Tech Policy Unit Horizon Scanner
08 October 2020
Welcome to our Tech Policy Unit Horizon Scanner. It is our monthly dive into the key tech policy and legislative developments around the world.
Digital finance dominates the global tech agenda this month with proposals for new and updated regulation in the EU, Nigeria and Abu Dhabi.
Meanwhile, data mobility issues remain a focus of the international agenda. Regulators in Europe and around the world are considering their responses to the Schrems II decision, and the EU and the US have reportedly already started negotiations to try to solve the issues that gave rise to the decision. Meanwhile, the UK and Japan have agreed, in principle, a free trade agreement which, according to press releases by the UK and Japanese governments, will contain provisions on data mobility and a prohibition on data localisation.
Governments all over the world are introducing and updating legislation in digital finance. Europe is leading the way with its far-reaching digital finance package, adopted by the European Commission on 24 September 2020. The agenda includes proposals to regulate digital operational resilience in financial services and a proposal to establish a harmonised regulatory framework for the administration, offering and trading of cryptoassets across the EU. Meanwhile, the Nigerian Securities and Exchange Commission issued a statement indicating its intention to regulate crypto assets, and the Abu Dhabi Global Market published a public consultation paper on proposed Electronic Transactions Regulations, aiming to give parties legal certainty about the enforceability of electronic signatures in the emirate.
Having considered the potential implications of a Biden-Harris administration on U.S. tech policy in last month's edition, we turn in this edition to the potential implications of a second Trump-Pence administration. Elsewhere, we discuss new rules for data breaches in the financial sector in China and competition law proposals in South Africa and New York.
Nigeria plans to regulate cryptocurrencies
Nigeria has become one of the world leaders in the adoption of and use of cryptocurrencies. With little to no legislation regulating the cryptocurrency market in Nigeria at present, the need to protect investors and create standards for ethical practices has, for months, been considered a priority for the Nigerian Securities and Exchange Commission (SEC).
On 14 September 2020, the SEC released a statement setting out its position regarding cryptocurrencies. It states that "crypto assets are securities, unless proven otherwise". Issuers and sponsors of 'crypto assets', as well as other types of 'virtual asset' will have to register their cryptocurrencies unless they can demonstrate that the asset falls outside of the definition or is exempt. Furthermore, regulatory guidelines will be imposed on those involved in the trading of 'virtual assets', including issuers and sponsors and any individual or corporate "whose activities involve any aspect of Blockchain-related and virtual digital asset services".
Reaction to the statement has been mixed with critics expressing concern that the statement will stifle the burgeoning cryptocurrency start-up market in Nigeria. Meanwhile, proponents have welcomed regulation as a way to increase consumer trust. More detailed guidance and regulations are expected to be issued by the SEC in the coming months.
For those interested in the cryptocurrency debate, we recommend a recent report in Clifford Chance's Talking Tech on central bank digital currencies and stable coins.
South African Competition Commission publishes paper on the future of competition regulation with an eye towards 'more inclusive digital economy'
The South African Competition Commission has released a report on Competition in the digital economy. The report focuses on creating more inclusive and contestable markets in South Africa, while touching on many of the now-familiar themes in this area, including the role of data in the digital economy and the risk of market tipping. The Competition Commission invited the public to comment on the report, with responses due by 31 October 2020.
In focus // What would a Trump-Pence second term mean for tech regulation in the US?
Last month we looked at what a Biden-Harris administration might mean for tech regulation – you can see that piece here. This month we look at the implications of a Trump-Pence second term. On the one hand, it's an easier task as we have a track record, but prediction is still a fickle game.
Earlier this year, in May, President Trump advocated paring back the "Section 230" immunity for online platforms from liability for user-generated content provided by the Communications Decency Act. Re-evaluating Section 230 immunity is an area of apparent bi-partisan agreement in principle, though the two sides are not aligned as to either the problem or the corresponding remedy. Both Biden and Trump want wider-ranging liability for online platform providers for user-generated content, backed up by stronger enforcement mechanisms. In President Trump's view, online platforms have come to wield immense power as they have grown into vital avenues of national discourse, and they should not be permitted to invoke Section 230's protections if they use their power to make bad faith, including pretextual or politically-motivated, content moderation decisions, which can have the effect of censoring lawful speech and promoting certain viewpoints over others. In September 2020, the Department of Justice delivered a proposal to Congress recommending legislative reform of Section 230 broadly along these lines, while also increasing liability for platforms that intentionally host content that violates federal criminal law.
The focus by President Trump on China is clear, and to some extent shared by Mr Biden. President Trump promises tax-credits for US companies and the objective of creating more manufacturing jobs in the USA on the domestic side, and there is every indication that a second Trump administration would continue to take a hawkish stance towards Chinese tech and telecoms companies in particular. The prospect of an aggressive de-coupling of supply chains from China could trigger a very big change in the structure of the global economy and be another step towards the creation of economic, regulatory and technical eastern and western poles of influence with greatly diverging approaches.
