Skip to main content
|

Add a bookmark to get started

Bookmarks info
18 September 202415 minute read

Innovation Law Insights

18 September 2024
Podcast

AI Governance. Ethics, and Privacy: Insights from Giorgia Vulcano of Anheuser-Busch InBev

In this episode of Diritto al Digitale, DLA Piper technology lawyers Giulio Coraggio and Tommaso Ricci sit down with Giorgia Vulcano, Global Digital Ethics, Cybersecurity & AI Manager at Anheuser-Busch InBev, to explore the critical intersection of AI governance, ethics and privacy in multinational corporations. You can listen here.

 

Data Protection and Cybersecurity

EU Commission FAQ on the Data Act published: Main points

The European Commission has published FAQ on the Data Act, one of the pillars of the European Data Strategy. Although non-binding, the FAQ offer important clarifications on several aspects of the legislation.

The Data Act, which will become applicable on 25 September 2025, focuses on related products or related services. It provides for cases where there's an obligation to make available and/or share data (personal and non-personal) generated by the products or services. It also provides for additional protections in data sharing and cloud computing contracts, the development of interoperability standards for data access, use and transfer, and measures to facilitate switching between different operators.

Relationship between the Data Act and the GDPR

The FAQ begin by analyzing the relationship between the Data Act and Regulation (EU) 2016/679 (the GDPR). The Commission confirms that where an activity carried out under the Data Act also qualifies as processing under the GDPR, the Data Protection Authority will be responsible for monitoring the application of the Data Act, to avoid the need for the data subject to turn to two separate authorities. But it will still be possible for states to designate an ad hoc authority to monitor compliance with the other provisions of the Data Act. The Commission also stressed that in the event of a conflict between the provisions of the Data Act and the GDPR, the latter will prevail.

Access to and use of data in the context of the Internet of Things

Access to data generated by a connected product or a connected service is at the heart of the Data Act.

In the FAQ, the Commission clarifies several points:

  • Notion of connected product: the Data Act applies to all connected products and connected services, including devices like smartphones and TVs, whose exclusion from the list in Recital 14 had raised doubts. The only exceptions are services whose sole purpose is to transmit data (eg servers or routers).
  • Data to which there's a right of access: the FAQ clarify that, in relation to "readily available data," only data generated after the Data Act enters into force will be subject to this obligation. The Data Act also covers data generated by the connected device when it's located outside the EU.
  • Beneficiaries of the right of access: users (Users), ie people residing in the EU with a "stable right" to the product (so not only the data subject!), so this excludes those who use the product or service on the basis of non-contractual relations. If there is more than one User, it must be ensured that each User can only access the data of their interest. And, at the User's request, the data can be disclosed to third parties (Recipients), except for operators who qualify as "gatekeepers" under the Digital Markets Act. But if the Recipient isn't established in the EU, the request can't be complied with.
  • Person who must comply with the obligation: the data controller. The FAQ also emphasize that this subject does not necessarily coincide with the producer of the goods or the provider of the service, who may contractually entrust this role to a third party. The FAQ also establish the incompatibility of the two roles of "User" and "Holder."
  • Modalities of access: access to the data can be "direct" or "indirect" depending on whether the User can access the data directly without the intervention of the Controller. The Commission strengthens the discretion as to how the right of access is implemented by excluding the obligation to ensure direct access "at any cost."
  • Limits to the right of access: in the event of the need to protect Trade Secrets, access can't be denied (unless significant economic harm might result from sharing), but the Controller can take measures to protect them, including confidentiality agreements with the User. Instead, access can be denied in case of security concerns.
  • Use of data: the data collected can be used:
    • by the Controller for any purpose, provided that the use has been agreed with the User;
    • by the User; and
    • by the Recipient for contractually agreed purposes, excluding the development of competing related products.

