Yesterday, 01 February 2023, the Commission published guidance on how online platforms and search engines within the scope of the Digital Services Act (DSA) should comply with their obligation to report user numbers in the EU.

As highlighted in our recent update, the DSA requires providers of online platforms and of online search engines to publish, by 17 February 2023, information on the average monthly active recipients of their services in the EU, on their publicly available online interfaces. The number must be calculated as an average over the period of the past six months.

Online platforms/search engines, whose numbers reach the threshold of 45 million average monthly active recipients in the EU, will be designated by the Commission as very large online service providers (VLOPs) or very large online search engines (VLOSEs). However, the Commission is not bound by information provided by online service providers, – it may use other available data or request additional information.

While the guidance is not ground breaking, it provides a helpful interpretation of certain provision of the DSA.

In relation to the calculation of active recipients of the service, the guidance stipulates the following:Continue Reading DSA: Commission issues guidance on the requirement to publish user numbers in the EU

The first draft delegated regulation supplementing the Digital Services Act (DSA) was published by the European Commission yesterday.

The regulation outlines the criteria to be used when calculating the supervisory fees which will be charged on very large online platforms (VLOPs) and very large online search engines (VLOSEs) under Article 43 of the DSA.

In particular, it includes:Continue Reading DSA: Delegated Regulation setting the methodology and procedure for determining the Supervisory Fee

On 19 December 2022, the Commissioner for Internal Market of the EU published an update on the date when very large online platforms (VLOPs) and very large online search engines (VLOSEs) will be required to comply with the provisions of the Digital Services Act (DSA).

The Commissioner noted that VLOPs / VLOSEs will be required to comply with the new rules by no later than 1 September 2023. To meet the deadline the Commission would need to designate VLOPs and VLOSEs by 28 April 2023. Based on this update the current timeline of the DSA application is as on the graphic below.Continue Reading Digital Services Act: Timeline

The Government has published the long anticipated Online Safety and Media Regulation Bill 2022 which it has hailed as a “watershed moment as we move from self-regulation to an era of accountability in online safety”.

Online safety is one of the headline items, and it will be overseen by the newly-established Media Commission (Coimisiún na Meán). The Bill also seeks to implement a number of other key legislative reforms including the transposition of the revised Audiovisual Media Services Directive and the alignment of the regulation of video on-demand services with traditional broadcasting.

The publication of this Bill follows input from and engagement with key stakeholders from the public, NGOs, companies and government organisations over the course of the last three years.

We have summarised some of the key aspects of the Bill below.Continue Reading Online Safety & Media Regulation Bill 2022

The Government has published its legislation programme for Autumn 2021. We have set out below the status of key Bills of relevance to the data protection, commercial and technology sector.

Priority legislation for publication and drafting this Autumn

  • Online Safety and Media Regulation (OSMR) Bill – This Bill will provide for the establishment of a multi-person Media Commission (including an Online Safety Commissioner), the dissolution of the Broadcasting Authority of Ireland, a regulatory framework to tackle the spread of harmful online content, and implementation of the revised Audiovisual Media Services (AVMS) Directive 2018/1808. The Heads of Bill were published on 9 January 2020, with additional provisions approved on 8 December 2020 and 18 May 2021. The government also approved the integration of the Broadcasting (Amendment) Bill into the OSMR Bill. Member States were due to implement the revised AVMS Directive in national law by 19 September 2020, so Ireland has missed this deadline. Pre-legislative scrutiny is ongoing. Further background information information on the proposed Bill is available here.
  • Consumer Rights Bill – This Bill will give effect to two EU Directives (770/2019 and 771/2019) on consumer contracts for the supply of digital content and digital services, and on consumer contracts for the sale of goods. It will also update and consolidate the statutory provisions on consumer rights and remedies in relation to contracts for the supply of non-digital services, unfair contract terms, and information and cancellation rights. The General Scheme of the Bill has been published for public consultation. The Heads of Bill were approved on 20 April 2021.

Continue Reading Government publishes legislation programme for Autumn 2021

The Government has published its legislation programme for Summer 2021. We have set out below the status of key Bills of relevance to the data protection, commercial and technology sector.

