Editorial Director: Giusella Finocchiaro
Web Content Manager: Giulia Giapponesi

The European Court of Justice has recently been called on to rule on the use of the Internet and more specifically, of so called free wifi networks (namely wifi networks not protected by passwords), which are often used by Internet users who violate copyright rights, in taking advantage of the anonymity guaranteed by the net.

With its decision of the 15th September 2016 regarding lawsuit C-484/14, the Court of Justice ruled in favour of the acquittal of the administrator of a local wireless network, which was free and accessible without authorization, and which had been used by a user for the online distribution of a piece of music without the consent of the copyright holders.

Acknowledging Internet access services to be a service in the information society, which simply consist in the provision of access to a communication network, the Luxembourg Court adjudged the wifi network administrator to be exempt from all liability in accordance with Directive 2000/31/EC. As in the case of hosting service providers, the latter is in fact under no obligation (nor does he have the concrete means) to have any knowledge of and monitor information transmitted by his network.

However, keeping the necessary balance between fundamental rights (in the present case, the freedom to do business and copyright), the Court further stated that national judicial authorities may require service providers to put a stop to copyright violations or to prevent them, provided that the technical measures necessary to achieve this do not excessively restrict the provider’s freedom to do business.

According to the Court of Justice, protecting wifi networks with a password represents a technical measure which “in no way prejudices the essential content of the rights” of access service providers and at the same time, is appropriate for protecting copyright “insofar as network users are obliged to reveal their identity and cannot therefore act anonymously”.

 

 

The Italian Government has signed an agreement with the Chinese e-commerce giant in order to promote the excellence of Italian agricultural products and to fight against the phenomenon of counterfeit produce.

The agreement will enable Italian producers to satisfy the increasing demand for typical Italian products on the Chinese platform, which counts over 430 million consumers. The agreement aims at guaranteeing our Italian brands with a high level of protection against the counterfeit products market. This is also an important result in light of the fact that for decades the WTO has been searching for an adequate form of protection, which in this case has been achieved with a private company in the space of just a few months.

Since last year it has no longer been possible to find counterfeit Italian agricultural produce and foodstuffs on the Chinese website, which has prevented the monthly sale of 99 thousand tonnes of counterfeit Parmesan cheese, 10 times more than the production of the authentic cheese itself, and the sale of 13 million bottles of Prosecco which did not originate from the Veneto Region (in Italy). Italy is currently the only country on Alibaba, which has granted the same level of anti-counterfeit protection to DOP and IGP products as that provided for commercial brands. A level of protection which under this agreement is extended from the b2b platform, accessible solely to companies, to the b2c platform, consequently assuring that those 430 million Alibaba website users will be able to purchase genuine “Made in Italy” products.

The Ministry of Agriculture has set up an operational task force at the Anti-Fraud Inspectorate with the aim of identifying and reporting counterfeit products on a daily basis. The ads are removed within 3 days and the vendors are informed that they are violating Italian geographical indications and designations of origin.

We should point out that Italy has also invested in the promotion of Italian wine and food on the Chinese e-commerce platform. With this agreement Alibaba has undertaken to instruct both vendors and consumers on the importance of geographical indications and designations of origin in the food industry.

 

 

posted by admin on luglio 15, 2016

Right to oblivion

(No comments)

The Italian Data Protection Authority (DPA) has rejected an appeal by an ex-terrorist, who had requested the de-indexation of web pages reporting serious crimes he had committed between the end of the 1970s and the beginning of the 1980s.

Having served his sentence, in 2009 the man had requested Google to remove a number of URLs and search suggestions shown by their “autocomplete” function, which, when typing in the man’s name and surname, called up the term “terrorist”.

Given that Google took no action regarding the claimant’s request, the ex-terrorist turned to the Italian DPA complaining that the continued presence on the Internet of contents dating so far back in time and which were a misrepresentation of his current way of life, was causing serious harm both to his personal and professional life. Maintaining that he was not a public figure but a free citizen, the claimant demanded the right to be forgotten.

The DPA rejected his appeal on the grounds that the information, for which de-indexation was requested, refers to particularly serious crimes that come under those indicated in the Guidelines on the implementation of the right to be forgotten adopted in 2014 by the European Privacy Authorities; crimes for which requests for removal require more stringent evaluation.