Further aspects of relevance of the FAQ on the Data Act

The Commission addressed the following additional issues:

  • Protection measures: certain measures, such as data encryption, that will have to be put in place to protect non-personal data are anticipated.
  • Remuneration: in relation to the "non-discriminatory" remuneration that Recipients have to pay the Controller, the FAQ clarify that no maximum or minimum amount will be set, but that the reasonableness will be determined on a case-by-case basis by assessing the equality of Recipients.
  • Business to Government Data Sharing: the FAQ clarify that the facts to be taken into account in determining the grounds of "public emergency" that legitimize the exchange of data between private and public entities will be determined by national law. Furthermore, the character of extrema ratio of sharing is established, which will only be possible where the public body cannot obtain the data in any other way.
  • Business to Business Data Sharing and Cloud Computing Contracts: the FAQ confirm that work is underway to adopt standard contract templates and clauses to protect SMEs and users of cloud computing services from unfair contract terms.
  • Switching between data processing services (eg SaaS): in relation to the measures aimed at reducing the cost of switching between different operators, the FAQ establish that the costs must not exceed the – unavoidable – costs incurred by the data processing services in making the switch.

Conclusion

The FAQ provide important clarifications on the application of the Data Act. But there are still areas of uncertainty, such as how to access data and B2G sharing. So we'll have to wait for the actual applicability of the Data Act and possible national implementations.

Author: Federico Toscani

 

Intellectual Property

EUIPO: Biliteral marks in the fashion sector

EUIPO's Second Board of Appeal upheld the Opposition Division’s decision, finding no likelihood of confusion between two biliteral marks based solely on the use of the same letters.

The facts

The dispute concerns the EU's designation in an international trademark registration for a biliteral figurative mark, in relation to certain goods in Classes 3, 9, 14, 18, and 25 (the Contested Application). In 2022, an opposition proceeding was initiated against the registration filed by a Swiss fashion house (the Applicant), limited to the following goods in Class 18: "luggage and carrying bags; handbags; toiletry cases; wallets."

The opposition is based on an international trademark registration designating the EU, concerning a biliteral figurative mark composed, like the Contested Application, of the letters "J" and "S," but with a different graphic stylization compared to the mark in the Contested Application. The opposition relates to the following products in Class 18: "handbags; campers' bags; beach bags; briefcases; wallets; purses; key cases; fanny packs; suitcases; umbrellas; beauty cases; wheeled bags; backpacks; trolleys [wheeled luggage]; shopping bags; handbags; polycarbonate document holders."

The challenged decision

In its decision of 15 December 2023 (the Challenged Decision), the Opposition Division fully dismissed the opposition, basing its ruling on the following key points:

  • The goods in question are aimed at the general public with an average level of attention.
  • The examination of the opposition proceeded as if all the contested goods were identical to those covered by the earlier mark.
  • The different combinations of the letters "J" and "S" don't describe the goods in question nor allude to their characteristics, so they're considered distinctive.
  • Visually, the signs are similar to a low degree. The difference in their stylization would not go unnoticed by consumers.
  • Phonetically, the signs may be identical or similar to a low degree, depending on the order in which the two letters of the Contested Application are pronounced.
  • A conceptual comparison is not possible, as neither of the signs has any meaning.
  • The distinctiveness of the earlier mark is deemed to be normal.
  • In short marks, small differences can create a different overall impression.
  • The likelihood of confusion can be safely excluded when two conflicting signs, although containing or consisting of the same single letter or a combination of letters that are not recognizable as a word, are stylized in a sufficiently different way or contain a sufficiently distinct figurative element, so that their overall graphic representation overshadows the common verbal element.
  • There is no likelihood of confusion.