Bills expected to undergo pre-legislative scrutiny this Summer Session 

  • Online Safety and Media Regulation (OSMR) Bill – This Bill will provide for the establishment of a multi-person Media Commission (including an Online Safety Commissioner), the dissolution of the Broadcasting Authority of Ireland, a regulatory framework to tackle the spread of harmful online content, and implementation of the revised Audiovisual Media Services (AVMS) Directive 2018/1808. The Heads of Bill were published on 9 January 2020, with additional provisions approved on 8 December 2020. The government also recently approved the integration of the Broadcasting (Amendment) Bill into the OSMR Bill. Member States were due to implement the revised AVMS Directive in national law by 19 September 2020, so Ireland has missed this deadline. Pre-legislative scrutiny is currently underway.

Continue Reading Government publishes Summer Legislation Programme

On 6 April 2020, the Data Protection Commission (DPC) published a report on the use of cookies and other tracking technologies (Report) and an updated guidance note on cookies and other tracking technologies (Guidance).

The Report is based on a review carried out by the DPC of websites in various sectors in Ireland, including insurance, banking, media, retail and the public sector. The purpose of the DPC’s report was to examine whether organisations are complying with the law, and, in particular, how organisations are obtaining the consent of users for the use of cookies. The majority of the 38 organisations examined were found to have potential compliance issues, particularly in relation to reliance on implied consent for setting non-necessary cookies; lack of choice for users to reject all cookies; bundling of consent for all purposes; and the possible misclassification of cookies as “necessary” or “strictly necessary“.  The Report gives an overview of the responses received highlighting what the DPC considers to be both “good” and “bad” practices that it encountered on the websites, and the Guidance provides website operators with guidance on how to comply with the rules relating to cookies, which are set out in the Irish ePrivacy Regulations.Continue Reading DPC publishes Report and Guidance on cookies following a “cross-sector and cross-size” sweep of website operators

The Government Chief Whip, Seán Kyne TD, has published the Government’s legislation programme for Summer 2019.  The updated programme follows on from the special programme launched in January 2019 which focused on Brexit. We have set out below the key data protection and technology-related legislation coming down the tracks.

Priority Legislation

  • Communications (Retention of Data) Bill –  This Bill will repeal and replace the Communications (Retention of Data) Act 2011 which requires data generated by mobile phones to be retained by telecommunications service providers for two years, and allows An Garda Síochána and certain other State agencies to access such data for criminal investigative purposes. The Heads of Bill were published last October 2017, following publication of Mr Justice Murray’s Review of the Law on the Retention of and Access to Communications Data, which found that many features of the 2011 Act are precluded by EU law. The Irish High Court also recently held, in Dwyer v Commissioner of An Garda Siochána [2018] IEHC 685; [2019] IEHC 48, that certain sections of the 2011 act are incompatible with EU law.

Continue Reading Government publishes legislation programme for Summer 2019

The Scottish Courts have given an interesting decision in relation to IT contracts, relating to the allocation of delivery risk between supplier and customer and the importance of doing what it says in the contract.

In David MacBrayne Limited v Atos IT Services (UK) Limited (2018), Atos, a supplier, had entered into an agreement with David MacBrayne Limited to supply a digital platform. The engagement was not successful and the parties claimed and counter-claimed against each other for material breach of the contract (amongst other things).

Customer Dependencies – Whose Responsibility is Delivery?

IT contracts will often include dependencies on
Continue Reading IT Contracts Case Law Update: Allocation of Delivery Risk

The Law Reform Commission has published an Issues Paper on Privilege for Reports of Court Proceedings under the Defamation Act 2009. The Paper examines and make recommendations on whether changes should be made to the Defamation Act 2009 relating to absolute privilege for reports of court proceedings. Section 17 of the Defamation Act 2009 currently provides that there is absolute privilege (i.e. complete immunity) from a defamation action where the claim is about a “fair and accurate report of proceedings” heard in any court in Ireland, Northern Ireland, or certain European and international courts.
Continue Reading Reports of court proceedings in blogs and social media may no longer be immune from defamation claims