitutes communication to the public within the meaning of Art. 3 (1) of the InfoSoc Directive 2001/29/EC and therefore classifies this hyperlinking as a copyright-relevant act. This is mainly because the owner of the website sold tutorial material through his website.

Continue Reading

Posted in Data Protection & Privacy Mark Parsons

“Cybersecurity Review” Takes Shape in China

shutterstock_293627249-300x300On 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures (“Draft Measures”) for public comment: the Draft Measures remain open for comments until 4 March 2017.  The Draft Measures are follow-on legislation to China’s Cyber Security Law adopted on 7 November 2016, which will take effect on 1 June 2017.

The background to the Draft Measures is that the Cyber Security Law requires that network products and services purchased by operators of “critical information infrastructure” (the definition of which is somewhat vague and unsatisfactory) must undergo national security review (“Security Review”) if such network products and services “might potentially have an impact on national security,” failing which such operators risk being ordered to discontinue use and/or being subject to quite stiff fines.

The Draft Measures bring China one step closer to implementing such Security Review regime.  How this regime will look has been a major area of concern for foreign investors, especially due to concerns that the new Security Review process might be skewed in favour of “local” manufacturers and thus become a back door means of imposing essentially protectionist policies.

China’s proposed Security Review regime potentially impacts both (1) the businesses who are manufacturers of network products and providers of network services, as well as (2) the users, or prospective users, of such products and services.  While the Draft Measures give some shape to the process of Security Review, as drafted they leave a number of critical questions unanswered.

Click here for our full briefing on the Draft Measures.  Our in-house unofficial English translation of the Draft Measures is available free-of-charge upon request.  Please reach out to Mark Parsons or your normal contact at our firm for a copy.

Posted in Data Protection & Privacy Eduardo Ustaran

ICO Turns Spotlight on Data Broker Industry

shutterstock_187697849-150x100Data brokers are organisations that obtain data from a variety of sources and then sell or license it to third parties. Many trade in personal data, which is purchased by their customers for several purposes, most commonly to support marketing campaigns. In 2012, data brokers’ trade in personal data was reported to have generated over $150 billion in revenue.

The UK data protection regulator (the “ICO”) has for some time been actively enforcing against organisations who buy individuals’ personal data for direct marketing purposes without first conducting appropriate due diligence to ensure that those individuals have adequately consented to receiving marketing communications.

In October 2016, the ICO imposed a £20,000 fine on Rainbow (UK) Limited, a lead generation company, for precisely this reason. In its monetary penalty notice, the ICO set out a suggested list of questions that organisations should ask the data broker in these circumstances:

  • How and when was the consent obtained?
  • Who obtained it and in what context?
  • What method was used – e.g., was it opt-in or opt-out?
  • Was the information provided clear and intelligible? How was it provided – e.g., behind a link, in a footnote, in a pop-up box, or in a clear statement next to an opt-in box?
  • Did it specifically mention texts, emails, or automated calls?
  • Did it list organisations that would be provided the information by name or by description, or was there consent for disclosure to any third party?
  • Is the seller a member of a professional body or accredited in some way?

Continue Reading

Posted in Internet, Telecoms & Broadband

Q&A with Joshua Gans, author of “The Disruption Dilemma”

Your recent book “The Disruption Dilemma” examines how disruption can destroy even the best managed corporations. The case studies in your book – the mobile phone industry disrupted by Apple, Blockbuster’s store-based video business disrupted Netflix – show that disruption is not a single phenomenon, and that there’s no single strategy for dealing with it. The case studies involving Fujifilm and Canon show that not all firms need to end up like Blockbuster. The main challenge, however, is that a disruptive product may initially be of inferior quality to existing products, making it difficult for an established firm to offer the disruptive product to its customers. This leads to a dilemma for incumbent firms, and to opportunities for outsiders.

Q: Are law firms threatened by disruption?

