Earlier this year, the UK’s privacy and competition regulators (the ICO and CMA) issued a joint paper setting out their concerns and expectations in the field of dark patterns – techniques designed to mislead or deceive users of online services – which the regulators refer to as “harmful online choice architectures”. As we’ve previously noted, dark patterns are an area of increasing focus of regulators, and the joint paper reflects the growing interplay between privacy and competition laws – a trend we expect to see continue in 2024.Continue Reading UK Regulators Target Dark Patterns
Vicky Ling
Vicky Ling is an associate in Covington’s competition team. She advises on all aspects of EU and UK competition law, including merger control, abuse of dominance, antitrust litigation, regulatory investigations and enforcement.
COVID-19: Processing of Vaccination Data by Employers in Europe
With the rollout of COVID-19 vaccination programs across the EU and the UK, employers are faced with questions about whether or not they are legally permitted to ask employees about their vaccination status and, if so, how that information may be used.
Employers may wish to inquire about the vaccination status of their employees in order to comply with their general obligation to ensure a safe workplace and minimize the risk of exposure to COVID-19. This raises privacy issues under the General Data Protection Regulation (“GDPR”), because employees’ vaccination status falls within a special category of personal data that concerns the health of individuals (Art. 9(1)). This category is subject to more stringent data protection measures due to the sensitive and personal nature of data, and can only be processed in very limited circumstances (Art. 9(2)).Continue Reading COVID-19: Processing of Vaccination Data by Employers in Europe
European Commission Proposes New Artificial Intelligence Regulation
In April 2021, the European Commission released its proposed Regulation Laying Down Harmonized Rules on Artificial Intelligence (the “Regulation”), which would establish rules on the development, placing on the market, and use of artificial intelligence systems (“AI systems”) across the EU. The proposal, comprising 85 articles and nine annexes, is part of a wider package of Commission initiatives aimed at positioning the EU as a world leader in trustworthy and ethical AI and technological innovation.
The Commission’s objectives with the Regulation are twofold: to promote the development of AI technologies and harness their potential benefits, while also protecting individuals against potential threats to their health, safety, and fundamental rights posed by AI systems. To that end, the Commission proposal focuses primarily on AI systems identified as “high-risk,” but also prohibits three AI practices and imposes transparency obligations on providers of certain non-high-risk AI systems as well. Notably, it would impose significant administrative costs on high-risk AI systems of around 10 percent of the underlying value, based on compliance, oversight, and verification costs. This blog highlights several key aspects of the proposal.Continue Reading European Commission Proposes New Artificial Intelligence Regulation