The TMT 2022 guide features 25 jurisdictions. The guide provides the latest legal information on cloud computing; blockchain; big data, machine learning and artificial intelligence (AI); the internet of things (IoT); data protection; telecommunications rules; audio-visual services; encryption; and TMT-relevant responses to COVID-19.
Last Updated: March 02, 2022
TMT 2022 - Global Overview
Last year was deeply marked by the COVID-19 health crisis, which impacted all sectors and industries globally. A positive side-effect of the pandemic for the technology, media and telecommunications (TMT) sector was the rocketing uptake of digital services and technologies – for example, online communication and videoconferencing technologies, streaming services and online shopping. However, the pandemic also heavily impacted suppliers’ ability both to deliver projects (due to illnesses, travel restrictions and work-from-home obligations) and to develop new products (due to supply chain issues). Meanwhile, the legal evolution in the TMT sector continued at a swift pace.
In 2021, cybersecurity was high on everyone’s agenda. Some people even talked about a "cybercrime pandemic". Against this background, the EU discussed three legislative proposals which were published just before the start of the year – namely, the NIS 2 Directive, the Directive on the resilience of critical entities and the Regulation on the digital operational resilience for the financial sector.
Another major and much-anticipated development was the publication of a draft Artificial Intelligence Act. Indeed, AI remains an increasing trend; for example, it is expected that by 2025 the AI market will reach USD191 billion. This will continue to challenge existing legal frameworks and traditional thinking paths: throughout it all, technology influences law and law influences technology.
For any person not within the sector – and sometimes even for those who are – it is difficult to remain up-to-date on even the major developments, both technological and legal. For example, as a result of Mark Zuckerberg’s announcement that he wants to transform Facebook from a social media network into a “metaverse company” in the next five years, the metaverse has rapidly become a hot topic in the sector. For this reason, the Chambers TMT 2022 guide aims not so much to paint a broad picture, covering all possible aspects of the TMT landscape, as to be topic-driven, giving insights into some of the most frequent questions with which lawyers and in-house counsel will be confronted in this era of permanent change.
Nearly everything is "cloud" nowadays – your television, your music, your wallet, your work documents, your professional contacts, your communications, your software – even, perhaps, your relationships.
For consumers, there is often a trade-off to be made between availability and control, with licensing replacing ownership. For organisations, a decrease in costs generally goes hand-in-hand with higher security standards – as well as provider-dependency.
The legal implications can be diverse, from sector-specific regulations on availability and liability to broader data protection considerations.
With cryptocurrencies as currently their leading use, the case for the use of distributed ledgers outside of (and even within) the financial sector is still being made. Yet if you are presented with a "killer app" for blockchain, what legal challenges will you face?
Risk and liability, intellectual property, data protection, service levels, jurisdictional issues in relation to the relevant contractual relationships – the Chambers TMT 2022 guide provides a taste of how to deal with these issues.
Big Data, Machine Learning and Artificial Intelligence
In the past few years, we have allowed digital assistants to invade our workplaces and homes. From completing an unfinished symphony by a revered composer, to carrying out predictions of shopping patterns, and learning board games on their own – an increase in the capabilities of machines has created possibilities deemed unthinkable just a few years ago.
For businesses, big data promises a better understanding of their customers and patterns, while for consumers, big data may involve a number of undesired side-effects (for example, when being subject to profiling or automated decision-making on the basis of all data gathered).
Big data, machine learning and artificial intelligence also raise important societal and legal questions ranging from liability and insurance, data protection and intellectual property to jurisdiction and even fundamental rights. While few businesses will yet be examining whether algorithms also have fundamental rights, there are more immediate concerns they may well wish to consider.
Internet of Things (IOT)
IoT is a small acronym for something so large. After our computers and mobile devices, everything in our home and workplace is becoming "connected". Energy providers are keen to roll out smart meters, and automobile manufacturers are becoming service providers by adding connectivity to their (manual or self-driven) vehicles.
