LawBytes deals this week with the new Indian data protection bill, the draft ICO regulation of the Philippines and the CJEU on un-authorized reposting.
Privacy – New Indian draft data protection bill
India is moving forward towards its own data protection law as the dedicated committee set up by the central government has finally submitted its report suggesting a legal framework for safeguarding personal data, defining data processors’ obligations and mooting penalties for violation as well a draft of the legislation on data protection: the Personal Data Protection Bill, 2018.
The proposed legal framework encompasses the European approach and recognizes the GDPR as “the vanguard of global data protection norms” providing for a right to be forgotten in line with EU data privacy laws.
The draft also seeks to benefit the development of Indian digital industry introducing a provision whereby the government can notify categories of personal data as critical data, which would be only stored in India.
This new legislative effort confirms that the protection of personal data represents a key factor for empowerment, progress and innovation.
BlockChain – Philippines issue rules on ICO
The Securities and Exchange Commission (SEC) of the Philippines has recently published its draft version of the Rules and Regulations Governing Initial Coin Offerings (ICOs).
The Rules govern the conduct of ICOs wherein convertible security tokens are issued by start-ups and/or registered corporations organized in the Philippines or ICOs targeting Filipinos.
It is interesting to notice that the proposed text puts the burden of proof on the proponents, assuming that tokens issued in all ICOs are securities by default, unless the issuers can prove otherwise.
The draft is now up to public discussion, but with this regulatory move Philippines join the worldwide regulation rush aiming to become the next hotspot for blockchain and cryptocurrency companies which without any doubt will disrupt key business sectors in 2018.
Copyright – CJEU judgement on un-authorized reposting
On 7 August 2018, the European Court of Justice (CJEU) ruled that the re-posting of content already available on a third-party website may be an act of communication to the public within Article 3(1) of the InfoSoc Directive.
Notably, in its decision the CJEU held that
“The posting on a website of a photograph that was freely accessible on another website with the consent of the author requires a new authorization by that author “.
The CJEU observes that such posting must be distinguished from the making available of protected works by means of clickable link leading to another website on which the initial communication was made (i.e. linking) and states that it is of limited importance if the copyright holder does not limit the ways in which the photograph may be used by Internet users.
This decision may affect the lawfulness of certain online practices and therefore the level of liabilities that may arise from such practices should be carefully assessed.