Tag: European Union

World Trade Organization Approves U.S. Tariffs on European Union Goods to Counteract Civil Aviation Subsidies

The World Trade Organization (WTO) has approved U.S. duties on $7.5 billion in products from the European Union (EU) after ruling that the EU had unfairly subsidized the production of large civil aircraft, such as those produced by Airbus. The U.S. Trade Representative (USTR) will enforce 10 percent duties on imports of certain aircraft and 25 percent duties on imports of other goods (including agricultural products, apparel, machinery, and other products) beginning October 18, 2019.

The EU plans to impose retaliatory tariffs on $20 billion of U.S. exports in response to subsidies allegedly provided to American plane manufacturer Boeing. However, the EU will have to wait for WTO approval in separate proceedings. The United States and the EU have been involved in WTO dispute settlement proceedings regarding subsidies for large civil aircraft since 2004.

Duties of 10 percent apply to imports of passenger and cargo aircraft from France, Germany, Spain, and the United Kingdom (where the majority of Airbus production is based), provided that they have an unladen weight exceeding 30,000 kg.1

Duties of 25 percent apply to imports of other products from all EU member states (or a subset of these member states, depending on the product category). These products include certain cheeses, pork, coffee, seafood, fruit, dairy spreads, wine, whisky, apparel, bedding, optical instruments, appliances, tools, folding knives, and magnets.

Military aircraft, civil helicopters, and parts or components of civil aircraft are not subject to the duties.2

1 Examples of subject aircraft over 30,000 kg are regional jets capable of seating more than 100 passengers (such as the Airbus A220) and any larger aircraft (including long-haul, wide-body jets). Smaller aircraft, including recreational aircraft, private jets, most turboprop aircraft, and most regional jets with a capacity of fewer than 100 passenger, have an unladen weight of less than 30,000 kg and are excluded.

2 Airbus has production facilities in the United States, that rely on components imported from the EU. Additionally, some EU companies produce certain components of military aircraft for export to the United States.

©2019 Drinker Biddle & Reath LLP. All Rights Reserved

For more on international trade, see the National Law Review Antitrust & Trade Regulation or Global law pages.

Can We Really Forget?

I expected this post would turn out differently.

I had intended to commend the European Court of Justice for placing sensible limits on the extraterritorial enforcement of the EU’s Right to be Forgotten. They did, albeit in a limited way,[1] and it was a good decision. There.  I did it. In 154 words.

Now for the remaining 1400 or so words.

But reading the decision pushes me back into frustration at the entire Right to be Forgotten regime and its illogical and destructive basis. The fact that a court recognizes the clear fact that the EU cannot (generally) force foreign companies to violate the laws of their own countries in internet sites that are intended for use within those countries (and NOT the EU), does not come close to offsetting the logical, practical and societal problems with the way the EU perceives and enforces the Right to be Forgotten.

As a lawyer, with all decisions grounded in the U.S. Constitution, I am comfortable with the First Amendment’s protection of Freedom of Speech – that nearly any truthful utterance or publication is inviolate, and that the foundation of our political and social system depends on open exposure of facts to sunlight. Intentionally shoving those true facts into the dark is wrong in our system and openness will be protected by U.S. courts.

Believe it or not, the European Union also has such a concept at the core of its foundation too. Article 10 of the European Convention on Human Rights states that:

“Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers.”

So we have the same values, right? In both jurisdictions the right to impart information can be exercised without interference by public authority.  Not so fast.  The EU contains a litany of restrictions on this right, including a limitation of your right to free speech by the policy to protect the reputation of others.

This seems like a complete evisceration of a right to open communication if a court can force obfuscation of facts just to protect someone’s reputation.  Does this person deserve a bad reputation? Has he or she committed a crime, failed to pay his or her debts, harmed animals or children, stalked an ex-lover, or violated an oath of office, marriage, priesthood or citizenship? It doesn’t much matter in the EU. The right of that person to hide his/her bad or dangerous behavior outweighs both the allegedly fundamental right to freedom to impart true information AND the public’s right to protect itself from someone who has proven himself/herself to be a risk to the community.

So how does this tension play out over the internet? In the EU, it is law that Google and other search engines must remove links to true facts about any wrongdoer who feels his/her reputation may be tarnished by the discovery of the truth about that person’s behavior. Get into a bar fight?  Don’t worry, the EU will put the entire force of law behind your request to wipe that off your record. Stiff your painting contractors for tens of thousands of Euros despite their good performance? Don’t worry, the EU will make sure nobody can find out . Get fired, removed from office or defrocked for dishonesty? Don’t worry, the EU has your back.