The DPA further emphasized that in the case submitted, all the information has acquired historical value and is in the public mind. Indeed it refers to one of the darkest periods of recent Italian history, during which the claimant had not only been a supporting actor but had essentially played a leading role.

Moreover, despite the considerable length of time, which had passed since the circumstances in question, there is still a very high level of public interest in that period of time and those events, as demonstrated by the topicality of the references accessible through the same URLs.

Therefore, declaring that it was of paramount importance for the public interest to have access to the information in question, the DPA adjudged the request for removal of the URLs indicated by the claimant and indexed by Google to be unfounded.

 

 

Hosting providers are not to be held liable for any offences committed by their users nor are they required to remove contents at the request of subjects who claim to be injured parties. The Court of Grosseto relieves Tripadvisor from all responsibility for negative reviews by members of its community.

In judgment no. 46 of 2016, the Court of Grosseto established that providers of services such as Tripadvisor are to be considered as hosting providers and for this reason are not to be held liable for offences committed by their users.

The case was brought by a hotel in the Argentario area, which pressed charges against the travel portal in 2013 for publishing a negative review that the hotelier considered to be false and defamatory. In the opinion of the plaintiff, Tripadvisor was jointly liable for defamation, as it did not prevent the publication of the review, remove the review promptly enough following its being notified and also as it failed to agree to communicate details of the reviewer.

By rejecting the hotelier’s application, the Court of Grosseto established that the platform acted in compliance with Italian legislation. According to the judge what is important when defining a hosting service is the role played in relation to published contents: in the case in question the portal does not interfere with the contents of reviews and therefore cannot be considered liable.

With regard to the plaintiff’s grounds, the Court clarified that Tripadvisor simply qualifies as a hosting provider, despite having implemented automated filters to prevent the publication of explicitly inappropriate or fake reviews, as provided for by its privacy policy. Furthermore, the judge specified that platforms which publish user generated contents (Ugc) or contents provided by users, may at their discretion remove such contents, but are under no obligation to do so at the request of subjects who consider themselves injured parties, as the judiciary is the only competent authority to ascertain the possible defamatory nature of contents.

 

 

On the 2nd of May 2016 a draft law was submitted to the Chamber of Deputies of the Italian Parliament, which aims at “regulating digital platforms for the sharing of goods and services”, and at “promoting an economy based on mutual sharing”. The purpose is to regulate the so-called sharing economy through an across-the-board approach to different professional areas.

Italy would be the first country to regulate this booming economic sector, which includes such by now notorious services as Uber (now prohibited in Italy) and AirBnB.

The draft text is the result of eighteen months’ work carried out by the Parliamentary Intergroup for Technological Innovation. Article 1 lays down the law’s objectives, while Article 2 clarifies the definition of “sharing economy”, establishing that services for which providers determine a fixed charge are not to be included. Article 3 calls for sharing platforms to register with a national electronic register kept by the Italian Antitrust Authority. With the creation of an electronic register, platforms will have to obtain the approval of the Authority, whose task it will be to evaluate inconsistencies and possible infringements (or acts of unfair competition against the traditional sectors).

However, it is principally the fiscal aspect, which the draft law aims to regulate. The new regulation provides for 10% taxation on the revenue generated by platforms, up to a maximum of 10,000€ per year, which can also comprise sums for different services. The obligation for payment of the taxes would lie with the platforms themselves, which would be required to withhold the amounts due from the takings of registered customers, thus acting as withholding agents. On exceeding the threshold of 10,000€, the income made by platforms will be considered as actual earnings, to be added to those already made. New rules have also been provided for payments, which must henceforth only be carried out by digital means.

The signatories of the draft law expect this operation to raise tax revenue from 150 million € to 3 billion € by 2025.

The draft law has started its approval procedure at the Joint Parliamentary Commissions of Transport and Productive Activities.

posted by admin on giugno 1, 2016

Copyrights

(No comments)

The Italian Antitrust Authority has submitted an opinion to the Italian Parliament and Government, in which it warns that SIAE’s current monopoly of the management of copyright restricts both the ability of other market operators to do business and users’ freedom of choice.

