September 2021https://www.nortonrosefulbright.com/en/inside-fintech/blog/rss/september-2021Find the latest articlesen{4F5C34D8-585D-47ED-B707-CE82459F25D1}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/09/ground-breaking-arbitration-rules-for-digital-disputes-releasedHolly StebbingHarriet Jones-FenleighAdam SanittArtificial intelligence and digitalisationBlog postGround breaking arbitration rules for digital disputes releasedIn April 2021 the UK Jurisdiction Taskforce (UKJT) published its Digital Dispute Resolution Rules (the Rules), a revolutionary set of arbitration rules designed to provide a framework to govern disputes relating to disruptive novel technologies, such as cryptoassets, smart contracts, and distributed ledger technology (DLT) applications, e.g., blockchain or ethereum. It is an important step in a series of recent Government’s efforts to strengthen the digital credentials of the UK legal sector and showcase its readiness to embrace disruptive technologies, with the aim of making the UK the jurisdiction of choice for innovative businesses and cutting-edge transactions.Tue, 21 Sep 2021 15:48:00 ZHolly Stebbing, Harriet Jones-Fenleigh, Adam Sanitt{6B100CB1-B6B3-40A0-ACF6-32306713ED40}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/ofsi-penalises-fintech-company-for-breach-of-crimea-sanctionsDavid HarrisRegulatory updatersBlog postOFSI penalises FinTech company for breach of Crimea sanctionsOn 5 August 2021, the UK’s Office of Financial Sanctions Implementation (OFSI) announced that it has imposed a penalty on TransferGo Limited (TransferGo) of £50,000 for issuing payments to accounts held at the Russian National Commercial Bank (RNCB) in violation of EU sanctions against Crimea (in breach of Council Regulation (EU) No 269/2014, as enforced in the UK under Regulation 4 of the Ukraine (EU Financial Sanctions) (No 2) Regulations 2014 (the EU Regulations)).Tue, 21 Sep 2021 13:40:00 ZDavid Harris{9C439D71-D3BA-4FFA-BC53-7E3087B6EAE2}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/monthly-global-fintech-regulatory-updaterHannah MeakinRegulatory updatersBlog postMonthly Global FinTech regulatory updaterEvery month we provide the Global Blockchain Business Council’s Post-Trade Distributed Ledger group with a global regulatory FinTech updater, the latest version of which can be found here.Tue, 21 Sep 2021 13:37:00 ZHannah Meakin{52FCFE07-5411-4D03-ACF7-3AB73556DDFB}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/07/monthly-global-fintech-regulatory-updaterHannah MeakinRegulatory updatersBlog postMonthly Global FinTech regulatory updaterEvery month we provide the Global Blockchain Business Council’s Post-Trade Distributed Ledger group with a global regulatory FinTech updater, the latest version of which can be found here.Tue, 21 Sep 2021 13:31:00 ZHannah Meakin{7F8C5239-2A02-424B-8FE7-E705CC895FFE}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/07/the-payment-and-electronic-money-institution-insolvency-regulations-2021Albert WeatherillPayments / open-bankingBlog postThe Payment and Electronic Money Institution Insolvency Regulations 2021On 17 June 2021 The Payment and Electronic Money Institution Insolvency Regulations 2021 was published on the legislation.gov.uk website. The Regulations provide for a new special administration regime for payment and electronic money institutions.Tue, 21 Sep 2021 13:12:00 ZAlbert Weatherill{9A9C3971-7BA5-42A5-95BC-3F71DC844AA1}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/07/global-privacy-control-opt-out-of--sale-a-technical-and-legal-viewpointSteven B. RoosaData and cybersecurityBlog postGlobal Privacy Control Opt-Out of “Sale” – A Technical and Legal ViewpointAccording to the California Attorney General, consumers may now utilize a new technology called the Global Privacy Control (“GPC”) in order to opt out of a “sale” of personal information under the California Consumer Privacy Act (“CCPA”).Tue, 21 Sep 2021 12:57:00 ZSteven B. Roosa{0E576B51-D2DE-40C0-A65C-A598494F1272}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/07/it-must-be-as-easy-to-reject-cookies-as-it-is-to-accept-themLara WhiteData and cybersecurityBlog postIt must be as easy to reject cookies as it is to accept them: 40 additional organizations on the radar of the CNILAs part of its global strategy to ensure compliance with its new cookies mandatory guidelines, and as announced in its priority control themes for 2021, in May 2021 the CNIL issued formal notices to over twenty organizations (including international actors in the digital economy and some public bodies) for not enabling users to accept or refuse cookies using equally easy steps. These organizations all remedied the identified breaches within the month granted, but the CNIL has identified and sent formal enforcement notices regarding the same issue to a further 40 non-compliant organizations in the meantime.Tue, 21 Sep 2021 12:33:00 ZLara White{B7ECCC6F-F658-4950-8EDD-BE7771CD6D8C}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/07/subject-access-request-germany-highest-court-widens-the-scope-of-data-subjectChristoph RitzerNatalia FilkinaData and cybersecurityBlog postSubject Access Request: Germany’s highest court widens the scope of data subject access requests in GermanyGermany’s highest civil court, the Federal Court Of Justice (Bundesgerichtshof, the FCJ), has just published a decision specifying the scope of data subject access requests (DSARs). The FCJ held that Article 15 of the EU General Data Protection Regulation (GDPR) has a broader scope than previously understood in Germany. Pursuant to the court’s decision, Article 15 GDPR also covers information already known about the data subject, previous correspondence and notes of internal processes or internal communications related to the data subject.Tue, 21 Sep 2021 12:20:00 ZChristoph Ritzer, Natalia Filkina{013F1E2E-87E6-4826-AE71-1983BDC76D7C}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/am-i-a-cii-operator--new-regulation-in-china-provides-more-clarityData and cybersecurityBlog post"Am I a CII operator?" - New regulation in China provides more clarityChina’s Cyber Security Law (CSL), enacted in 2016, requires operators of critical information infrastructure (CII) to follow a number of enhanced security obligations, including storing within China all personal information and important data collected or generated during their operations in China. Given the more onerous obligation on CII operators, we are constantly asked the same key question by our clients who do business in China: “Am I a CII operator?”