Search
Close this search box.
Search
Close this search box.
/
/
/
Trends in Privacy and Data Protection
Trends in Privacy and Data Protection

Share the news:

With the start of the new year, we always weigh up what happened over the past 365 days, reviewing not only the present, but also what is to come. The same thing happens in matters of privacy and data protection, which is why we have decided to take a look ahead and see what topics will be discussed in 2023. These won’t be the only topics that we legal professionals will have to work with, but they will be three of the most interesting.

1: The Regulatory Framework Proposal on Artificial Intelligence (Artificial Intelligence Act)

For years the European Commission has had the firm intention to regulate the use and development of Artificial Intelligence (AI) systems, although there is still not a definitive text. The reason that a regulation has been chosen as the legal instrument to develop this matter is the need to uniformly apply the new rules, such as the definition of AI, the ban on specific harmful practices that AI would make possible, as well as the classification of AI systems.

The Proposal follows a risk-based approach and only imposes regulatory sanctions when an AI system is likely to pose high risks to fundamental rights and safety. In this way, the focus distinguishes between the uses of AI that generate: (i) an unacceptable risk, (ii) a high risk, and (iii) a limited or minimal risk. The list of prohibited practices (article 5) covers all AI systems whose use is considered unacceptable due to being contrary to the Union’s values -for example, due to violating fundamental rights- or which have a great potential to manipulate people through subliminal techniques that take advantage of the circumstances of specific vulnerable groups (such as minors or people with disabilities) to substantially alter their behaviour in a way that is harmful both to themselves and to others.

As European Regulations are directly applicable, they aim to reduce legal fragmentation and facilitate the development of a single market for legal, safe and reliable AI systems.

2. TrustPid or the Telco Supercookie

A few months ago, we started talking about a new identification system for advertising called “TrustPid”, known as the “Telco Supercookie”.

What is it? Vodafone, Telefónica, Orange and Deutsche Telekom have created a new joint venture (and have submitted their proposal to the European Commission) whose goal will be to develop a new digital identification system that will track users’ browsing habits and preferences through a digital token (TrustPid) which assigns a fixed IP to each client. Therefore, this cookie will not be placed on our computer, mobile device or browser, but rather at the level of the Internet Service Provider.) Its function will be to track clients to create pseudo-anonymous profiles through the data obtained, in a way that advertisers and publishers will be able to use the information to show advertising and personalised content for users.

These digital cookies cannot be rejected or blocked by the browser, but they can be disabled through a privacy portal that will be created for this purpose. According to the document submitted to the Commission, this privacy portal will also make it possible to review which brands and publishers have been given explicit consent for these purposes and will allow consent to be revoked at any time.

When will it be implemented? For the moment we will have to wait, as the European Commission must reach a decision on the matter by 10 February and afterwards the pilot tests would begin. In any case, it is clear that different operators are taking action with the goal of seeking alternatives to third-party cookies.

3. The Proposal for a Regulation for the European Health Data Space

The European Health Data Space will be the first shared health space in the EU and its main objective is to promote the exchange of health data and to support research on new preventive strategies, as well as on treatments, medicines, medical devices and results. As part of this matter, it is essential ensure that citizens have control over their own health data.

The European Commission considers the European Health Data Space (EHDS) to be a health-specific ecosystem formed by common rules, standards and practices, infrastructure and a governing framework whose objective is:

  • To ensure that people have greater control and digital access to their personal electronic health data, both at the national level as well as in the EU, and to support the free movement of data, promoting an authentic single market for electronic medical records systems.
  • To offer a coherent, reliable and efficient framework for the use of healthcare data in research, innovation, policy formulation and regulatory activities.
  • To improve the provision of health care, digital health services, as well as research on treatments, medicines, medical devices and results.
  • To accelerate the security and responsibility of Artificial Intelligence in health and in the healthcare sector.

In short, this regulation aims to allow the EU to take full advantage of the potential offered by the exchange, use and reuse of health data in a secure manner with full safeguards.

The year has started, and as we can see, there are many topics with a major impact on the table. Apart from the topics covered here, we will also see how the new Digital Markets Act (“DMA”) the Digital Services Act (“DSA”) and the eIDAS2 Regulation are being applied. The first two will have a major impact on digital platforms that operate within the EU. In turn, the eIDAS 2 Regulation promotes the implementation of a European electronic identity system which allows European citizens to have a digital identity that is recognised in every place in the European Union.

With all this in mind, we will continue breaking down these topics and much more throughout 2023.


Estrella Arana Gálvez
Data Protection Officer and Head of the Data Protection Area of PONS IP

LEGAL NOTICE PRESS ARTICLES REGULATED BY CEDRO:
Some of the journalistic articles included in this website are protected by Copyright. If you wish to carry out the reproduction, distribution, public communication or transformation, in any medium and in any way, of any article with the employees of your company or with external personnel, contact CEDRO to obtain your own authorization (licenses@cedro.org /cedrocat@cedro.org)

If you liked this content, share it:

Listen to our podcast

“Invention Privileges”

episodio 2
Las marcas en la nueva economía digital
El segundo episodio de nuestro podcast “Privilegios de Invención” está dedicado a uno de los derechos de propiedad industrial más...
episodio 1
Patentes Biotecnológicas
El primer episodio estará dedicado a uno de los grandes campos de la innovación a nivel mundial, uno de los...

NEWSLETTER

All the IP News

in your e-mail

Find out all the latest information on IP to boost the development of your organisation.

Subscribe to our bimonthly newsletter

In compliance with the provisions of the GDPR, the following is informed: Controller: PONS IP, S.A. (A-28750891). Purposes: send of electronic marketing communications related to the activities and services offered by PONS IP. Legitimation: Consent of the interested party [art. 6.1.a) GDPR]. Rights: Access, rectify, delete, limit, or oppose the treatment, request portability and revoke the consent given by sending an email to rgpd@ponsip.com, including as a reference "EXERCISE OF RIGHTS". More information.

International Awards

and Recognitions

International Awards and Recognitions