newtech.law - legal aspects of new technologies

For over five years, including within this blog, we have written about the changes in application of anti money laundering and counter terrorist financing (AML/CFT) regulations to activity involving crypto assets. But further legal changes and notable new interpretations continue to arise.

As I wrote nearly a year ago, at the request of the G20 countries the issue of crypto assets was taken up recently by several key global organisations involved in establishing standards in specific fields. One of them is the Financial Action Task Force (FATF), an international organisation appointed to develop and assist in implementing and monitoring standards for combating money laundering, financing of terrorism, and financing of the proliferation of weapons of mass destruction.

Recently the Kraków branch of the General Directorate of National Roads and Motorways (GDDKiA) held social consultations on issuance of a permit to conduct research in the form of a test drive of an autonomous car. Such consultations are required under Art. 65l of the Road Traffic Law of 20 June 1997.

According to an announcement from GDDKiA, the aim of the test drive is to study certain aspects of operating an autonomous car under actual traffic conditions (not artificial conditions). The tested car previously underwent a range of simulations, but now must be tested in road conditions.

On 17 June 2019 the president of Poland’s Personal Data Protection Office (UODO) issued the Communication on the List of Personal Data Processing Operations Requiring an Assessment of the Impact of Processing on the Protection of Personal Data. The legal basis for issuance of the communication is Art. 35(4) of the EU’s General Data Protection Regulation, under which each member state’s supervisory authority must establish and publish a list of the kinds of processing operations which are subject to the requirement for a data protection impact assessment. At the same time, the prior list, enclosed with the communication of 17 August 2018, was repealed. The new list reflects the opinion issued by the European Data Protection Board and covers personal data processing activities connected with offering of goods and services to data subjects or monitoring of their behaviour in multiple EU member states.

The third post-hackathon interview: After InteliLex and DoxyChain, it’s time for bSure, the team that took third place in the Polish phase of the Global Legal Hackathon.

Justyna Zandberg-Malec: During the hackathon you worked on an application that points out to freelancers contractual provisions that are disadvantageous to them. Where did you get this idea?

Sabina Łobocka: A colleague who wasn’t taking part in the hackathon suggested it to me (and allowed us to use it). He was signing a contract with a residential real estate developer and didn’t entirely understand all the clauses. It took him a long time to check whether any of the clauses were unfavourable to him. That’s why we thought of an application that ordinary people could use to protect against irregularities and negative legal consequences for them.

Last year I proposed that Poland should take a broader approach to the issue of regulatory sandboxes, not merely copying solutions adopted in other countries. Now we see the first steps towards creation of multi-sectoral (not exclusively financial) regulatory sandboxes.

The trend started by the Financial Conduct Authority in the UK of creating regulatory sandboxes for the financial sector has spread around the world, including Poland. Although many voices from major jurisdictions, such as the United States and Germany, are skeptical, this solution undoubtedly has its advantages. Market participants usually rate this concept very highly, even if in reality the sandbox does not deliver immediate regulatory benefits (for example, it does not enable limited operation of regulated activity without a licence, which would be difficult in EU member states due to the harmonised regulatory regime).

The bill to amend the Criminal Code currently being processed (Sejm print no. 3451) is generating lots of controversies. For persons involved in FinTech, the draft of the proposed new Art. 279a of the Criminal Code is particularly interesting. It is another attempt to define new forms of commission of offences on financial markets for purposes of the criminal law. This attempt once again demonstrates what a difficult task faces lawmakers.

The problem is not new. Progress in digitalisation is accompanied by dynamic growth in various types of digital assets. The law does not keep pace with this development, and consequently is unable to ensure adequate protection to participants in digital economic exchange. This makes it necessary to adapt the existing regulations to suit the realities of the new economy.