UK law
ICO calls for evidence on “text pests”
The ICO has launched a call for victims of so-called “text pests” to come forward to help the regulator gather evidence of the behaviour. Text pests are individuals who use personal information, such as a phone number or email address, given to them in a business context for romantic or sexual propositions, for example, asking a customer out on a date after they ordered a takeaway. The call for evidence comes as new research commissioned by the ICO reveals that nearly a third of 18-34-year-olds who responded to its poll had been victims of this practice. The research also revealed that younger people are more likely to mistakenly believe this to be a legal act. Two thirds of the public, however, believe it to be morally wrong. The ICO will be looking further at the unauthorised use of personal information for romantic or sexual propositions, contacting some of the major customer-facing employers in the country to emphasise their legal responsibilities as well as to learn more about what safeguards they have in place. The call for evidence ends on 15 September.
UK government consults on new trade marks and designs services
The UK Government has launched a second consultation on proposed changes to allow the Intellectual Property Office to deliver better digital services. In July, the government concluded its first transformation consultation. The new consultation focuses on specific trade marks and designs issues, but also includes some proposals on patents and tribunals. Amongst other things, the government is proposing to introduce a new digital service that will allow the public to view documents relating to trade mark and design applications online for the first time. This will remove the archaic requirement for members of the public to attend the IPO’s offices in person or order copies of documents to view this information. It aims to make it easier for the public to access information about IP.
New report on Age Assurance Technologies published
The ICO and Ofcom have commissioned and published a technical study on age assurance technologies. it aims to enhance understanding of this area and build on the regulators’ commitment to developing an aligned approach to age assurance. The report follows on from an initial technical study into the measurement of age assurance technologies commissioned by the ICO. It provides insight into measuring the accuracy levels achievable by different age assurance solutions and prompts further thinking on how to measure their overall effectiveness.
EU law
EDPS publishes two Opinions on financial and payment services and data sharing
The EDPS has published two Opinions: one on the proposal for a Regulation on a Financial Data Access Framework and one on the proposal for a Regulation and Directive on payment services in the EU’s internal market. Both proposals aim to foster the sharing of data to broaden the offer of financial services and products, whilst providing individuals or organisations control over the processing of their financial data. Under the Proposals, individuals and organisations would manage access to their financial data using dashboards provided by financial institutions. This would allow individuals concerned to monitor, restrict or grant access to their information. The EDPC highlights that, to achieve this objective, individuals or organisations should be provided with complete, accurate and clear information on the provider of the financial service requesting access to their data. Information on the type of product, payment or service for which an individual’s personal data would be used and the types of data requested should also be communicated. The EDPC welcomes the efforts made to ensure the Proposals’ consistency with the GDPR. It says that both Proposals should specify that the granting of “permissions” to access financial data does not equate to giving consent under the GDPR. Likewise, all processing of personal data following a request to access an individual’s financial data must have an appropriate legal basis under the GDPR.