AI, space, digital health including tele-medicine and med-tech, and the expansion of rural broadband would be likely areas of a second Trump term's R&D and capacity building investment. There is likely to be considerable bipartisan support for digital infrastructure spending.
New York Legislature considers revamp of old antitrust laws with potential implications for Big Tech companies, as well as other market participants
The state of New York is considering legislation intended to ramp up its scrutiny of Big Tech companies, and potentially many other market participants. Earlier this summer, two New York state senators proposed significant legislative reforms to the state's antitrust enforcement statute. The proposed legislation, introduced earlier this summer as the 21st Century Antitrust Act, would for the first time empower New York state authorities to pursue unilateral conduct that allegedly restrains competition. Importantly, the Act, as drafted, could potentially reach a broad array of unilateral conduct that does not violate federal antitrust laws. The Act would also increase the potential criminal and civil liability for violations by companies and individuals. If passed as drafted, the proposed amendments would provide New York state prosecutors with stronger enforcement tools to challenge Big Tech companies, an objective of the bill's sponsors. Passage of the bill is not expected until early next year (if at all), but the amendment is gaining momentum.
For further information on the subject, please see Clifford Chance's recent briefing, "New York Senate Takes Aim at Big Tech with 21st Century Antitrust Act, Holds Hearing on Unfair Competition".
UK-Japan trade deal agreed in principle with a focus on digital trade
The UK and Japan have reached agreement in principle on the UK-Japan Comprehensive Economic Partnership Agreement (UKJCEPA). The UKJCEPA is expected to be largely based on the existing Japan-EU EPA (JEEPA) but there will be some notable differences. In particular, both sides have tried to draw attention to the tech aspects of the UKJCEPA. According to the UK government press release, the UKJCEPA includes "cutting-edge digital & data provisions that go far beyond the EU-Japan deal". In particular, provisions on efficient data transfer and protection, net neutrality and a ban on data localisation have been lauded by the UK.
The full text of the UKJCEPA is expected to be released this month.
Please see our Clifford Chance briefing, "Agreement in principle for the Japan-UK trade deal: a focus on tech and the digital economy".
New measures in China will require banks and payment institutions to report data breaches
On 15 September 2020, the People's Bank of China (PBoC) issued the Implementation Measures of the People's Bank of China on the Protection of Financial Consumers' Rights and Interests, which will take effect from 1 November 2020. The measures introduce a reporting duty on PRC-incorporated banking financial institutions and non-banking payment institutions for any data breaches. According to the measures, if any data breach may endanger the personal and property safety of financial consumers, companies subject to the new measures shall immediately report such incidents to the competent PBoC branch and notify consumers. For other data breaches, a report must be filed within 72 hours of becoming aware of the breach.
It is noted that the new measures do not impose restrictions on the export of consumer financial information. We expect this issue will be dealt with under other data protection legislation such as the PRC Cybersecurity Law (2016) as well as PBoC implementing measures to be promulgated separately.
European Commission publishes a digital finance package
The European Commission adopted a digital finance package on 24 September 2020. The agenda includes:
- wide-ranging proposals to regulate digital operational resilience in financial services, comprising a draft regulation ("DORA") alongside a proposed directive. For further information, we recommend an our detailed summary of the proposals, "Exploring DORA - The EU's proposed digital operational resilience framework for financial services";
- a proposal for the Markets in Crypto-Assets Regulation (MiCA) which aims to establish a harmonised regulatory framework for the administration, offering and trading of cryptoassets. Further information is set out in our Talking Tech article, "Let's talk crypto! The EU has published a proposal for the MiCA Regulation creating a pan-European regulatory regime for cryptoassets". We have also published an in depth analysis of European approaches to regulating Security Token Offerings;
- a pilot regime on distributed ledger technology market infrastructure; and
- a directive to clarify or amend certain related EU financial services rules.
Meanwhile, earlier this month, France's Finance Minister Bruno Le Maire tweeted that "private cryptocurrencies" such as Facebook's Libra should not be allowed in the EU. Only the European Central Bank should be allowed to issue money in the euro area. In his tweet he stated that this view was shared by the Finance Ministers of Germany, Italy, the Netherlands and Spain.
Please see our Clifford Chance briefing, "Central Bank Digital Currencies and Stablecoins – how might they work in practice?"
European Commission decides to appeal Apple decision
The European Commission will file an appeal at the Court of Justice of the European Union to contest the July ruling by the General Court annulling a 2016 State aid decision taken by the Commission regarding Irish tax rulings in favour of Apple. A statement issued by the Commission on 25 September said: "The General Court judgment raises important legal issues that are of relevance to the Commission in its application of State aid rules to tax planning cases. The Commission also respectfully considers that in its judgment the General Court has made a number of errors of law. For this reason, the Commission is bringing this matter before the European Court of Justice."