And that undercutting of speech rights has now been codified in Article 17 of Regulation 2016/679, the Right to be Forgotten.

And how does this new decision affect the rule? In the past couple weeks, the Grand Chamber of the EU Court of Justice issued an opinion limiting the extraterritorial reach of the Right to be Forgotten. (Google vs CNIL, Case C‑507/17) The decision confirms that search engines must remove links to certain embarrassing instances of true reporting, but must only do so on the versions of the search engine that are intentionally servicing the EU, and not necessarily in versions of the search engines for non-EU jurisdictions.

The problems with appointing Google to be an extrajudicial magistrate enforcing vague EU-granted rights under a highly ambiguous set of standards and then fining them when you don’t like a decision you forced them to make, deserve a separate post.

Why did we even need this decision? Because the French data privacy protection agency, known as CNIL, fined Google for not removing presumably true data from non-EU search results concerning, as Reuters described, “a satirical photomontage of a female politician, an article referring to someone as a public relations officer of the Church of Scientology, the placing under investigation of a male politician and the conviction of someone for sexual assaults against minors.”  So, to be clear, while the official French agency believes it should enforce a right for people to obscure that they have been convicted of sexual assault against children from the whole world, the Grand Chamber of the European Court of Justice believes that the people convicted child sexual assault should be protected in their right to obscure these facts only from people in Europe. This is progress.

Of course, in the U.S., politicians and other public figures, under investigation or subject to satire or people convicted of sexual assault against children do not have a right to protect their reputations by forcing Google to remove links to public records or stories in news outlets. We believe both that society is better when facts are allowed to be reported and disseminated and that society is protected by reporting on formal allegations against public figures or criminal convictions of private ones.

I am glad that the EU Court of Justice is willing to restrict rules to remain within its jurisdiction where they openly conflict with the basic laws of other jurisdictions. The Court sensibly held,

“The idea of worldwide de-referencing may seem appealing on the ground that it is radical, clear, simple and effective. Nonetheless, I do not find that solution convincing, because it takes into account only one side of the coin, namely the protection of a private person’s data.[2] . . . [T]he operator of a search engine is not required, when granting a request for de-referencing, to operate that de-referencing on all the domain names of its search engine in such a way that the links at issue no longer appear, regardless of the place from which the search on the basis of the requester’s name is carried out.”

Any other decision would be wildly overreaching. Believe me, every country in the EU would be howling in protest if the US decided that its views of personal privacy must be enforced in Europe by European companies due to operations aimed only to affect Europe. It should work both ways. So this was a well-reasoned limitation.

But I just cannot bring myself to be complimentary of a regime that I find so repugnant – where nearly any bad action can be swept under the rug in the name of protecting a person’s reputation.

As I have written in books and articles in the past, government protection of personal privacy is crucial for the clean and correct operation of a democracy.  However, privacy is also the obvious refuge of scoundrels – people prefer to keep the bad things they do private. Who wouldn’t? But one can go overboard protecting this right, and it feels like the EU has institutionalized its leap overboard.

I would rather err on the side of sunshine, giving up some privacy in the service of revealing the truth, than err on the side of darkness, allowing bad deeds to be obscured so that those who commit them can maintain their reputations.  Clearly, the EU doesn’t agree with me.

[1] The Court, in this case, wrote, “The issues at stake therefore do not require that the provisions of Directive 95/46 be applied outside the territory of the European Union. That does not mean, however, that EU law can never require a search engine such as Google to take action at worldwide level. I do not exclude the possibility that there may be situations in which the interest of the European Union requires the application of the provisions of Directive 95/46 beyond the territory of the European Union; but in a situation such as that of the present case, there is no reason to apply the provisions of Directive 95/46 in such a way.”

[2] EU Court of Justice case C-136/17, which states, “While the data subject’s rights [to privacy] override, as a general rule, the freedom of information of internet users, that balance may, however, depend, in specific cases, on the nature of the information in question and its sensitivity for the data subject’s private life and on the interest of the public in having that information. . . .”

 

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.

For more EU’s GDPR enforcement, see the National Law Review Communications, Media & Internet law page.

Brexit: Can the Remainers Stop a No-Deal Brexit?

Brexit has driven fault lines through British politics as seen at no time since the 1680s. Fervent ‘leavers’ and fervent ‘remainers’ can be found in both of the main political parties, although most favour various compromise options in between.

