Publication
Proposed changes to Alberta’s Freedom of Information and Protection of Privacy Act
Alberta is set to significantly change the privacy landscape for the public sector for the first time in 20 years.
Global | Publication | July 2018
The exit from the EU will not happen for at least two years and potentially longer. In the meantime, the UK remains a member of the EU and all the EU obligations and benefits remain in place. In the short term therefore, it is business as usual in the UK up to at least March 2019.
After Brexit (2019+) the impact upon the technology and innovation sector largely depends upon what model the UK adopts for its relationship with the EU. If the UK remains in the European Economic Area then the changes may be minimal. If the UK joins the European Free Trade Association and negotiates sector specific access to the single market then the landscape depends on the exact nature of that relationship. If the UK distances itself further from the EU then the changes may be more extensive.
There will be ramifications to the sector in light of Brexit, not least given the current uncertainty prevailing in UK politics, markets and as to the UK’s future with the EU. The UK has a strong track record in the technology and innovation sector with tax incentives, investment and funding, R&D and other key drivers high on its agenda. Norway (which is not in the EU) is a prime example of how the sector can develop effectively outside of the EU.
In terms of specific key areas, the precise changes remain to be seen. However, set out below are some of the possible issues.
To the extent that such EU laws have been implemented into English law, consumers will continue to benefit from them unless or until they are repealed or changed. In respect of any new regulations implemented following Brexit taking effect, the UK — irrespective of the exit model to be adopted by it — will need to negotiate an appropriate partnership agreement with the EU, which may or may not confer on UK consumers all, or some of, the rights enjoyed by EU consumers. The UK will then need to adopt and comply with the relevant EU legislative measures. Alternatively, the UK could look to develop its own laws in a manner that is consistent with evolving EU regulation.
Under the later scenario, however, international roaming charges for UK consumers travelling in the EU might not be subject to legislative protections as the UK Parliament will not be able to legislate for wholesale roaming rates charged back by EU mobile companies. Protections against high EU roaming rates could therefore only be provided through bilateral agreements between UK mobile companies and their EU counterparts.
Regardless of Brexit taking effect, the EU is proceeding with proposals to advance new rules governing and achieving such a harmonised market (for example, rules regulating services and technologies that use mobile networks (so-called over-the-top (OTT) services); mandating cross-border access to on-line content service; and amendment to copyright rules to reflect new technologies).
In March 2018 Theresa May confirmed in her speech that the UK will remain outside the EU’s “Digital Single Market” (SDM). This decision will be relevant to businesses’s decisions on whether or not to launch online services in the UK (for instance, if - following Brexit taking effect - the UK decides to adopt a less restrictive approach to OTT or to on-line content services, this could encourage establishment in the UK; whereas divergence in regulation between the UK and the EU in some areas could affect the investment decisions of mobile and fixed-line/broadband operators).
The disapplication of EU state aid rules could remove an obstacle to additional Government investment in infrastructure to support isolated areas (for example, remote locations and mobile “not-spots”) and to bring forward next generation network services.
A further proposal related to the SDM concerns the harmonisation of spectrum policy, where harmonisation is being considered under the SDM initiative, although Brexit taking effect should not result in divergence as the UK will still be a member of CEPT and the ITU (the international organisations that deal with these issues).
Brexit taking effect (2019+) transfers of personal data from the EU to the UK will only be allowed if the transfers provide adequate safeguards for the personal data in the UK. One way to achieve this adequacy standard is for the UK to obtain an “adequacy decision” from the European Commission i.e. finding it to be a safe third country for personal data imports. It remains to be seen whether the UK will receive a positive adequacy decision and there is a risk that it will not if the UK ceases to recognise as English law the new General Data Protection Regulation (GDPR) (once it is in force). In such a case, all businesses operating in the EU will need to revisit personal data flows (and corresponding export solutions) insofar as they wish such data to be transferred to the UK.