The appeal

During the appeal aimed at overturning the Challenged Decision, the Second Board of Appeal upheld the Opposition Division's ruling, finding no likelihood of confusion based solely on the use of the same letters. In particular, it's useful to review some of the Board’s observations regarding the fashion sector, the comparison of biliteral marks, and the perception of the relevant public:

  • "[...] the signs simply coincide in the use of the letters "S" and "J." However, these letters are not arranged in the same order, and their stylization is different. The differing positions of the letters (intertwined in the earlier mark and stacked one above the other in the contested mark), as well as the different fonts and typographies, result in an overall low degree of visual and phonetic similarity between the signs. There are no conceptual similarities that could offset the low degree of visual and phonetic similarity" (§ 58).
  • "[...] the relevant consumers more clearly perceive the visual and phonetic differences between the signs, as both marks in comparison are short signs (04/05/2018, T-241/16, EW (fig.)/ALS, EU:T:2018:255, § 35, and case law cited therein). Additionally, relevant consumers in the fashion market pay close attention to differences and context, particularly in the case of stylized marks composed of a single letter or two letters (19/05/2022, R 1666/2018-5, V (fig.)/V (fig.) et al., § 58)" (§ 59-60).

Author: Tamara D’Angeli

 

Food and Beverage

Health claim banned for food supplements containing Monacolin K from red yeast rice

On 30 July 2024, the European Commission's Regulation (EU) 2024/2041, dated 29 July 2024, was published in the Official Journal of the European Union. The regulation, effective from 19 August 2024, mandates the removal of health claims associated with Monacolin K derived from red yeast rice.

Until now, labels and advertisements for food supplements containing Monacolin K (a compound produced through the fermentation of red yeast rice) could state: "Monacolin K from red yeast rice contributes to the maintenance of normal blood cholesterol levels." This claim was included in the Annex of Regulation (EU) 432/2012, which governs health claims on food products.

Monacolin K is a naturally occurring chemical produced by a type of yeast that grows on rice to produce what is known as red yeast rice. This natural compound works by inhibiting an enzyme involved in cholesterol synthesis in the liver. In its lactone form, Monacolin K is chemically identical to lovastatin, the active ingredient in several medications approved for treating hypercholesterolemia in the EU. In recent years, it has been included in some food supplements for its effect on maintaining normal low-density lipoprotein cholesterol levels in the blood.

The new regulation changes the landscape by explicitly banning the previously authorized health claim due to concerns about the efficacy and safety of Monacolin K when used as a food supplement for cholesterol management. Given that the adverse effect profile of red yeast rice is similar to that of lovastatin, limits have been set for the use of Monacolin K in food supplements, along with specific warnings on product labels. As early as 2022, the European Commission had already restricted the use of Monacolin K to less than 3 mg per daily dose due to safety concerns.

Manufacturers of dietary supplements now have to revise their labels and advertising claims to comply with the new regulation. Industry operators have to ensure that the information provided is accurate and not misleading, to avoid penalties and to maintain safety in the food supplements market, with a specific focus on consumer protection and clear product information.

Author: Carlotta Busani

 

Technology Media and Telecommunication

AGCom Communication Markets Monitoring System for the first quarter of 2024

The Italian Communications Authority (AGCom) has published the Communications Monitoring Report no. 2/2024 containing data for the first quarter of 2024.

The data included in the Communications Monitoring Report shows that during the reference period (January – March 2024), total direct fixed-line network access increased, with 58,000 more accesses compared to the updated figure for December 2023. However, on an annual basis, the number of accesses decreased by 0.2% – 36,000 fewer accesses compared to March 2023. The total number of lines recorded in March 2024 was 20.24 million.

AGCom reports that traditional copper-based lines decreased by approximately 195,000 units on a quarterly basis and by 763,000 units compared to March 2023. Over the past four years (March 2020 – March 2024), the decrease amounts to 5.31 million accesses. At the same time, lines using more advanced technologies have increased. In particular, total broadband lines are estimated at around 19.12 million units, showing growth both on a quarterly basis – with an increase of about 100,000 lines – and on an annual basis – with an increase of 110,000 units.

On an annual basis, there was a 4.9% decrease in FTTC (Fiber To The Cabinet) lines, with a total of 9.69 million accesses as of March 2024. In contrast, accesses using FTTH (Fiber To The Home) and FWA (Fixed Wireless Access) technologies increased by 26.1% and 8.3%, respectively, reaching 4.93 million accesses for FTTH and 2.20 million accesses for FWA.