This is reflected in the composition of the UK Parliament and has resulted in an impasse, with Parliament rejecting both the transitional ‘deal’ to leave the EU negotiated by former Prime Minister Theresa May at the end of 2018 and the prospect of leaving the EU without a deal – a ‘no deal’ Brexit. The election of Boris Johnson as the new UK prime minister and his appointment of a government leaning firmly towards leaving the EU, with or without a deal on October 31, 2019, throws up some distinctive legal challenges: If a new deal cannot be struck with the EU, is a no-deal Brexit inevitable, or can the remainer MPs stop it?

Concluding a new deal with the EU by October 31 is challenging, not least given the limited time available for negotiating it and having it approved by the European and UK Parliaments. This is compounded by the complexity of the issues the UK government seeks to renegotiate, particularly the Irish backstop, and the EU’s no-renegotiation stance – although it has indicated willingness to revisit the nature of the future relationship between the EU and UK.

The legal position on a no-deal Brexit is set out in the European Union (Withdrawal) Act 2018, as amended in April 2019. This Act sets Brexit date at October 31, 2019. It also requires Parliament to approve any withdrawal agreement with the EU. What it does not require is that there should, in fact, be a withdrawal agreement. Consequently, the Act does not require parliamentary consent for a ‘no deal’ Brexit. Prime Minister Johnson does not, accordingly, need to secure any parliamentary majority for this. And since the Act will prevail over any parliamentary vote to reject a no-deal Brexit, he does not have to comply with any vote passed to the contrary.

The first legal route open to remainer MPs is to seek to amend the 2018 Act. The problem that they would have is timing. Parliament is in recess until September 3. There is usually a further recess from mid-September to the second week in October for the party conference season. Even if the second recess were to be abandoned, there is insufficient time for an amending bill to be passed before October 31 using normal parliamentary procedures. There is provision for emergency legislation to be passed very quickly, but this would require a consensus among all parties and the support of the government, both of which seem unlikely given the split between remainers and leavers within the main parties and the new government’s express intention to achieve Brexit by October 31.

The second legal route open to remainer MPs is to force a general election. Under the terms of the UK Fixed-term Parliaments Act 2011, Leader of the Opposition Jeremy Corbyn would need to propose a motion of no confidence in Prime Minister Johnson’s government. At present, the Conservatives have a majority of one in Parliament, but only with the support of the Democratic Unionist Party from Northern Ireland. However, a number of Conservative MPs have indicated that they would be prepared to bring their own government down on this issue. An unknown factor is whether leaver MPs in the Labour Party are prepared to abstain or even vote against such a motion.

A motion of no confidence under the 2011 Act requires only a simple majority of MPs voting in favour. However, there are still timing issues. The earliest that such a motion can be proposed is September 3. If passed, it would trigger a cooling-off period of 14 days for an alternative government to be formed. At the end of this period, if, as he would be entitled to do, Mr Johnson were to remain prime minister, UK electoral law would require him to announce the date for a general election within a further 25 days. However, there is no requirement for the election actually to be held within a particular time. Although the Queen must be consulted about the date, this is a formality. Prime Minister Johnson would, therefore, be within his constitutional rights to call an election only after the October 31 Brexit deadline has passed and the UK has left the EU.

Remain supporters have indicated that their strategy, if they are able to force an election, would be to rely on the legal status of the ‘standstill’ or status quo convention to prevent a no-deal Brexit on October 31. When an election is called, the government immediately becomes a caretaker administration. By parliamentary convention (‘convention’ in the sense of accepted practice), this administration should not embark on any major new projects and may not use the UK civil service for such a purpose. Cabinet Secretary Sir Mark Sedwill, the head of the civil service, is reported as having expressed the view that the ‘standstill’ in this situation would be that the UK remains in the EU. However, government spokespersons have said that this would involve the civil service effectively acting in contravention of the 2018 Withdrawal Act.

It seems likely, if this scenario develops, that the matter will be referred to the UK Supreme Court. The British constitution is not written down and relies on many traditions and convention, some of considerable antiquity. However, there is precedent in a December 2018 Supreme Court case, which decided that the legislative consent motions passed by the Scottish Parliament under the Scotland Act 1998 could not be used to affect the validity of the 2018 Withdrawal Act. It had been argued that the convention requiring the Scottish government to be consulted on any UK legislation that involved matters devolved to Scotland was absolute. The Supreme Court disagreed, on the basis that a convention could not take precedence over a statute. On this basis, any reference to the Supreme Court seeking to block the operation of the 2018 Act through convention would likely fail.

