KG LEGAL \ INFO
BLOG

Blog home > IT, NEW TECHNOLOGIES, MEDIA AND COMMUNICATION TECHNOLOGY LAW

The European Data Protection Board criteria of territorial competence of supervisory authorities to enforce Article 5(3) of the ePrivacy Directive

On 18 June 2021, the EDPB adopted internal document No. 04/2021 on the criteria for the territorial competence of supervisory authorities for the enforcement of Article 5(3) of the ePrivacy Directive.

Problem of territorial application

In view of recent decisions adopted by some SAs that are competent to enforce Article 5(3)
of the ePrivacy Directive[1], the EDPB has issued an Opinion aimed at establishing a uniform interpretation regulations of the territorial jurisdiction of SAs responsible for the enforcement of Article 5(3). Decisions adopted by SAs have shown that the territorial scope of application of the Directive may vary between different SAs, particularly where the controller/service provider is established in several Member States. Uncertainties on this issue could jeopardize decisions adopted by SAs across the Union.

Jurisprudence of the CJEU

More

False Internet product reviews – Polish and EU law

Consumer opinions on a given product or service are a significant influence on sales on the Internet. Therefore, they should be as true and reliable as possible. This is to be helped by a new EU directive which expressly prohibits the posting of false opinions and paying for them, as well as misleading mechanisms for verifying the veracity of opinions.

UK Competition Authority (CMA)

In early January 2020, the CMA announced that as a result of the ongoing investigation, Facebook and eBay had formally committed to tackling the widespread trade in false and misleading product reviews on these platforms. In response to the authority’s concerns, the platforms have removed hundreds of such profiles and committed to putting in place mechanisms to prevent the offering and sale of such services. This should be considered a half success. The trade in fake product reviews is a symptom of a much more serious problem with the unfair manipulation of consumer buying behaviour. [1]

Directive on better enforcement and modernisation of EU consumer protection rules

More

KIELTYKA GLADKOWSKI KG LEGAL participated in the training devoted to “Polish National Electronic Invoicing System” – obligatory system for entrepreneurs in Poland from 2023, voluntary in 2022

The workshop devoted to the new Polish system of electronic invoicing took place on 27 January 2022, it was organized by the Business Trends Academy, a joint project of Soneta LLC, software developer ENOVA 365, Microsoft and Intel.

About the Polish National e-Invoice System (KSeF)

The Polish National e-Invoice System (KSeF) is operated by the Polish Head of the National Fiscal Administration, who is the administrator of all data in the National e-Invoice System.

Functionality of the Polish National e-Invoice System:

  • granting, modifying and withdrawing permissions and notification of possession or withdrawal of permissions
  • verification of permissions at login attempt
  • issuing, accessing, receiving, storing and assigning identification numbers to structured invoices
  • verification of the compliance of the sent invoice with the template (scheme).
  • notification of temporary non-functioning of the system and of attempted login by an unauthorised person.

Who can use the Polish National e-Invoice System:

  • Taxpayer
  • Entities designated by the taxpayer (e.g. an accounting office)
  • Enforcement bodies, bailiffs
  • Natural persons designated by the above-mentioned entities.

Important note: The Polish National e-Invoice System does not exclude foreign contractors, so they can also receive structured invoices, although they may wish to receive it in the traditional way.

More

Screening algorithms used by Facebook – 2% of effectiveness. Is it an open legal problem?

So far, users have uploaded an enormous amount of 350 billion photos, and nearly 35 million people update their status every day on Facebook platform. With such numbers, it is very difficult to verify the content posted on the platform, which in a considerable number of cases violates community standards. In order to stop this dangerous process, the company had to undertake more technologically demanding solutions, so that it operates in accordance with legal and ethical standards.

Facebook Community Standards

The aforementioned Community Standards are the key for fighting with abuses on the platform. They are simply guidelines developed by Facebook’s employees, which list what is allowed and what is forbidden. They are based on user feedback and expert advice in areas such as technology, public safety and human rights. They apply to all users, are valid worldwide, and apply to all types of content. They have been divided into categories concerning: violence and illegal behaviour, security, objectionable content, integrity and authenticity, and even protection of intellectual property. Each of them describes specific behaviours/content that are strictly prohibited, and the catalogue itself grows with emerging socials problems. The most significant and widespread problem with violations of these standards is hate speech.

Classifiers – screening algorithms

More

Spoofing as a form of cybercrime

Along with the development of technology, which gives us more and more opportunities, the risk of cyber-attacks on our personal data is also growing. Hackers are using more and more sophisticated methods of compromising security to achieve their goal. One of the forms of cybercrime is spoofing, i.e. a group of attacks on ICT systems consisting in impersonating another element of the IT system, the effect of which is achieved by placing prepared data packets on the network or incorrect use of protocols.

Spoofing definition

The term “spoof” dates back over a century and refers to any form of trickery. However, today it is mostly used when talking about cybercrime. Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source, which can apply to emails, phone calls, and websites, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server. It can be used to gain access to a target’s personal information, spread malware through infected links or attachments, bypass network access controls, or redistribute traffic to conduct a denial-of-service attack. Also it is a good way to gains access to someone’s device in order to execute a larger cyber-attack. Successful attacks can lead to infected computer systems and networks, data breaches, and loss of revenue – all liable to affect the organization’s public reputation. In addition, spoofing that leads to the rerouting of internet traffic can overwhelm networks or lead customers to malicious sites aimed at stealing information or distributing malware.

How spoofing works?

More

UP