As stated in the press release related to the Communication Monitoring Report, the dynamics have led to a significant increase in the performance of commercial connection speeds; the lines with speeds equal to or greater than 100 Mbit/s amounted to 74.4% of the total in March 2024, representing a more than 30% increase compared to March 2020, when such lines accounted for 43% of the total.

The upward trend in data consumption is confirmed: the overall volume of data consumed daily in the first quarter of 2024 increased by 14.8% compared to March 2023 and by 158% compared to the corresponding period in 2019. This is reflected in individual consumption data: the daily traffic per broadband line more than doubled between 2019 and 2024, rising from a daily average of 4.09 GB to 9.47 GB per line.

With regard to the mobile network segment, as of March 2024, AGCom reports that the total number of SIMs (including "human" SIMs, ie "voice only," "voice+data," and "data only" that involve human interaction, and M2M, ie "machine-to-machine") reached 108.9 million, an increase of 1.3 million year-over-year and about 400,000 units on a quarterly basis. Specifically, 30.5 million SIMs are M2M, while 78.5 million are "human" SIMs; of the latter, 13.6% are for business customers, and 86.4% are for residential customers, ie consumers.

As described by AGCom, there are approximately over 58 million human SIMs that generated data traffic during the first quarter of 2024, an increase of around 2.2 million units compared to the same period in 2023. The corresponding average daily consumption for the January – March 2024 period is estimated at around 0.83 GB, up 14% from 2023 and more than 300% compared to the corresponding period in 2019, when the daily data consumption was estimated at 0.19 GB.

Authors: Flaminia Perna, Matilde Losa

Innovation Law Insights is compiled by the professionals at the law firm DLA Piper under the coordination of Arianna Angilletta, Matteo Antonelli, Edoardo Bardelli, Carolina Battistella, Carlotta Busani, Giorgia Carneri, Noemi Canova, Maria Rita Cormaci, Camila Crisci, Cristina Criscuoli, Tamara D’Angeli, Chiara D’Onofrio, Federico Maria Di Vizio, Enila Elezi, Nadia Feola, Laura Gastaldi, Vincenzo Giuffré, Nicola Landolfi, Giacomo Lusardi, Valentina Mazza, Lara Mastrangelo, Maria Chiara Meneghetti, Deborah Paracchini, Maria Vittoria Pessina, Tommaso Ricci, Rebecca Rossi, Roxana Smeria, Massimiliano Tiberio, Federico Toscani, Giulia Zappaterra.

Articles concerning Telecommunications are curated by Massimo D’Andrea, Flaminia Perna e Matilde Losa.

For further information on the topics covered, please contact the partners Giulio Coraggio, Marco de Morpurgo, Gualtiero Dragotti, Alessandro Ferrari, Roberto Valenti, Elena Varese, Alessandro Boso Caretta, Ginevra Righini.

Learn about Prisca AI Compliance, the legal tech tool developed by DLA Piper to assess the maturity of AI systems against key regulations and technical standards here.

You can learn more about “Transfer,” the legal tech tool developed by DLA Piper to support companies in evaluating data transfers out of the EEA (TIA) here, and check out a DLA Piper publication outlining Gambling regulation here, as well as a report analyzing key legal issues arising from the metaverse qui, and a comparative guide to regulations on lootboxes here.

If you no longer wish to receive Innovation Law Insights or would like to subscribe, please email Silvia Molignani.

Print

Related capabilities

Consumer Goods, Food and RetailTechnologyMedia, Sport and EntertainmentIntellectual Property
SitemapPrivacy policyYour privacy choicesLegal noticesCookie policyMake a payment

DLA Piper is a global law firm operating through various separate and distinct legal entities. For further information about these entities and DLA Piper's structure, please refer to the Legal Notices page of this website. All rights reserved. Attorney advertising.

© 2024 DLA Piper US