newtech.law - legal aspects of new technologies

As anonymisation of data appears to the main method for escaping the restrictive regime of the General Data Protection Regulation, it’s worthwhile for data processers to be aware of the risks they may be exposed to if this is not done properly or the data can be traced back to specific people. Should firms applying artificial intelligence to anonymised data expect to be held liable when it turns out that the data they are using have not been permanently anonymised but only been given a pseudonym—a reversible operation?

Recent unofficial reports that Estonia is working on a possible initial coin offering for participants in the country’s e-Residency programme have sparked a debate on whether EU law permits a country in the eurozone to offer a cryptocurrency.

Smart contracts are no longer just a theoretical concept and are becoming a real tool used by lawyers (with some help from developers…).

For many people today, a life lived offline can hardly be imagined, but the internet still has many limitations. Access to information and easy communications have become the standard and basis for functioning of the society and the economy—and, it follows, a subject of interest to the law. Nonetheless, we more and more often sense the shortcomings of the current version of the digital world. These include digital exchange of value and universal electronic identification.

The City of London Corporation announced in October 2017 that it would establish a new court in London for dealing with cybercrimes. This will reaffirm London’s status as a world financial centre and the best place to run businesses and solve disputes. Other states are also considering establishing such courts. In our view, Poland should not fall behind and should set one up too.

Our firm has seen an increase in cybercrime litigation cases, particularly over the last two years. Examples are: manipulating e-mail correspondence in order to change the details of transfers of funds, phishing, security breaches in servers and theft of confidential data, attacks on devices connected to the internet, malware, thefts of cryptocurrencies on deposit with cryptocurrency exchanges and public wallets, and fraudulent operations of algorithms on various websites.

In February 2018 the EU’s Article 29 Data Protection Working Party published its Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679. The guidelines explore Art. 21–22 of the General Data Protection Regulation, and although the title may not indicate it, provide another element in the legal framework for development and use of artificial intelligence. They also show that this framework may be truly restrictive.