A: Law firms should recall the mobile phone industry. Incumbent cellphone-manufacturing firms were structured around the various components in the cell phone: antennas, screens, processors, compression technology, etc. They innovated, and excelled in each of the individual components. But Apple’s iPhone introduced a major change in architecture. Initially, the components in the iPhone weren’t as good as those of the incumbent phone makers. But the change in architecture led to a shift, a disruption from the demand side, which ultimately led to the demise of several major cellphone companies. Law firms should pay attention to this. A law firm’s “components” might be its various silos of legal specialties: IP law, M&A, competition law, litigation. Most law firms focus on excelling in their respective silos. The “architecture” may be how the legal services are knitted together for clients. I haven’t studied the legal business in detail, but one conclusion I could make is that firms with the best “components” do not always win out when there is a shift in architecture.

Click here to read the full article, as published in our Global media and Communications Quarterly.

Click here to watch the video.

Posted in Internet, Telecoms & Broadband Paul OttoTimothy Tobin

NTIA Highlights Promise and Policy Challenges of IoT, Seeks Additional Comments

shutterstock_427841137On January 12, 2017, prior to the new administration taking power, the National Telecommunications and Information Administration (NTIA) within the Department of Commerce (Department) released a Green Paper on “Fostering the Advancement of the Internet of Things,” which assesses the technological and policy landscape of the Internet of Things (IoT). The Green Paper is expansive in scope, reflecting the broad range of issues raised in comments submitted by stakeholders in the private sector, academia, government, and civil society following NTIA’s April 2016 request for public comment. The Green Paper identifies key issues, and provides recommendations and assessments on the potential benefits and risks that IoT portends. The NTIA identifies cybersecurity, privacy and cross-border data flows as the most significant policy issues. It also proposes four principles for future policy engagement in which the Department would play a central role in creating conditions that would foster IoT growth. The agency also requested additional comments on the issues raised by the Green Paper.

IoT Brings a New Paradigm, but Government Engagement Should Be the Same

NTIA concludes that IoT represents a significant departure from previous technologies in its scope, scale, and the stakes involved. Because the opportunities and challenges offered by IoT will be unlike any that society has dealt with before, the interruption of connectivity will likely present more urgent challenges. Such interruptions could affect the performance of medical devices or the reliability of a supply chain, or even cause physical destruction in more expansive ways than prior interruptions of connectivity.

Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Increases Fines for Violations of Data Protection Laws

shutterstock_387241471-150x150On 7 February 2017, the Russian President signed into law a bill (link in Russian) introducing amendments to the Russian Code on Administrative Offences that increases the amount of the fines imposed for violating Russian data protection laws and differentiates the relevant offences’ types. The greatest increase raises maximum fines for certain violations from RUB 10,000 to 75,000 (approx. USD 170 to 1,260). The law will come into force on 1 July 2017.

The increase of fines for violating data protection rules has been long discussed due to the relatively low maximum fines available under current law: RUB 10,000 (approx. USD 170) for legal entities. Critics commented that data operators often chose to knowingly violate the law and pay the relatively insignificant fine instead of complying with Russian data protection rules.

The Law increases the amounts of fines and differentiate the types of offences as follows:

Continue Reading

Posted in Policy & Regulation Andrew McGintyMark ParsonsNolan Shaw

China moves to implement security review of network products and services: but leaves foreign investor and manufacturer concerns unanswered

tablet2BEOn 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures (“Draft Measures“) for public comment: the Draft Measures remain open for comments until 4 March 2017. The Draft Measures are follow-on legislation to China’s Cyber Security Law adopted on 7 November 2016, which will take effect from 1 June 2017.

The background to the Draft Measures is that the Cyber Security Law requires that network products and services purchased by operators of “critical information infrastructure” (the definition of which is somewhat vague and unsatisfactory) must undergo national security review (“Security Review“) if such network products and services “might potentially have an impact on national security”, failing which such operators risk being ordered to discontinue use and/or being subject to quite stiff fines.

The Draft Measures bring China one step closer to implementing such Security Review regime. How this regime will look has been a major area of concern for foreign investors, especially due to concerns that the new Security Review process might be skewed  in favour of “local” manufacturers and thus become a back door means of imposing essentially protectionist policies.

Continue Reading

Posted in Copyright, Entertainment & Content Nathaniel BoyerDori Ann Hanswirth

Paul McCartney chants ‘Get Back’ again – The Future of Copyright Termination

recdeckBEThe US Copyright Act of 1976 allows artists, writers, and musicians to “get back” grants of copyrights that had been previously licensed or assigned away. Specifically, artists can “terminate” their copyright arrangements simply by serving notice upon the grantee between 46 and 59 years after the date that the rights were granted.  This means that, for the hit songs of the 1960s and 1970s, the window during which copyright termination notices may be served is now upon us—and, of course, litigation sometimes follows.

