newtech.law - legal aspects of new technologies

On 8 April 2019 the European Commission published the Ethics Guidelines for Trustworthy AI, drafted by the High-Level Expert Group on Artificial Intelligence (HLEG AI), an independent body whose main task is to prepare these guidelines as well as recommendations on AI investment policy (work still underway).

A problem faced by programmers, politicians, and ordinary users is ensuring that artificial intelligence algorithms are not used inconsistently with their original aim. This issue has been raised numerous times in national reports prepared by individual EU member states, including Poland.

On 3 April 2019 the President of Poland signed into law the GDPR Implementation Act (full name: Act Amending Certain Acts to Ensure Application of the General Data Protection Regulation). Among several issues addressed controversially in the GDPR Implementation Act are the requirement to express consent to profiling and the catalogue of types of personal data that may be processed by suppliers of online services. This catalogue is set forth in Art. 18(1) of the Electronic Services Act. The original draft of the GDPR Implementation Act provided for repeal of that section, but during the course of legislative work on the act it was decided to leave the catalogue in place. This solution may conflict with the GDPR.

An interview with Daniel Bigos, Gabriel Dymowski, Marcin Lorenc and Piotr Żelazko, members of the DoxyChain team (formerly DigiDocs), which took second place in the Polish phase of the Global Legal Hackathon.

Justyna Zandberg-Malec: Your project took second place in the Global Legal Hackathon. What is your solution all about?

Marcin Lorenc: We proposed basing powers of attorney for litigation, and in the future also other documents, on the secure blockchain technology. Using our application, which we are now perfecting, it will be possible to appoint or dismiss an attorney, as well as manage the circulation of powers of attorney and access the history of operations. The principal will know where his authorisation was used and who is the actual attorney in the given case. Lawyers in Poland use the right of substitution, passing on the representation of the principal to a colleague, which means that the principal doesn’t always know for sure who is actually representing him. In turn, the attorney may not remember all the cases where he was appointed to represent the client. Our solution comprehensively resolves the problem of such documents.

On 25 March 2019, the president of the Personal Data Protection Office announced the imposition of the first-ever fine in Poland for failure to comply with the EU’s General Data Protection Regulation. The fine is quite high (about PLN 1 million) and involves noncompliance with the information obligation by a company that harvested personal data—addresses and telephone numbers of individuals operating businesses—from publicly available sources and then processed the data.

Cybersecurity Protocol for International Arbitration: Three international organisations—ICCA, the New York City Bar Association and CPR—are introducing best practice in protecting against cyber threats.

Cybersecurity is a particularly important element of the legal sector, including international arbitration. Digital exchange of information in arbitration proceedings involves, among other things, sensitive data of the participants in the proceedings, including the parties, arbitrators and arbitration institutions.

Failure to protect the exchange of information in cyberspace may result in leaking of sensitive information and abuse of confidential data by third parties. This can result in economic loss, damage to the reputation of the participants, as well as violation of the principle of fairness of the proceedings and the independence of arbitrators.