The new Civil and Commercial Code refers to advertising – including comparative advertising – in the context of the rules concerning consent in consumption agreements. From a legislative viewpoint, this does not appear to be the most advisable perspective, as comparative advertising – the most important effects of which concern competitor companies, rather than consumers – is central to the regulation of advertising.
'Influencer marketing' means taking advantage of bloggers and other persons who have their own social media channels to promote goods and services. While the concept of transmitting arguably hidden advertising is problematic, there are many variations of this and the lines between hidden advertising and personal opinion are often blurred. As such, the Advertising Council recently issued guidelines for dealing with influencer marketing as a specific means of marketing communication.
The EU General Data Protection Regulation (GDPR) has created a new understanding and awareness of data protection. Despite being a directly applicable legal act, the GDPR has created significant work for the Austrian federal legislature, which has chosen to impose it by implementing the narrow but general Data Protection Act and introducing amendments to ordinary legal acts individually. However, these amendments are essentially limited to wording adjustments and restrictions on data subjects' rights.
The Austrian Data Protection Authority (DPA) recently published its first decision on retention periods following the enactment of the General Data Protection Regulation. The decision is final. The DPA had to decide how long a telecoms service provider must retain so-called 'master data' – that is, data required for the controller's legal relationship with the users of its services.
Companies regularly store information about their customers, clients, employees, investors, partners and vendors. Privacy and data security are therefore important aspects of most M&A transactions. Although the risk of non-compliance with privacy laws may result in severe negative consequences, many M&A agreements still lack adequate privacy-related representations and warranties.
Members of Parliament recently filed an application to amend the Data Protection Act 2018 in order to clarify certain aspects which have led to confusion over the past couple of months. In addition to several provisions relating to competence, the proposed act, among other things, contains a rephrased version of the fundamental right to data protection, introduces the mandatory appointment of data protection officers and suggests enabling the matching of images with explicit consent.
The Personal Information Protection Act (PIPA) was introduced to regulate and protect the use of personal information and embodies eight core privacy principles which are internationally recognised and accepted. As with the PIPA, the General Data Protection Regulation (GDPR) was enacted to govern the use of personal information and data. Bermuda companies should seek legal advice to determine whether the GDPR applies to their operations and, if so, how.
The president recently approved, with a partial veto, the Project for a General Law regarding Data Protection. The law will regulate the processing of personal data in Brazil. Even though this adaptation may be costly and time consuming, the enforcement of the law is expected to guarantee greater protection of personal data, increasing confidence in Brazil's economic environment.
An eagerly anticipated media law decision from the Ontario Court of Appeal confirms what may seem to be an obvious legal proposition: the publication of a newspaper article online is treated the same as the print version for the purposes of notice and limitation periods in a civil action – in other words, time periods governing libel actions do not start afresh each day that an online article is online.