The Data Protection Act 1998 (DPA 1998) has for some time now been regarded as lagging behind developments in technology in its treatment of personal data. The UK Information Commissioner’s Office has stated that it would seek to explain its view to the UK Government that the reform of UK data protection law remains necessary even in the light of Brexit, and our view is therefore that it is unlikely that the UK would revert back to (or keep) this legislation.
Although the UK Government is on record as having opposed the more “anti-business” aspects of the new GDPR (and therefore there could be a move to water these down in its provisions following Brexit taking effect), to ignore the GDPR completely in a post-Brexit context might (as noted above) run the risk that the EU Commission would regard the UK as not being a “safe third country” (to which personal data from the EU may be transferred).
In addition, global businesses are likely to prefer dealing with one set of data protection rules across Europe and doing business in the UK could become less attractive if its data protection regime is significantly different from that of the EU.
It is possible that the UK could adopt an intermediate position between the DPA 1998 and the new GDPR, although this seems unlikely for the reasons set out above. Uncertainties around this pose significant challenges for multinational businesses, because of:
If UK data protection laws diverge from the new GDPR, as noted earlier, export from the EU to the UK might require further formalities (e.g. the imposition of EU model clauses or binding corporate rules covering the UK entity) to be complied with.
However, it is quite likely that a multinational would roll out the higher GDPR standards to the UK in any event, and it is unlikely that English law would prohibit this.
A further key point to note is that the GDPR will apply to the processing of personal data by businesses that target services at EU nationals or monitor the behaviour of EU users, wherever the business is located. This will mean that, notwithstanding any alterations to English law, the GDPR will still apply to “UK only” businesses if they are processing data relating to EU nationals who they have targeted services at or if they are otherwise monitoring the behaviour of EU-located users.
In the area of commercial law, the following are key pieces of EU legislation:
In the area of consumer protection law, the following are key pieces of EU legislation:
In the area of e-commerce and information society services, the following are key pieces of EU legislation:
The extent to which such legal requirements may change when Brexit takes effect will depend on what transitional and savings arrangements the UK Parliament decides to enact. It is as yet not clear what these might be.
Businesses located in the UK will still wish to sell to consumers and other businesses in the EU. To do that, regardless of the technical position reached by the UK Parliament on transitional and savings arrangements, such businesses will still need in practice to comply with a significant amount of EU law (not least because such requirements may be imposed on them as part of supply chain requirements from their own business customers within the EU, or because EU laws typically purport to apply extra-territorially in relation to sales of goods and services directed at consumers located in the EU).
It may well be the case, therefore, that a considerable body of English consumer protection law continues to be aligned with EU law after a Brexit.
The impact on outsourcing models of repealing TUPE will depend on what TUPE might be replaced with. Whilst the UK Government has indicated that it will adopt all EU employment legislation in the Great Repeal Bill, TUPE itself is an extension of the ARD including reference to Service Provision Changes which do not originate from the ARD. Significant pricing assumptions are made by suppliers based on the similar operation (as implemented by member states) of the ARD across Europe. In addition, the Government has confirmed that there will be no change to employee rights in the short term. However, in the medium to longer term, if TUPE no longer applied in the same form in the UK, those assumptions would need to be revisited, with the result that pricing models might need to vary as between the UK and the rest of the EU. Outsourcing suppliers would need to consider whether freedom from the operation of TUPE provides any opportunity to ‘de-risk’ aspects of their service offering.
a. Patent right
The current system of national patent protection obtained through the UK Intellectual Property Office (UKIPO) or the European Patent Office (this is not an EU institution) will remain unchanged.
However, an overhaul of the patent regime in the EU is due to come into force enabling proprietors of inventions to apply for a single, pan-EU Unitary Patent (UP) covering most of the EU, and with a single Unified Patent Court (UPC) to hear and determine patent disputes on a pan-EU basis. The future of the Unified Patent Court (UPC) system had been in doubt following the UK’s vote to exit the EU as it had been created within the EU framework. The UK government announced on 28 November 2016 that it will ratify the Unified Patent Court Agreement which means that the system can now be implemented, and following the triggering of Article 50, maintained that ratification will proceed in due course. Currently, the Unified Patent Court (UPC) system is timetabled to start in December 2017.