Sir Paul McCartney served just such copyright notices on Sony, seeking to recapture his rights to some of the world-famous works that he created with The Beatles and as a solo artist. Then, last month, Sir Paul sued Sony in a New York federal court, seeking a declaratory judgment that his termination notices were effective and enforceable.  He appears to have filed this pro-active action in attempt to avoid the fate of Duran Duran, who one month prior suffered a significant setback when a UK court ruled that the service of US copyright termination notices constituted a breach of contract under UK law.

Copyright Termination Under US Law

The US Copyright Act of 1909 allowed authors one initial 28-year copyright term, renewable for another 28 years. It was rewritten in 1976 – its first major overhaul since 1909.  The Copyright Act of 1976 contains two provisions allowing authors to terminate grants of copyright assignments and licenses after a period of time.  The first provision, Section 203, applies to works created after January 1, 1978.  The second provision, Section 304, applies to works created before 1978, but still subject to copyright as of 1978.  Section 203 allows authors to serve a notice of termination between 25 and 38 years after the initial grant, thus creating a 13-year “termination window.”  Section 304 grants of pre-1978 copyrights may be terminated during a five-year period beginning 56 years after the grant.  Under Section 304, the author must serve notice in advance, between ten and two years before the termination date.

Continue Reading

Posted in Digital Single Market (EU) Peter WattsWinston MaxwellMathias SchöenhausDina JubrailDr. Nils RauerMarco Berliri

DSM webinar highlights tax, competition law, copyright, AVMS and data economy issues for 2017

EU-FlagIn a February 7, 2017 webinar, the Hogan Lovells Digital Single Market (DSM) team presented its take on new developments for 2017. Peter Watts introduced the session by warning that the loss of the UK voice in EU policy making could lead to rules that are less sensitive to business needs. Marco Berliri commented on the challenges currently facing large e-commerce clients and why a single market would bring significant benefits: “There are too many authorities to deal with. Some of our online clients have to deal with 10 different consumer protection authorities or data protection authorities, without a consistent approach and without giving businesses the possibility to adopt a common solution that works for all.” Tax counsel Mathias Schönhaus referred to tax authorities’ desire to impose VAT on “free” online services, on the ground that the services are not really free. Schönhaus said this approach is short-sighted and would logically require taxation of other offline free services such as free newspapers. Competition lawyer Dina Jubrail described Margrethe Vestager’s balanced approach to big data in competition cases. According to Jubrail, “the Commission is approaching situations on a case-by-case basis. The accumulation of data can lead to potential competition law problems, but this is certainly not always the case.”

Continue Reading

Posted in Copyright, Digital Single Market (EU), Policy & Regulation Penny ThorntonDr. Nils RauerEva Vonau

EU Commission agrees new rules allowing Europeans to watch online content services across EU borders

shutterstock_343992422On 7 February, negotiators for the European Parliament, Member States and the Commission agreed the proposal for a regulation on EU cross-border portability of online content services. This is the first agreement relating to the modernisation of EU copyright rules proposed by the Commission as part of the Digital Single Market strategy.

Under the new rules, which will come into force at the beginning of 2018, service providers of paid-for online content must enable subscribers to access and use the online content service when they are temporarily in another Member State. So, for example, when subscribers to Netflix or Spotify are travelling in Europe, on holiday or on business, they will be able to access content on those services in the same way they access those services when they are at home. Provided the online service provider has acquired the necessary rights and licences in the country of residence of the subscriber, the service provider will be deemed to have all the rights needed to provide access to the service to that subscriber in other EU Member States.

Since the draft regulation was first published on 9 December 2015 (see our blog), quite intense discussions have taken place as to what “temporary” shall mean and how the right holders could verify that a subscriber is indeed accessing the online content whilst being temporarily travelling abroad. Concerns have been vocalised particularly on the basis of privacy and data protection law. The answer now given by the commission is that what matters and what can be reasonably verified is the subscriber’s Member State of residence, not his actual position. In this context, recital 23 is fairly instructive:

Continue Reading