It is often said ‘a week is a very long time in politics’. Prime Minister Johnson may be able to secure some last-minute concessions from the EU negotiators enabling a withdrawal agreement to be approved by Parliament, but this looks challenging. Legal routes to block Brexit are also likely to meet several hurdles. Consequently, at this stage, Britain’s exit from the EU on October 31 looks the more likely outcome. Whether that means an abrupt departure from the EU, or whether a managed ‘no-deal’ Brexit could be achieved through negotiation and agreement on key matters, remains to be seen.

©2019 Greenberg Traurig, LLP. All rights reserved.
This article was written by Gillian Sproul at Greenberg Traurig, LLP.
For more Brexit developments, please see the Global Law page on the National Law Review.

Lessons in Becoming a Second Rate Intellectual Power – Through Privacy Regulation!

The EU’s endless regulation imposed on data usage has spooled over into academia, providing another lesson in kneecapping your own society by overregulating it. And they wonder why none of the big internet companies arose from the EU (or ever will). This time, the European data regulators seem to be doing everything they can to hamstring clinical trials and drive the research (and the resulting tens of billions of dollars of annual spend) outside the EU. That’s bad for pharma and biotech companies, but it’s also bad for universities that want to attract, retain, and teach top-notch talent.

The European Data Protection Board’s Opinion 3/2019 (the “Opinion”) fires an early and self-wounding shot in the coming war over the GDPR meaning and application of “informed consent.” The EU Board insists on defining “informed consent” in a manner that would cripple most serious health research on humans and human tissue that could have taken place in European hospitals and universities.

As discussed in a US law review article from Former Microsoft Chief Privacy Counsel Mike Hintz called Science and Privacy: Data Protection Laws and Their Impact on Research (14 Washington Journal of Law, Technology & Arts 103 (2019)), noted in a recent IAPP story from Hintz and Gary LaFever, both the strict interpretation of “informed consent” and the GDPR’s right to withdraw consent can both cripple serious clinical trials. Further, according to LaFever and Hintz, researchers have raised concerns that “requirements to obtain consent for accessing data for research purposes can lead to inadequate sample sizes, delays and other costs that can interfere with efforts to produce timely and useful research results.”

A clinical researcher must have a “legal basis” to use personal information, especially health information, in trials.  One of the primary legal basis options is simply gaining permission from the test subject for data use.  Only this is not so simple.

On its face, the GDPR requires clear affirmative consent for using personal data (including health data) to be “freely given, specific, informed and unambiguous.” The Opinion clarifies that nearly all operations of a clinical trial – start to finish – are considered regulated transactions involving use of personal information, and special “explicit consent” is required for use of health data. Explicit consent requirements are satisfied by written statements signed by the data subject.

That consent would need to include, among other things:

  • the purpose of each of the processing operations for which consent is sought,
  • what (type of) data will be collected and used, and
  • the existence of the right to withdraw consent.

The Opinion is clear that the EU Board authors believe the nature of clinical trials to be one of  an imbalance of power between the data subject and the sponsor of the trial, so that consent for use of personal data would likely be coercive and not “freely given.” This raises the specter that not only can the data subject pull out of trials at any time (or insist his/ her data be removed upon completion of the trial), but EU Privacy Regulators are likely to simply cancel the right to use personal health data because the signatures could not be freely given where the trial sponsor had an imbalance of power over the data subject. Imagine spending years and tens of millions of euros conducting clinical trials, only to have the results rendered meaningless because, suddenly, the trial participants are of an insufficient sample size.

Further, if the clinical trial operator does not get permission to use personal information for analytics, academic publication/presentation, or any other use of the trial results, then the trial operator cannot use the results in these manners. This means that either the trial sponsor insists on broad permissions to use clinical results for almost any purpose (which would raise the specter of coercive permissions), or the trial is hobbled by inability to use data in opportunities that might arise later. All in all, using subject permission as a basis for supporting legal use of personal data creates unnecessary problems for clinical trials.