In a communication on the implementation of Directive 2014/26/EU by the European Parliament and the Council on the collective management of copyright in the internal market, the Antitrust Authority emphasised that the core of the Directive is based on freedom of choice and that it specifically provides rightsholders with the right to decide their choice of collective management organisation “(…) irrespective of the Member State of nationality, residence or establishment of the collective management organisation, the other entity or the rightholder (…)”.

The Antitrust Authority has remarked that in an economic climate characterized by significant technological changes, the preservation of a legal monopoly appears to be in contrast with the aim of enabling rightsholders to operate a free choice from a range of operators. According to the Authority, “the merit and the very rationale of the European legal framework are severely compromised by the presence within (Italian) national legislation, of the regulation contained in art. 180, law 22 April 1941, no. 633 (Italian copyright law), which is now a solitary case compared to other Member States’ legislations, in reserving to a single organisation (SIAE) the management activity regarding copyrights”.

The Antitrust Authority stresses that the implementation of the Directive offers the opportunity to open up the market to competitor organisations in the field of copyright management. However, the draft law approved by the Chamber of deputies and currently under discussion before the Senate, which delegates the Government to implement European directives and carry out other acts of the European Union (the 2015 European delegation law), does not expressly provide for any specific action on SIAE’s status as a legal monopoly.

Therefore, the Authority hopes that action aiming at liberalisation should be integrated by an overall reform of the procedures of copyright management listed in the Copyright law, without overlooking a review of the role and the function of the SIAE in today’s changed climate.

* SIAE is the acronym for the Italian Society of Authors and Publishers (Società italiana degli Autori e Editori).

 

 

posted by admin on maggio 9, 2016

digital identity

(No comments)

THE ITALIAN DPA HAS RULED IN FAVOUR OF THE APPEAL BY A USER, TO WHOM FACEBOOK HAD NOT GRANTED A BAN ON FAKE PROFILES CREATED TO HIS DETRIMENT

Facebook will be accountable for fake profiles created on its platform and offer full cooperation and transparency. In the last few days the Italian DPA has published a provision from last February concerning a dispute between a well-known doctor from Perugia and Facebook Ireland Ltd. The complaint presented in November 2015 and originated from an attempt at extortion carried out on the pages of the famous social network.

The doctor had been the victim of activities amounting to threats, attempts at extortion, impersonation and the unlawful breaking into a computer system by a Facebook user, who, after requesting online friendship and obtaining acceptance from the doctor, started an “electronic correspondence with him, which at first was of a confidential nature, but which subsequently aimed to pursue criminal ends”. The criminal had created a fake account using photos and personal data of the Perugia doctor and had attempted to blackmail him with threats of sending obscene photomontages showing child pornography material to friends, acquaintances and colleagues. The doctor, who had not given in to these blackmail attempts, asked Facebook to take appropriate steps to eliminate the fake profiles and to provide him with all the relevant information necessary to limit as quickly as possible the damage suffered by his image.

According to the doctor’s lawyers, Facebook did not take the appropriate action on the matter, not granting satisfactory and complete access to the required data. In particular, Facebook simply made available through its “download tool” service a set of data, which were not clearly intelligible as they only referred to code numbers. Furthermore, the data set was incomplete as it simply referred to data from the claimant’s valid Facebook account and did not include data processed by the fake account and shared on the social network.

Therefore, the DPA established that Facebook Ireland Ltd, which is in possession of the information required by the doctor, must communicate “to the claimant in an intelligible form all data relating to him that are held with regard to the Facebook profiles opened in his name”. The social network must close down the fake profile in order to facilitate any possible investigation into establishing the identity of those responsible for the attempt at extortion.

Following the expiry of the thirty day term to comply with the DPA’s provisions, Facebook will have about two weeks to file opposition before the Court of Perugia, failing which the penalty will consist of a fine and up to two years’ imprisonment.

 

 

posted by admin on maggio 9, 2016

E-commerce and contracts

(No comments)

The fifty-third session of the Working Group on Electronic Commerce of the United Nations Commission on International Trade Law (UNCITRAL) will be held in New York, from 9th to 13th May 2016.

