newtech.law - legal aspects of new technologies

For a long time, much has been written about artificial intelligence in the legal profession. We discussed various types of solutions in this area on our blog. One is predictive analytics, i.e. using algorithms to anticipate the judgments that will be issued by a given judge under a given state of facts. Such tools rely mainly on an analysis of rulings issued in the past and draw various types of conclusions from them, e.g. with respect to the chances for prevailing in a dispute.

Along with a recent reform of the justice system in France, a ban was recently introduced against using data concerning the identity of judges to evaluate, analyse, compare or predict their actual or supposed professional practices. Violation of this ban can lead to up to five years in prison.

The Principality of Liechtenstein will become one of the first countries with its own act on trusted technologies, approved by the Liechtenstein parliament at the first reading on 6 June 2019.

As reported by local newspapers Volksblatt and Liechtensteiner Vaterland, the parliament of this small Alpine state approved a new act on trusted technologies, and Prime Minister Adrian Hasler and his team thus achieved their aim. For nearly two years the government of Liechtenstein has been working on ensuring that the country becomes a global pioneer in blockchain technologies.

Recently counsel, arbitrators and potential parties to proceedings have been examining with interest attempts to streamline arbitration using blockchain technology. We mentioned this in our 2018 report for Rzeczpospolita (in Polish), but in the industry so much is happening around “blockchain arbitration” that the issue deserves more attention.

Currently there are at least ten projects around the world, at various phases of realisation, using blockchain to automate alternative dispute resolution at least to some degree. There isn’t room here to describe them all in detail, but Kleros, CodeLegit (discussed also in our earlier publication), Juris and Oath seem particularly noteworthy. We examined what problems they may entail from a legal perspective. All of the comments below are based on publicly accessible materials (such as project websites and whitepapers), but are limited as these projects have not yet been thoroughly tested by end users (tests of beta versions are underway for some of them).

Ireland’s Data Protection Commissioner has commenced the first proceeding against the US giant Google since the General Data Protection Regulation entered into force. The case involves processing of users’ personal data for delivery of profiled ads.

The case was launched following numerous complaints, primarily from the makers of the Brave web browser, whose main selling point is built-in ad-blocking tools. The allegations against Google Ireland Ltd boil down to the issue of forwarding users’ personal data (particularly involving their online activity), without their knowledge, to an indefinite number of entities for the purpose of delivering profiled advertising materials.

Financial technology (FinTech) has been one of the hottest technology areas for several years. It has attracted much attention in Poland as well, particularly due to the successes to date of local FinTech start-ups.

This topic picked up additional steam when a financial innovation working group was appointed at the Polish Financial Supervision Authority (KNF), and then the FinTech Department was opened at the KNF Office. With its Innovation Hub programme, the department has contributed to creation of a positive atmosphere around FinTech in Poland.

We recently wrote about the first fine for noncompliance with the General Data Protection Regulation imposed by the president of Poland’s Personal Data Protection Office. Data protection authorities in other EU member states are also displaying notable initiative in conducting inspections and imposing fines. A few days ago the Information Commissioner’s Office in the UK imposed a fine of GBP 120,000 on a television production company for failing to provide adequate information to subjects who were filmed and recorded by devices at a healthcare facility, and failing to obtain their consent to film and record them. The case involved occurrences between July and November 2017—before the GDPR entered into force—but may nonetheless prove relevant for interpreting the obligations imposed on data controllers under the GDPR.