That leaves the following legal bases for use of personal data in clinical trials:

  • a task carried out in the public interest under Article 6(1)(e) in conjunction with Article 9(2), (i) or (j) of the GDPR; or

  • the legitimate interests of the controller under Article 6(1)(f) in conjunction with Article 9(2) (j) of the GDPR;

Not every clinical trial will be able to establish it is being conducted in the public interest, especially where the trial doesn’t fall “within the mandate, missions and tasks vested in a public or private body by national law.”  Relying on this basis means that a trial could be challenged later as not supported by national law, and unless the researchers have legislators or regulators pass or promulgate a clear statement of support for the research, this basis is vulnerable to privacy regulators’ whims.

Further, as observed by Hintze and LaFever, relying on “the legal basis involves a balancing test between those legitimate interests pursued by the controller or by a third party and the risks to the interests or rights of the data subject.” So even the most controller-centric of legal supports can be reversed if the local privacy regulator feels that a legitimate use is outweighed by the interests of the data subject.  I suppose the case of Henrietta Lacks, if arising in the EU in the present day, would be a clear situation where a non-scientific regulator can squelch a clinical trial because the data subjects rights to privacy were considered more important than any trial using her genetic material.

So none of the “legal basis” options is either easy or guaranteed not to be reversed later, once millions in resources have been spent on the clinical trial. Further, as Hintze observes, “The GDPR also includes data minimization principles, including retention limitations which may be in tension with the idea that researchers need to gather and retain large volumes of data to conduct big data analytics tools and machine learning.” Meaning that privacy regulators could step in and decide that a clinician has been too ambitious in her use of personal data in violation of data minimization rules and shut down further use of data for scientific purposes.

The regulators emphasize that “appropriate safeguards” will help protect clinical trials from interference, but I read such promises in the inverse.  If a hacker gains access to data in a clinical trial, or if some of this data is accidentally emailed to the wrong people, or if one of the 50,000 lost laptops each day contains clinical research, then the regulators will pounce with both feet and attack the academic institution (rarely paragons of cutting edge data security) as demonstrating a lack of appropriate safeguards.  Recent staggeringly high fines against Marriott and British Airways demonstrate the presumption of the ICO, at least, that an entity suffering a hack or losing data some other way will be viciously punished.

If clinicians choosing where to set human trials knew about this all-encompassing privacy law and how it throws the very nature of their trials into suspicion and possible jeopardy, I can’t see why they would risk holding trials with residents of the European Economic Zone. The uncertainty and risk involved in the aggressively intrusive privacy regulators now having specific interest in clinical trials may drive important academic work overseas. If we see a data breach in a European university or an academic enforcement action based on the laws cited above, it will drive home the risks.

In that case, this particular European shot in the privacy wars is likely to end up pushing serious researchers out of Europe, to the detriment of academic and intellectual life in the Union.

Damaging friendly fire indeed.

 

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.

U.S. Announces Possible Retaliatory Tariffs on European Union for Airbus Subsidies

The Office of the U.S. Trade Representative (USTR) announced in a Federal Register notice published July 5 that the agency is considering increasing duties on certain goods from the European Union (EU). This move is connected to a long-running World Trade Organization (WTO) dispute involving EU subsidies for Airbus, the aircraft manufacturing company.

The USTR has invited public comments on the proposed list and will hold a public hearing on Aug. 5, 2019.

Requests to appear at the hearing are due to the USTR by July 24, and written comments are due by Aug. 5. The public comment and hearing process will provide importers of goods from the EU, as well as domestic producers that compete with EU producers, the opportunity to be heard with regard to the products that may be subject to tariffs.

In April 2019, the USTR published a preliminary list of goods from the EU that could be targeted with tariffs, which included aircraft, motorcycles and wine. The July 5 list contains additional products, including whiskey, coffee, olives, pasta, cheese, pork, and metals, among other items. The goods on both lists are collectively worth about $25 billion of imports per year.

The tariffs stem from a WTO case filed by the United States in 2004, which was resolved by the WTO Appellate Body in 2011. In that case, European Communities and Certain member States — Measures Affecting Trade in Large Civil Aircraft (DS316), the Appellate Body found that certain EU subsidies for Airbus failed to comply with the WTO’s Agreement on Subsidies and Countervailing Measures (SCM Agreement).

The EU made certain changes to its subsidy regime in response to the Appellate Body’s decision, but the U.S. later asked the WTO to determine that the EU had not fully complied with the decision. That request led to another Appellate Body decision published in May 2018, in which the Appellate Body agreed with the U.S. that the EU was still not in compliance with the SCM Agreement.

The WTO is expected to determine the amount of retaliatory tariffs the United States can impose sometime this summer, and the April and July 2019 tariffs proposed by the USTR are likely being prepared in anticipation of the WTO decision.