The Working Group’s activity will once again focus on “electronic transferable records”, with particular reference to current operating practices and related legislative issues. During the session there will be an analysis of the international draft provisions on the matter, which have been drawn up by the Secretariat on the basis of the deliberations of previous meetings.

As usual, the session was attended by Full Professor Giusella Finocchiaro as President of the Working Group and representative of the Italian Government at UNCITRAL. For further information please consult the section covering Working Group activities on the UNCITRAL website.

 

 

posted by admin on aprile 22, 2016

Privacy

(No comments)

On the 14th of April 2016, more than four years after the European Commission proposal, the European Parliament approved at second reading the Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

The incessant technological progress of the last few years, the result product of an information society which has become increasingly more intrusive in people’s private lives, had on the one hand highlighted the inadequacy of European data protection legislation Directive 95/46/EC, formulated in the first stages of the digital revolution and on the other underlined the regulatory fragmentation that the implementation of the Directive had caused in the Member States. Thus, the Regulation meets the long awaited need to reform the legislation on personal data protection extending the number of rights for data subjects compared to those provided by the Directive and to bring into line the different legislations of the Member States, as a means to also strengthening the internal European market. In that sense the choice of the European legislator to adopt the instrument of the Regulation is a significant one in that, in contrast with the Directive it does not require acts of transposition, as it can be directly and identically applied in each Member State.

Among the most significant recommendations introduced by the Regulation, of particular relevance seems to be the new local scope of application in accordance with art. 3. Directive 95/46/EC previously provided for the regulation to be applicable by means of the national legislations when personal data were processed in the framework of the activities of a data controller’s establishment physically present in the European Union. Therefore, the fundamental criterion for defining the scope of applicability of the Directive was the physical location in which the data were processed. Today, this criterion seems to have been overturned by art. 3, paragraph 1 of the Regulation, which defines the applicability of the act “regardless of whether or not the processing takes place in the Union”. Already over the last two years, from the Google Spain ruling to the recent Schrems decision, the orientation, which has become definite in the European Court of Justice’s case-law, has highlighted a trend towards a less restrictive interpretation of this criterion.

In fact, it seems that the will has also arisen to extend European legislation to cases in which data controllers are non-European subjects and data are mainly processed outside Europe. Now, art. 3 of the Regulation seems in a certain sense to have codified the Court’s broadened interpretation by providing multiple connecting criteria that also allow those cases of data processing which previously had been difficult to include, to be drawn into the sphere of application of the regulatory provision. The Regulation is now applicable not only to data processing performed in the context of the activities of a data controller’s establishment within the Union, but also in the case of a data processor’s establishment. Moreover, it is applicable when the data processing activities are related to an offer of goods or services, even if free of charge, to interested data subjects within the European Union, or when they are related to the monitoring of the such data subjects’ behaviour, even if the data controllers or processors are not settled in the European Union.

The reform introduces various innovations, among which the provision of a new range of rights for data subjects (for example the right to be forgotten and the right to data portability), the placing of more responsibilities on subjects involved in the processing of personal data (in particular the obligation for data controllers to carry out privacy impact assessments and to notify of data breaches), new safeguards for the transfer of data abroad in addition to the confirmation of the two regulatory authorities represented by the Data Protection Officer and the Supervisory Authority.

With regard to coordination with the European legislation (the Regulation will be applicable after a two year period from the date of entry into force), the Italian legislator will have to choose which of the two alternative routes to follow: either the direct application of the Regulation, which would imply the abrogation of all national provisions incompatible with the European legislation, or the integration of the current Italian Personal Data Code, despite the inevitable risks of erroneous transpositions or misinterpretations of the European provisions.

 

 

Digital identity management and trust services will be the main themes discussed at the colloquium convened by the Secretariat of the United Nations Commission on International Trade Law (UNCITRAL), that will take place on the 21st and 22nd of April 2016 at the Vienna International Centre.

During the meeting, Working Group IV on Electronic Commerce will focus its activity on legal issues related to identity management and trust services with a view to compiling information on the scope and methodology of future work in that area. The session will be attended by Full Professor Giusella Finocchiaro as President of the Working Group and representative of the Italian Government at UNCITRAL.

For further information please consult the section covering Working Group activities on UNCITRAL website.

 

 

  • Recent comments

  • Popular posts

    • None found