United Arab Emirates – Federal Decree-Law No.(45) of 2021 on Personal Data Protection

January 2nd, 2022 | Posted by Claude-Etienne Armingaud in Legislation | World - (0 Comments)

FEDERAL DECREE-LAW NO. (45) OF 2021 ON PERSONAL DATA PROTECTION

Read the full text.

(more…)

French Framework for “Kidfluencers” – Yet Another Undertaking for Online Platforms

November 25th, 2020 | Posted by Claude-Etienne Armingaud in eCommerce | France | Legislation | Social Networks - (0 Comments)

Through its Act no.2020-1266 dated 19 October 2020 (the Act), the French legislator elected to regulate the commercial exploitation of the images of children aged 16 and under on online platforms (Kidfluencers).

Despite the potentially lucrative consequences of these emerging practices, Kidfluencers operated in a legal vacuum which could have resulted in parents exploiting their children, without the latter reaping any financial benefits or regaining any control of their images upon coming of age.

First and foremost, the Act extends the existing legal framework of child models, under Article L7124-1 of the French Labor Code (FLC). As such, Kidfluencers will require a written authorization from the French Administration prior to being engaged or broadcasted, inter alia:

  • By any entertainment provider, regardless of the medium or broadcast type;
  • In order to perform “modeling activities,” broadly defined under Article L7123-2 FLC as presenting oneself, directly or indirectly through the reproduction of one’s image, either through photographs or video, notably by presenting a product, service of commercial message;
  • By eSport competition organizers; and
  • By “Employer whose activities consist in creating audiovisual recording whose main subject is a child aged 16 or under, for the purpose of for-profit broadcasting on an online video sharing platform”.

The latter category was notably introduced to characterize the parents or legal guardians of the influencers as the “employer” of the Kidfluencer. As they may not be as aware of the legal undertakings as the other providers and organizers mentioned, the Administration will provide them with specific information relating to the Kidfluencers’ rights and the risks associated with exhibiting their image online.

Moreover, a portion of the revenue gained by Kidfluencers would be placed in escrow on a French public bank account until their majority.

Secondly, in situation when the broadcast would not be performed for profit, the Act introduces additional protective measures for Kidfluencers: instead of a prior authorization, a simple declaration of the activity will be required, when the published content exceeds certain thresholds in terms of (i) duration or individual items; or (ii) direct or indirect revenues. Such thresholds will be addressed in a supplemental decree to be adopted shortly.

Failing to obtain the authorization or to proceed with the notification would entitle the Administration to seize a court in order to take down the related content.

Finally, the Act also implements a collaborative framework for the online video sharing platforms, and enjoin them to publish dedicated policies to aiming at

  • Informing users of the applicable Kidfluencers’ regulatory framework;
  • Informing Kidfluencers directly of the consequences on their private life of the broadcasting of their image, of the legal and psychological consequences and of the means they have to protect their rights and dignity;
  • Encouraging users to report any content involving Kidfluencers that could affect their dignity, psychological or physical integrity;
  • Preventing the processing of personal data relating to minors for commercial purposes, such as targeted advertisement, further to the broadcasting a Kidfluencers video;
  • Detecting situations where the recording or broadcasting of Kidfluencers’ videos could impact their dignity, psychological or physical integrity; and
  • Helping Kidfluencers to easily exercise their right to be forgotten on the video-sharing platforms.

While a welcomed step to protect children online, sometimes from their own families, the Act will need to be completed with regard to the thresholds triggering its applicability. In addition, by mainly addressing online video sharing platforms, the Act could have benefited from a more homogenous framework for online platform allowing the sharing of both still and moving pictures. Indeed, while still images could be included in the modeling provision, it remains to be seen how extensively it will be enforced.

Amidst the current discussions surrounding the Digital Services Act at the European level, this France-specific framework creates yet another undertaking for online platforms to implement additional measures to support public policies. And by encouraging users to report any content involving Kidfluencers that could affect their dignity, psychological or physical integrity, the Act could generate extra-territorial consequences, forcing the platforms to deploy such reporting mechanism at a global scale.

K&L Gates IP/IT team in Paris remains available to assist you in assessing the changes triggered by this Act. Please get in touch if you would like to discuss the steps that your organization might want to consider to prepare now for this new Kidfluencer framework.

First publication: K&L Gates Fashion Law Watch

🇺🇸 IAPP Data Protection Intensive France – Global Developments: CCPA and Beyond

February 4th, 2020 | Posted by Claude-Etienne Armingaud in Conference | Data Transfer | Europe | France | internet | Legislation | Privacy | World - (0 Comments)

The California Consumer Privacy Act of 2018 (CCPA) stands to radically change the way organisations throughout the United States, and even the world, handle personal data. Coming into force on 1 January 2020, CCPA has motivated other U.S. states such as Washington and Texas to move toward having their own privacy laws. Increasingly, pressure is building in Washington, DC, to advance federal privacy legislation, both on the domestic and international scene. In addition to Japan obtaining a GDPR-adequacy recognition (followed soon by Korea and India), Brazil has adopted its General Data Protection Act (GDPA) which is heavily inspired by the EU GDPR and will come into force in August 2020. In this session, hear about the new laws and legislative initiatives, how they will change the way you do business internationally and how to get prepared.