 

© 2019 BARNES & THORNBURG LLP
For more from the Office of the US Trade Representative see the National Law Review page on Antitrust & Trade Regulation.

Dutch Supervisory Authority Announces GDPR Investigation

On July 17, 2018, the Dutch Supervisory Authority announced that it will start a preliminary investigation to assess whether certain large corporations comply with the EU’s General Data Protection Regulation (“GDPR”) – see the official press release here (in Dutch).  To that end, the authority will review the “records of processing activities” from thirty randomly selected corporations which are located in the Netherlands.

Article 30 of the GDPR requires data controllers and processors to maintain a record of their processing activities.  These records must, among other things, include a description of the categories of data subjects and types of personal data processed, as well as the recipients of the data and the transfer mechanisms used.  While small organizations with less than 250 employees are generally exempted, but there are several exceptions to the exemption which may still cause this obligation to apply to them as well.

The thirty corporations will be selected from ten different economic sectors across the Netherlands, namely: metal industry, water supply, construction, trade, catering, travel, communications, financial services, business services and healthcare.

According to the authority, the correct maintenance of records of processing activities is an important first indication of an organization’s compliance with the new EU data protection rules.

 

© 2018 Covington & Burling LLP
This post was written by Kristof Van Quathem of Covington & Burling LLP.

Three Important Considerations For All Businesses in Light of GDPR

Today, the European General Data Protection Regulation (“GDPR”) takes effect. The GDPR is the most comprehensive and complex privacy regulation currently enacted. The GDPR can apply to a business or organization (including a non-profit organization) anywhere in the world and its potential financial impact is huge; fines can reach up to € 20 million Euros (over $23 million USD) or 4% of an entity’s total revenue, whichever is greater. Not surprisingly, the potential for this type of penalty has caused concern and chaos leading up to the May 25, 2018 effective date. In light of this significant international development, all organizations should consider the following:

1. Does the GDPR Apply?

If your entity “processes” the “personal data” of anyone within the European Union, then the GDPR may apply. “Personal data” under the GDPR is any information that could identify an individual, directly or indirectly, like a name, email address or even an IP address. The GDPR also broadly defines “processing” to include activities such as collecting, storing or using the personal data. For more information on how to determine if the GDPR applies to your entity, watch our 3-minute video on the subject.

2. If the GDPR Does Apply, What is the Compliance Strategy?

You need a plan. Yes, it would have been ideal to have it in place by today but if the GDPR applies to your entity, do not delay any further in creating a GDPR compliance strategy. A GDPR compliance strategy starts with a detailed examination of your entity’s data collection and use practices. Those practices must comply with the GDPR requirements and your entity may need to implement new or revised policies to address specific compliance requirements. This process is specific to the particular practices of each entity – there is no one-size-fits-all GDPR compliance program. You can find the regulatory language here.

3. Even If the GDPR Does Not Apply, How Do You Handle the Data You Collect?

Even if the GDPR does not apply to your entity, there are significant risks and liability surrounding the data collection and processing practices of any business. Data breaches happen every day. No business is immune. Each organization should closely examine its data collection and use practices and determine if it absolutely needs all of the data it collects. Then, the organization must determine whether the steps it is taking to protect the data it collects are reasonable in today’s environment. In Massachusetts, businesses must undergo this process and create a written information security plan. In Connecticut, having such a plan may help avoid a government enforcement action if you experience a data breach. In addition, the Federal Trade Commission and states’ Attorneys General are actively pursuing companies with questionable privacy practices.

© Copyright 2018 Murtha Cullina.
This post was written by Dena M. Castricone and Daniel J. Kagan of Murtha Cullina.

Positive Developments – EUTM

Trademark owners should take note of two new types of trademark protection available in the European Community as of October 1, 2017.

1. Certification Marks – although it has always been possible to register certification marks in a few individual EU member states, it was previously not possible to register a certification mark, for certification services, with the EUIPO.  This will change as of October 1, 2017 when it will now it will be possible to register certification with the EUIPO, covering all EU member states.  European Union certification marks are defined as marks that are “capable of distinguishing goods or services which are certified by the proprietor of the mark in respect of material, mode of manufacture of goods or performance of services, quality, accuracy or other characteristics, with the exception of geographical origin, from goods and services which are not so certified.”