. Now, a new regulation provides more clarity on this.Tue, 21 Sep 2021 11:54:00 Z{60608C7D-E975-433C-8998-5D5FD62BAE6B}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/china-passes-the-personal-information-protection-lawData and cybersecurityBlog postChina passes the Personal Information Protection LawChina passed its Personal Information Protection Law (PIPL) on 20 August 2021. The new law will take effect from 1 November 2021 allowing companies just over 2 months to prepare themselves. The full text has not been made public yet.Tue, 21 Sep 2021 11:48:00 Z{B6CB56D6-6EB6-483B-9ECA-E0DF74936D98}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/pipl-a-game-changer-for-companies-in-chinaData and cybersecurityBlog postPIPL: A game changer for companies in ChinaChina passed its Personal Information Protection Law (PIPL) on 20 August 2021. This is China’s first omnibus data protection law, and will take effect from 1 November 2021 allowing companies just over two months to prepare themselves. The PIPL is a game changer for any company with data or business in China. It will add another layer of complexity with respect to compliance with China’s security and data laws and regulations.Tue, 21 Sep 2021 11:43:00 Z{85EE2A2F-774A-4F24-9751-25FC4A91D87B}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/ontario-moves-towards-introducing-new-privacy-lawImran AhmadData and cybersecurityBlog postOntario moves towards introducing new privacy lawGiven global trends in the development of privacy laws and enforcement, Canada and several provinces are looking at modernizing their respective privacy regimes. Ontario’s new proposed privacy law, which would govern commercial activities more broadly than current legislation (i.e., our federal legislation, the Personal Information Protection and Electronic Documents Act (PIPEDA), and Ontario’s health privacy legislation, the Personal Health Information Protection Act (PHIPA)), is intended to enhance the public’s confidence in Ontario’s digital economy by recognizing individuals’ fundamental right to privacy and imposing strict compliance obligations and financial penalties on organizations doing business in Ontario.Tue, 21 Sep 2021 11:38:00 ZImran Ahmad{DAE125FF-EF11-4810-A80B-A02EFA848E8B}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/07/blockchain-law-when-plaintiffs-raise-claims-of-platforms-behaving-badlyRobert A. SchwingerDistributed ledger technologies, blockchain and smart contractsBlog postBlockchain law: When plaintiffs raise claims of platforms behaving badlyConsumers and businesses should be able to control their financial assets and investments through use of electronic cryptocurrency platforms with confidence. What happens, however, when these platforms do not function properly or the platform operators work against their own users? Does the user have any remedies? A series of rulings over recent months provides little encouragement for plaintiffs.Tue, 21 Sep 2021 11:09:00 ZRobert A. Schwinger{B85CC644-1DCD-451E-89B8-BE051BF1140C}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/rise-of-the-machines-federal-court-of-australia-holds-that-artificial-intelligence-etcJackie O'BrienIsobel TaylorArtificial intelligence and digitalisationBlog postRise of the machines: Federal Court of Australia holds that artificial intelligence can be a patent ‘inventor’t is not often that one reads a decision which raises not only complex and interesting issues of the correct interpretation of Australian patent legislation, but also calls upon the reader to consider existential and philosophical questions regarding the Promethean role of technology in modern society. But that is just what his Honour Justice Beach has done in a recent judgment that a patent applicant can name as the inventor, not a human person, but an artificial intelligence (AI) system.Tue, 21 Sep 2021 09:04:00 ZJackie O'Brien, Isobel Taylor{5FCC9FD2-8AB3-4017-A6B3-6B62C575BDD9}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/09/defi-academySean MurphyAndrew James LomHannah MeakinAlbert WeatherillRachael HashmallDeFiBlog postDeFi Academy | Register for session 1: An intro to DeFi @ 3pm on Tuesday 21 SeptemberTo demystify DeFi and explore the various associated legal and regulatory issues, over the next few months, we will be running a “DeFi Academy" comprising a series of discussions – including live Q&A sessions. Thu, 16 Sep 2021 15:03:51 ZSean Murphy, Andrew James Lom, Hannah Meakin, Albert Weatherill, Rachael Hashmall{E043F6AD-948A-4159-A04B-F8EBFAB90A4F}https://www.nortonrosefulbright.com/en/inside-fintech/blog/2021/08/ip-monitor-government-of-canada-initiates-consultation-on-modernizing-copyright-framework-etcDavid YiMaya MedeirosArtificial intelligence and digitalisationBlog postIP monitor Government of Canada initiates consultation on modernizing copyright framework etcOn July 16, 2021, the federal government (through the Minister of Innovation, Science and Industry, and the Minister of Canadian Heritage) launched a public consultation on adapting Canada’s copyright framework to ongoing developments in artificial intelligence (AI) and the Internet of Things (IoT).Tue, 14 Sep 2021 10:38:15 ZDavid Yi, Maya Medeiros