A statement issued by the Irish Department of Finance said: "The facts of the case, as established by the [General Court], demonstrate, as Ireland has always contended, that no State aid was given and that the Irish branches of the relevant Apple companies paid the full amount of tax due in accordance with the law."
Next steps following Schremes II
Following the July decision of the Court of Justice of the EU (CJEU) in the Schrems II case, which annulled the EU-US Privacy Shield, but validated standard contractual clauses (SCCs), European data regulators have said they hope to issue guidance in two months on how organisations should implement the ruling. The European Commission is also drafting revised SCCs to bring them into line with the EU’s General Data Protection Regulation and changes in the way companies export data.
Leading German business organisations have called on the EU and US to act quickly to negotiate an effective replacement for the Privacy Shield. In a joint letter published on 22 September, the associations urged the two sides to improve other data transfer tools, such as SCCs and urged authorities to publish consistent information on the level of data protection in third countries and to suspend sanctions until legal clarity on EU-US transfers is achieved.
Meanwhile, as a result of the Court ruling, the Irish Data Protection Commission reportedly issued a preliminary draft decision requiring Facebook to suspend any personal data transfers from the EU to its US parent, Facebook, Inc. Facebook has won the right to file for a judicial review of that decision.
On Clifford Chance's Talking Tech, you can find an up-to-date tracker of regulatory responses in the EU and US to the Schrems II decision.
Commission calls for joined-up apporach to 5G rollout
In her first State of the Union speech, Commission President Ursula von der Leyen called on Member States to boost fast network connectivity and develop a joint approach to 5G rollout. The Commission also issued a Recommendation on a common toolbox for reducing the cost of deploying very high capacity networks and ensuring timely and investment-friendly access to 5G radio spectrum. The Recommendation calls on Member States to identify and share best practices for the Toolbox by 20 December 2020. Member States should then agree on a list of best practices by 30 March 2021.
EU will proceed wiht a Digital Tax in 2021 if no agreement at OECD / G20
Commission President Ursula von der Leyen confirmed in her State of the Union address that the EU would go ahead with a digital tax if no agreement can be reached at international level: "We will spare no effort to reach agreement in the framework of OECD and G20. But let there be no doubt: should an agreement fall short of a fair tax system that provides long-term sustainable revenues, Europe will come forward with a proposal early next year."
European Parliament Special Committee on Artificial Intelligence up and running
The European Parliament's new Special Committee on Artificial Intelligence in a Digital Age (AIDA) held its constitutive meeting on 23 September 2020. The Committee will study the impact and challenges of rolling out AI and propose a roadmap with objectives for the EU in the field of AI and the steps that need to be taken to achieve them. Dragoș Tudorache (Renew, Romania) was elected Chair and the first full meeting will take place during the week of 26 October. The Committee itself will have an initial duration of twelve months.
The Committee's work will run in parallel to the preparations by the European Commission for a proposal for legislation on AI that is due to be published in the first quarter of 2021. A legislative proposal will need the support of the European Parliament to become law.
The UK government announces its National Data Strategy
On 9 September 2020, the UK government announced a set of initiatives setting in motion a potential rethink of the UK's regulation and rules governing the use of data. The headline is the release of the government's National Data Strategy, which provides a framework for government action on data regulation in the UK, and the launch of a consultation, inviting stakeholders to provide comments on the National Data Strategy by 2 December 2020. Following the consultation, the government will release proposals outlining the next steps early next year.
For further analysis of the UK government announcement, we recommend reading this report in Clifford Chance's Talking Tech, which provides a more detailed breakdown of the UK government's proposals. A briefing by Clifford Chance's team in Luxembourg also analyses the implications of a "no deal" Brexit on data transfers by EU-based entities to the UK.
UAE launches nationwise 'digital cash platform' with a view to phase out physical cash
Emirates Digital Wallet LLC, in partnership with 16 of UAE's national banks, has announced the launch of klip, a nationwide 'digital cash platform' in UAE, with a view to eventually phase out the use of physical cash in the country. klip does not require its users on the consumer side to have a bank account, but only that they are a resident of UAE and have a SIM card. klip operates in compliance with UAE Central Bank rules.
Abu Dhabi launches consultation on new e-commerce regulation
Abu Dhabi Global Market published a public consultation paper on its proposed Electronic Transactions Regulations, the purpose of which is to give parties to electronic transactions greater certainty. The regulation aims to update legal concepts for contracting entities, for example, around the use of e-signatures and the recognition of electronic records.
The deadline for comments is on 14 October 2020.
Why not subscribe to future editions of the round-up.
This publication does not necessarily deal with every important topic nor cover every aspect of the topics with which it deals. It is not designed to provide legal or other advice. Clifford Chance is not responsible for third party content. Please note that English language translations may not be available for some content.