2. Marks no Longer Need Graphic Representation – it will now be possible to file for sound, hologram, motion, and multimedia marks; marks can now be represented in any form using generally available technologies.  Unfortunately, it is still not possible to file for tactile, smell, and taste marks in the EU.

This post was written by Monica Riva Talley of Sterne Kessler © 2017
For more legal analysis go to The National Law Review

Brexit – Squaring Circle and involving European Court of Justice

Clash of Philosophies

There is a potentially irreconcilable clash of constitutional philosophies between the UK and the EU which results in certain “no go” areas on the EU side for the forthcoming Brexit negotiations.

Perspective of the EU27

EU UK FlagsThe EU27’s approach is driven by the perception that the European Union is not merely representative of a negotiable bundle of international trade treaties but is a supranational entity based on and subject to a constitution created by the Treaty on European Union (TEU) and the Treaty on the Functioning of the European Union (TFEU). From the perspective of the EU and the EU27 , the constitution of the EU goes well beyond international treaties.  The Treaties establish a Union which is based on principles similar to those in Federal States.

Any of the member states of the EU (including the UK) accordingly is, from the perspective of the EU, not only a counterparty to an international treaty but an integral part of an autonomous Union. The driving principle of the European Union – which was correctly identified and repeated by Leave campaigners – is the supremacy of the EU’s legal order over the legal order of its member states, including the supremacy of the EU’s legal order over the constitutions of the member states.

One of the most important principles of the EU is laid down in Article 3 (2) TEU.  This provides that the EU is an area within which its citizens are free and can freely move. This is a general principle which is not restricted to trade but applies in all areas of life. In addition to such general principle Article 3 (3) TEU states that, inter alia, one of the consequences of this area of freedom and free movement is the internal market.

That is the context of the European Union placing the future rights of EU citizens in the UK at the forefront of any of the forthcoming Brexit negotiations.

Since the EU is bound to such constitutional order, any agreement with the UK pursuant to Article 50 TEU needs, from the perspective of the EU, to comply with such constitutional principles. “Constitutionality” is a major issue for the continental European member states since governments and politicians on the continent are used to be bound by constitutions which cannot be overridden by domestic governments or parliaments by simple act of parliament or government. Constitutions can only be amended or overridden if a qualified majority in Parliament and, in some member states, a referendum so approves. In some member states, such as Germany, there are even some constitutional principles which cannotbe changed by Parliament at all.

Perspective of the UK

The UK approach is driven by its perspective that the EU is simply the creation of a bundle of international treaties which establish a common market in which various different principles of free trade and free movement apply, and the contents of which can be freely negotiated between the various parties to such international treaties. Accordingly the UK takes the point of view that the agreements to be entered into pursuant to Article 50 TEU upon Brexit can be freely negotiated and that such negotiations are not subject to or restricted by overriding constitutional principles which are binding on the EU during such exit negotiations.

How to reconcile the differing points of view and how to involve the European Court of Justice

The two above described perspectives of the UK and the EU would appear to be legally irreconcilable, but there is a potential avenue out of such dead-lock by making use of:

(a) the fact that Article 50 (3) TEU does not conclusively state that the UK ceases to be a member state of the EU two years after the Article 50 Notice has been given, but in principle refers to the date on which the relevant withdrawal agreement becomes effective, which effective date can either fall on a date occurring after the two years or on a date occurring prior to the two years.

Accordingly, a simple withdrawal agreement could provide that Brexit becomes effective only once certain specified additional agreements have been finalized and entered into.

(b) the Commission, the European Parliament, the European Council and/or any member state (including the UK) being entitled to request from the European Court of Justice (ECJ) pursuant to Article 218 (11) TFEU legal opinions on any draft agreement – like the agreements between the UK and the EU on their future relationships – to be entered into with a third country (which the UK would be once the withdrawal agreement becomes effective) in order to avoid and/or mitigate concerns relating to the constitutionality of the future relationship agreement with the UK.

It is likely that the EU27 will at some stage call upon the European Court of Justice to opine on the constitutionality of the future relationship agreement(s) with the UK because of the fundamental nature of the agreement(s).

Samples of constitutionally important legal opinions rendered by the European Court of Justice in relation to Agreements which the EU had entered into in the past under Article 218 (11) TFEU (and its predecessors) include, for example:

– ECJ opinions 1/91 and 1/92 on the European Economic Area Agreement and the system of judicial review thereunder,

– ECJ opinion 1/94 relating to the EU agreeing to accede to WTO, GATS and TRIPs

– ECJ opinion 2/13 relating to the accession of the EU to the European Convention on Human Rights

– ECJ opinion 2/15 relating to the Free Trade Agreement with Singapore.