With many of our devices (eg, fridges, lights and watches) connected to the internet, the security risks are increasing because of the vulnerability of such devices. Hackers no longer have to directly target laptops or PCs, with stronger in-built security features, but can rather attack IoT devices, which are often not properly secured, in order to compromise an entire network and access all devices connected to it.
Aside from data protection, some of the legal key words have become more technical, such as machine-to-machine (M2M) communications, communications secrecy and cybersecurity. Any project in this field requires careful consideration and sound legal review.
IT Service Agreements
In a global economy, organisations have a broad range of providers to choose from. In some countries or regions, though, choosing a local provider means that the foreign organisation must contend with specific rules.
If data cannot leave a given provider's country, is it as attractive to work with that provider? Some legal restrictions can be very specific, such as restrictions on price-revision mechanisms. All in all, it is invariably best to be informed of local requirements before making a selection.
Employee performance reviews, business strategies, customer lists, etc – every organisation has data, and much of it is personal data. Business information may be confidential, but it is not necessarily protected as such by law; personal data may at first sight appear to be trivial, but failing to protect it can give rise to fines.
Data protection is not just about placing a short notice on a website. It is a mindset: it is thinking why an organisation needs certain data, and what it will do with that data. Sometimes, this requires in-depth data protection impact assessments or even consultation with data protection authorities.
Monitoring and Limiting of Employee Use of Computer Resources
Monitoring employees is nothing new, but the techniques for doing so are constantly evolving, as are the laws detailing what is permissible in terms of personal privacy. Location-tracking for drivers, country identification for workers posted abroad, monitoring of social media use within an organisation – the digital surveillance of employees can take many forms. What is more, this surveillance can have a range of purposes: factory productivity improvements, anticompetitive conduct prevention, tax administration facilitation, etc.
From broad rules in relation to data protection to specific rules on employee monitoring, there are many aspects to contend with, and it may in certain cases be necessary to carry out in-depth assessments or even to obtain approval from works councils before any project can be rolled out.
Considering the above in light of the current COVID-19 pandemic, it is evident that such issues have become even more relevant. Homeworking suddenly became "the new normal" for millions of persons, and employers increasingly investigated possibilities to monitor (the effectiveness and productivity of) their employees working remotely. In such circumstances, it becomes even more crucial to be aware and master the applicable legal framework.
Scope of Telecommunications Regime
Once, telecommunications rules would have been considered to apply only to large incumbent telephone and radio operators. Today, voice-over IP (VoIP) and instant messaging solutions have become commonplace in organisations, sometimes even in interactions with customers. Finally, many retailers and product manufacturers have adopted technology-powered labelling in the form of RFID tags.
However, the use of some of these means of communication or technologies can trigger the application of a strict regulatory regime, even requiring administrative fees in certain cases. While this regime does not represent an insurmountable cost or effort, it is worth considering its application in all such projects.
Audio-Visual Services and Video Channels
Today, every organisation can have a digital communications channel, from podcasting to video channels, a realm once reserved for large content providers. Yet, where this is more than a one-off video, the creation of a structure and frequent addition of content can trigger the need to apply for authorisations with the local regulator.
It is therefore important to know whether rules on audio-visual services also apply to online video channels, even on third-party websites featuring user-generated content.
Security of information can be achieved in a number of ways, notably encryption. This particular form of data manipulation is often believed to be the ultimate information security measure. However, not all encryption is created equal, with certain algorithms by their very nature being stronger than others, and some even having been broken.
In an era of breaches involving billions of user credentials, though, encryption remains a gold standard. In this context, it is important to know whether it is required or recommended by law and, if so, for what purposes.
Such conclusion can be transposed to the other topics and issues touched upon in this Chambers TMT 2022 guide. Knowing the legal framework applicable to your technology or area of work is fundamental to avoid unpleasant surprises or undesired obstacles. By publishing this guide, we intend to provide you with a useful outlook on the legal framework applicable to key aspects of the TMT sector, thereby helping you to navigate this constantly evolving sector where law and technology continuously influence each other.