The Government has been quick to clarify that its decision has no bearing on its negotiation stance as it prepares to exit the EU: the UK’s eligibility to remain in the UPC system after Brexit takes effect remains unclear. Thus, although ratification most certainly means that the UPC system will survive (with or without the UK), it does not remove the uncertainty over the scope of granted unitary patents and any pending litigation in the UPC following the UK’s withdrawal from the EU.
Businesses are urged to review their patent protection and future enforcement strategies, bearing in mind that the UPC is now becoming a reality, albeit with a question mark over what it will look like after Brexit takes effect. Theoretically UK's continued involvement is possible but current thinking is that this would involve UK submitting to the jurisdiction of the CJEU, which will be a challenge in the current political climate.
b. Trade mark right
The national trade mark system whereby UK trade marks are obtained via the UKIPO is unchanged.
After Brexit takes effect, EU trade marks are likely no longer to cover the UK. Proprietors of existing EU trade marks will be likely to be able to rely on transitional provisions (terms or procedures for which are yet to be determined) which should enable proprietors to obtain separate UK coverage based on the EU trade mark right.
Going forward, if the UK is an important marketplace, applicants should consider seeking separate UK trade mark protection in addition to filing the EU or designating the EU within a Madrid Protocol application. This would bring certainty and the assurance that rights are readily enforceable in the UK should the need arise.
c. Design rights
The national system of UK Registered Designs obtained through the UKIPO and the UK unregistered design right is unchanged.
After Brexit takes effect, Community registered design rights will likely no longer cover the UK. Again, similarly to the trade mark position, proprietors of existing Community registered designs will likely to be able to rely on transitional provisions (terms or procedures for which are yet to be determined) which should enable proprietors to obtain separate UK coverage based on existing Community registered design right. Again, going forward, if the UK is an important market, applicants should consider seeking separate UK registered design protection in addition to filing a Community registered design right.
d. Copyright
There is no change to copyright protection in the UK as it is not harmonised across the EU.
Although copyright law per se is not harmonised, the rules governing the way in which copyright protected works can be exploited in certain contexts are governed by EU law (such as the Software Directive and the InfoSoc Directive), and these EU laws have already been implemented into UK legislation. However, there have been calls to harmonise copyright laws, which has led to initiatives such as the “Digital Single Market” (see below).
To the extent that such EU laws have been implemented into English law, consumers will continue to benefit from them unless or until they are repealed or changed. In respect of any new regulations implemented following Brexit taking effect, the UK will need to decide whether or not it wants to remain part of a harmonised EU telecoms market. If so, the UK — irrespective of the exit model to be adopted by it — will need to negotiate an appropriate partnership agreement with the EU, which may or may not confer on UK consumers all, or some of, the rights enjoyed by EU consumers. The UK will then need to adopt and comply with the relevant EU legislative measures. Alternatively, the UK could look to develop its own laws in a manner that is consistent with evolving EU regulation.
Under the later scenario, however, international roaming charges for UK consumers travelling in the EU might not be subject to legislative protections as the UK Parliament will not be able to legislate for wholesale roaming rates charged back by EU mobile companies. Protections against high EU roaming rates could therefore only be provided through bilateral agreements between UK mobile companies and their EU counterparts.
Regardless of Brexit taking effect, the EU can be expected to proceed with proposals to advance new rules governing and achieving such a harmonised market (for example, rules regulating services and technologies that use mobile networks (so-called over-the-top (OTT) services); mandating cross-border access to on-line content service; and amendment to copyright rules to reflect new technologies).