Along with Delphine Charlot, CIPP/E, Senior Counsel, Privacy and Data Protection, Mastercard

🇺🇸 Key changes to the AV regulatory framework and their effect on AV developments in France and the EU, The Future of Transportation World Conference 2019

December 10th, 2019 | Posted by Claude-Etienne Armingaud in Artificial Intelligence | Conference | Connected Cars | France | IT | Legislation | Non classé | Privacy - (0 Comments)
On March 29, 2018, French President Emmanuel Macron announced his plan to turn France into a global leader in AI. This political leadership was subsequently translated into the Villani report on AI, highlighting autonomous vehicles (AVs) as a regulatory case study, and the Idrac report on AVs. Following these reports, the regulatory framework is currently being amended. This presentation will outline the key changes and how they will affect AV developments in France and in the EU.

More information on the Future of Transportation World Conference 2019 website.

Regulating Connected and Autonomous Vehicles – A Blueprint for an AI Legal Framework

October 4th, 2019 | Posted by Claude-Etienne Armingaud in Communication | Connected Cars | Ethics | Europe | France | IT | Legislation | Privacy - (0 Comments)
AV Regulation Publication

A French Revolution, at last?

Despite optimistic statements in 2016 on both sides of the Atlantic (in between the European Commission’s communication on connected cars for Europe, and the Obama administration’s Detroit Auto Show announcement), it would seem that some of the hype surrounding connected and autonomous vehicles (“CAVs”) faltered. One reason may be the desensitization of the general public, as the initially promised 2020 deployment is dawning without a hint of general commercial availability in sight. On the other hand, the intricacies of the regulatory frameworks at stake also hinder the development of consumer-ready offers.

More often than not, France is perceived as an administrative maze, yet may become (unexpectedly to some) a leader in the race to regulating this incoming industry. However, far more than being limited to the automotive industry, regulating CAVs will serve as the blueprint for an artificial intelligence (“AI”) legal framework.

(more…)

Adequacy Agreements, Legislation and Compliance in a GDPR World

November 8th, 2018 | Posted by Claude-Etienne Armingaud in Data Transfer | Europe | France | Interview | Legislation | Privacy | Region - (0 Comments)

While Capitol Hill is inundated with proposed privacy legislations from the Data Breach Prevention and Compensation Act (DBPCA), the CLOUD Act and the ENCRYPT Act, organizations the world over are trying to understand how to get their own regulations deemed adequate enough to ensure the flow of business in the EU, now that GDPR is a reality.
(more…)

General Data Protection Regulation – GDPR [Full Text]

May 25th, 2018 | Posted by Claude-Etienne Armingaud in Europe | Legislation | Privacy - (0 Comments)

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

(more…)

, , , ,

AMF synthesis of the contributions received on Initial Coin Offering (ICO) regulation in France

February 28th, 2018 | Posted by Claude-Etienne Armingaud in Blockchain | France | IT | Legislation | Trusted Services and eSignature - (0 Comments)

The French Autorité des Marchés Financiers has recently published a synthesis of the contributions it received in response to its public consultation on Initial Coin Offerings (ICOs) to obtain stakeholder views on how these new types of blockchain offerings might be regulated.

The consultation included a presentation of ICOs, a warning on the risks they present, a legal analysis of ICOs with respect to the rules overseen by the AMF and the regulatory options proposed by the AMF. Respondents were invited to give their views on all of these points.

The English version of the synthesis can be found here, the French version here and our previous coverage of the consultation can be found here.

First published on K&L Gates Fintech Law Blog.

, , ,

France’s Financial Markets Authority Considers Its Options for Regulating Initial Coin Offerings

December 6th, 2017 | Posted by Claude-Etienne Armingaud in Blockchain | France | IT | Legislation | Trusted Services and eSignature - (0 Comments)

On 26 October 2017, France’s Financial Markets Authority, the “Autorité des Marchés Financiers” (“AMF”), published a discussion paper focusing on initial coin offerings (“ICOs”) that highlights the (many) dangers that arise from these unregulated transactions and discusses the regulation options that it currently foresees.
(more…)

, , , ,

France Moves Forward With Proposed Blockchain For Certain Securities Exchange

October 5th, 2017 | Posted by Claude-Etienne Armingaud in Blockchain | France | Legislation | Trusted Services and eSignature - (0 Comments)

Further to the adoption of Act no.2016-1691, dated 9 December 2016, on Transparency, Anti-Corruption and Modernization of Economic Life (“Sapin II” – see our compliance coverage here) and the public consultation whose results were made public on 30 August 2017 (see our coverage here), the French Ministry of Finance published a draft document aiming at adapting the French legal framework to the use of blockchain technology.

The proposed draft (which may be accessed here in French) address the possibility, for company, to register in a “shared electronic registry”:

  • Negotiable debt securities;
  • Units or shares of undertakings for collective investment;
  • Capital securities issued by corporations and debt securities other than negotiable debt securities, provided that they are not traded on a trading platform

The conditions under which such registration would possible expressly exclude any item admitted to the operations of a central depository or delivered in a system for the payment and delivery of financial instruments. In addition, the bylaws of the issuer must expressly provide for the possibility to use such shared electronic registries.

In any case, the French regulatory framework would subject to French law whenever the issuer is headquartered in France or the issuance itself is already governed by French law.

Additional technical measures will subsequently be devised by a supplementing Decree, in order to provide the required safeguards.

While assessing the relevancy of a blockchain framework for corporate titles remains difficult in the absence of such technical details, all players are welcome to provide the Ministry with observations on the proposed framework until 9 October 2017.

First published on the K&L Gates Fintech Law Blog with Emilie Oberlis.

, ,