In relation to the Free Trade Agreement with Singapore the ECJ held on 16 May 2017 that such Free Trade Agreement is, because of its far reaching comprehensive content, a so-called “mixed-agreement” and therefore requires the consent of all 28 Member States of the European Union. Depending on the contents of the future relationship agreement between the UK and the EU, such agreement will also need to be ratified by the Parliaments of the EU27 Member States.

Agreements to be negotiated between the UK and the EU

The minimum number of agreements to be negotiated in the context of the UK leaving the EU pursuant to Article 50 is two:

(i) the withdrawal agreement on the details of the withdrawal “taking account of the framework for its future relationship with the Union” and

(ii) an agreement on the details of the future relationship between the EU and the UK.

Even though the minimum number of agreements to be entered into is two, it is likely that there will be more than two agreements since there are areas which need to be dealt with instantaneously (like aviation between the UK and EU27 and a potential accession of the UK to the ECAA Agreement in order to enable the flow of air traffic between the UK and the EU to continue as normal) irrespective of whether other areas may be dealt with at a later stage.

Whereas the withdrawal agreement can be adopted by the EU pursuant to a qualified majority decision pursuant to Article 50 TEU, any agreement on the details of the future relationship will require the “normal” majority contemplated in the TEU and TFEU for the relevant matters concerned, because Article 50 does not apply to such agreements on the details of the future relationship.

From the EU27 perspective, the principal items of the withdrawal agreement are those set out in the Brexit Negotiation Guidelines adopted by the European Council on 29 April 2017, the European Parliament on 5 April 2017 and the Non-Paper of the European Commission of 20 April 2017 and the Commission Recommendation for a Council Decision of 3 May 2017.

Withdrawal Agreement and the date at which it comes into force

The EU and the UK could agree that the withdrawal agreement is ratified in accordance with Article 50 TEU before the lapse of the two-year period but provides that it comes into force only after the agreement on principles for the future relationship has been (i) agreed on working level; (ii) submitted to and reviewed by the European Court of Justice pursuant to Article 218 (11) TFEU, and (iii) been ratified by the UK and the EU – or after the ratification process has been declared by the UK to be defunct.

That would mean that the UK would not cease to be a member state of the EU until there is an agreement on the principles for the future relationship without having to achieve this within the tight two years period.

The UK would also continue to enjoy all rights as a member state under existing international trade and other agreements entered into by the EU with countries around the world, like free trade agreements, air transportation agreements etc. until the ECJ has determined that the principles agreed between the UK and the EU in the agreement on principles for the future relationship are compliant with TEU and TFEU. Once this has been determined, the details of the future relationship could be negotiated in detail between the UK and the EU.

If the UK ceased to be a Member State on 30 March 2019 and “only” some transitory period or implementation period thereafter was agreed on during which certain specified EU rules continue to apply, this would not prevent the UK from losing its rights under existing International Agreements which had been entered into by the EU.

There is clarity in the approach of the EU27. The approach that the UK will take should become clearer after the General Election on 8 June, and later in the year as the UK government begins to identify its Brexit strategy in more detail, and identifies the trade offs it is prepared to make.  The historical and current political climate, as well as the sheer complexity of Brexit, is such that the UK cannot necessarily be expected the trade offs which history will regard as the “right” ones.

By Jens Rinze and Jeremy Cape of Squire Patton Boggs.

European Union Adopts Brexit Negotiation Guidelines

Brexit Bull HornOn April 29, a Special European Council, meeting as 27 member states (as opposed to the full 28 member states, as would usually be present), adopted the Article 50 guidelines (Guidelines) to formally define the EU’s position in Brexit negotiations with the United Kingdom. This follows the resolution of the European Parliament on key principles and conditions for the negotiations, adopted on April 5 (for further information, see the April 7 issue of Corporate & Financial Weekly Digest).

The Guidelines are set out under six headings covering:

  • core principles;
  • a phased approach to the negotiations;
  • agreement on arrangements for an orderly withdrawal;
  • preliminary and preparatory discussions on a framework for the EU-UK future relationship;
  • the principle of sincere cooperation; and
  • the procedural arrangements for negotiations under Article 50.

On May 22, the EU General Affairs Council is expected to authorize the opening of the negotiations, nominate the European Commission as the EU negotiator and adopt negotiating directives.

The Guidelines are available here.