Archive: September 2021

In April 2021 the UK Jurisdiction Taskforce (UKJT) published its Digital Dispute Resolution Rules (the Rules), a revolutionary set of arbitration rules designed to provide a framework to govern disputes relating to disruptive novel technologies, such as cryptoassets, smart contracts, and distributed ledger technology (DLT) applications, e.g., blockchain or ethereum. It is an important step in a series of recent Government’s efforts to strengthen the digital credentials of the UK legal sector and showcase its readiness to embrace disruptive technologies, with the aim of making the UK the jurisdiction of choice for innovative businesses and cutting-edge transactions.

On 5 August 2021, the UK’s Office of Financial Sanctions Implementation (OFSI) announced that it has imposed a penalty on TransferGo Limited (TransferGo) of £50,000 for issuing payments to accounts held at the Russian National Commercial Bank (RNCB) in violation of EU sanctions against Crimea (in breach of Council Regulation (EU) No 269/2014, as enforced in the UK under Regulation 4 of the Ukraine (EU Financial Sanctions) (No 2) Regulations 2014 (the EU Regulations)).

Every month we provide the Global Blockchain Business Council’s Post-Trade Distributed Ledger group with a global regulatory FinTech updater, the latest version of which can be found here.

Every month we provide the Global Blockchain Business Council’s Post-Trade Distributed Ledger group with a global regulatory FinTech updater, the latest version of which can be found here.

On 17 June 2021 The Payment and Electronic Money Institution Insolvency Regulations 2021 was published on the legislation.gov.uk website. The Regulations provide for a new special administration regime for payment and electronic money institutions.

According to the California Attorney General, consumers may now utilize a new technology called the Global Privacy Control (“GPC”) in order to opt out of a “sale” of personal information under the California Consumer Privacy Act (“CCPA”).

As part of its global strategy to ensure compliance with its new cookies mandatory guidelines, and as announced in its priority control themes for 2021, in May 2021 the CNIL issued formal notices to over twenty organizations (including international actors in the digital economy and some public bodies) for not enabling users to accept or refuse cookies using equally easy steps. These organizations all remedied the identified breaches within the month granted, but the CNIL has identified and sent formal enforcement notices regarding the same issue to a further 40 non-compliant organizations in the meantime.

Germany’s highest civil court, the Federal Court Of Justice (Bundesgerichtshof, the FCJ), has just published a decision specifying the scope of data subject access requests (DSARs). The FCJ held that Article 15 of the EU General Data Protection Regulation (GDPR) has a broader scope than previously understood in Germany. Pursuant to the court’s decision, Article 15 GDPR also covers information already known about the data subject, previous correspondence and notes of internal processes or internal communications related to the data subject.

China’s Cyber Security Law (CSL), enacted in 2016, requires operators of critical information infrastructure (CII) to follow a number of enhanced security obligations, including storing within China all personal information and important data collected or generated during their operations in China. Given the more onerous obligation on CII operators, we are constantly asked the same key question by our clients who do business in China: “Am I a CII operator?”. Now, a new regulation provides more clarity on this.

China passed its Personal Information Protection Law (PIPL) on 20 August 2021. The new law will take effect from 1 November 2021 allowing companies just over 2 months to prepare themselves. The full text has not been made public yet.