Assuming the UK opts to remain outside the EU’s “Digital Single Market” (SDM) (for example, through an arrangement any less than a Norway-like EEA membership arrangement), and depending on whether these rules are implemented prior to Brexit taking effect (2019+), the UK will be able to decide for itself whether to follow the SDM approach and ensure harmonised arrangements in the UK or to allow domestic law to diverge. The path chosen could affect a business’s decision whether or not to launch online services in the UK (for instance, if - following Brexit taking effect - the UK decides to adopt a less restrictive approach to OTT or to on-line content services, this could encourage establishment in the UK; whereas the lack of regulation in some areas could affect the investment decisions of mobile and fixed-line/broadband operators).
From another perspective, the removal of EU state aid rules could remove an obstacle to additional Government investment in infrastructure to support isolated areas (for example, remote locations and mobile “not-spots”) and to bring forward next generation network services.
A further proposal related to the SDM concerns the harmonisation of spectrum policy, where harmonisation is being considered under the SDM initiative, although Brexit taking effect should not result in divergence as the UK will still be a member of CEPT and the ITU (the international organisations that deal with these issues).
Council Directive 2001/23/EC of 12 March 2001 on the approximation of the laws of the Member States relating to the safeguarding of employees' rights in the event of transfers of undertakings, businesses or parts of undertakings or businesses.
SI 1993/3053.
Directive 2011/7/EU of the European Parliament and of the Council of 16 February 2011 on combating late payment in commercial transactions.
SI 2013/395.
SI 2013/908.
SI 2015/1336.
Directive 2006/114/EC of the European Parliament and of the Council of 12 December 2006 concerning misleading and comparative advertising.
SI 2008/1276.
Directive 2010/13/EU of the European Parliament and of the Council of 10 March 2010 on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services
SI 2009/2979.
SI 2009/2979.
SI 2010/831.
Council Directive 93/13/EEC of 5 April 1993 on unfair terms in consumer contracts.
Directive 2011/83/EU of the European Parliament and of the Council of 25 October 2011 on consumer rights, amending Council Directive 93/13/EEC and Directive 1999/44/EC of the European Parliament and of the Council and repealing Council Directive 85/577/EEC and Directive 97/7/EC of the European Parliament and of the Council.
Directive 1999/44/EC of the European Parliament and of the Council of 25 May 1999 on certain aspects of the sale of consumer goods and associated guarantees.
SI 2013/3134.
SI 2012/3110.
Directive 2005/29/EC of the European Parliament and of the Council of 11 May 2005 concerning unfair business-to-consumer commercial practices in the internal market and amending Council Directive 84/450/EEC, Directives 97/7/EC, 98/27/EC and 2002/65/EC of the European Parliament and of the Council and Regulation (EC) No 2006/2004 of the European Parliament and of the Council.
SI 2008/1277.
SI 2008/1277.
SI 2009/2999.
Directive 2006/54/EC of the European Parliament and of the Council of 5 July 2006 on the implementation of the principle of equal opportunities and equal treatment of men and women in matters of employment and occupation.
Directive 2013/11/EU of the European Parliament and of the Council of 21 May 2013 on alternative dispute resolution for consumer disputes and amending Regulation (EC) No 2006/2004 and Directive 2009/22/EC.
SI 2015/542.
Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market.
SI 2002/2013.
EU/910/2014.
Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures.
SI 2016/696.
SI 2002/318.
Transfer of Undertakings (Protection of Employment) Regulations 2006 (SI 2006/246).
Council Directive 2001/23/EC of 12 March 2001 on the approximation of the laws of the Member States relating to the safeguarding of employees' rights in the event of transfers of undertakings, businesses or parts of undertakings or businesses.
Publication
Alberta is set to significantly change the privacy landscape for the public sector for the first time in 20 years.
Publication
On December 15, amendments to the Competition Act (Canada) (the Act) that were intended at least in part to target competitor property controls that restrict the use of commercial real estate – specifically exclusivity clauses and restrictive covenants – came into effect.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023