24 May 2018

Dear readers

On 25 May 2018, the time has come – the Directive (EU) 2016/679 (GDPR) comes into force. Within the last months and years there have been many speculations regarding what the inception of the GDPR will mean for the EU member states and for Switzerland. In today’s issue, four articles deal with the topic of data protection.

Yaniv Benhamou and Emilie Jacot-Guillarmod examine the extraterritorial impact of the GDPR and notice that there are some uncertainties regarding the future interaction between Swiss and EU authorities. To some extent, there are even double regulations when considering the Data Protection Act.

Are information security and data protection compatible in any way when modern security measures disagree with the idea of data protection in such a fundamental way? Wolfgang Schnabl demonstrates how an information security management system enables a joint consideration.

Galileo Fasching scrutinizes the right to access governed under the Austrian Data Protection Act 2000, the Directive 95/49/EG (DPR) as well as under the new GDPR. He shows up the changes that will arise from 25 May 2018 on.

Due to the attorney-client privilege, lawyers can not let their assistants deal with their data processing. In Germany, the according provisions in the Criminal Procedure Code, the Criminal Code and the Federal Lawyer’s Act will be adapted with regard to the digitization. Thomas Hoeren copes with these new provisions and comments their applicability in the digital age.

Artificial Intelligence (AI) is associated with the GDPR, too. Can the requirements requested in the GDPR even be fulfilled in future? In what way do the legal provisions to develop to be able to keep up with the progress in AI?

Robert van den Hoven van Genderen deals with the legal differentiation of the Homo Sapiens and the Robo Sapiens as well as with the adherence of fundamental (data protection) rights. He both introduces the idea of separate regulations and the establishment of uniform non-discriminating provisions.

The connection between AI and liability law is presented by Nicolai Bleskie. He analyzes the potential of the current legal structure and proposes forward-looking approaches.

Not only are the data protection related circumstances changing with the digitization. The finance sector too undergoes a major reform – this includes, amongst others, Blockchain, FinTech and Tokens.

Rolf H. Weber and Salvatore Iacangelo dispute the legal questions regarding the transfer of tokens and therefor distinguish between the classification of tokens as securities and as uncertificated securities.
systems of Great Britain, Australia and Switzerland and, by means of the gathered information, forecasts the legal developments.

Which impact does FinTech have on the general banking law? Lucas Ribisel compares the legal systems of Great Britain, Australia and Switzerland and, by means of the gathered information, forecasts the legal developments.

When a company that stored Bitcoins for its clients files for bankruptcy, are those Bitcoins concluded in the bankruptcy assets? Christian Meisser, Luzius Meisser and Ronald Kogens examine the handling of crypto currencies under insolvency law.

In 2015, the EU Commission decided to align the EU copyright law to the digital age. In the course of the reform, the Copyright Directive 2001/29/EG shall be implemented, i.e., the EU copyright shall be further standardized and be applicable in every member state.

Jens-L. Gaster contemplates the project of a unitary copyright law for the whole of Europe and, amongst others, deals with thie digital agenda of the EU, the Marrakesh Treaty and the patent law reform. He summarizes that the EU Commossion’s endeavour is indeed bold, but unavoidable nonetheless.

There are still differences in copyright law, as Pirmin Schenk highlights. In his article, he presents the German provisions regarding provider liability and derives solution approaches for possible legal regulations in Switzerland.

In the database «Google Book Search», millions of books are digitally available in extracts – in what sense does this concern the author’s copyrights? Galileo Fasching evaluates the case Author’s Gild, Inc. versus Google, Inc. and concludes that Google, Inc. acts in a legal twilight-zone.

Some other articles of today’s issue deal with legal information and legal theory.

When a law is changed in Austria, an amendment is being published. The merging of the law’s original version and the amendment is called consolidation. Beate Glück describes why the interpretative framework of a consolidated text can not only be expanded with the creation of a reading text, but also
through the delivery of additional information.

Vytautas Čyras and Friedrich Lachmayer deal with the «meaning of the meaning»; the authors hereby differentiate between institutional and content meaning. By means of various visualizations, they point out why many different presentations of a single legal act are appropriate.

Reading a contract can be challenging; those documents are made almost incomprehensible by so-called «legalising». Milva Finnegan presents the concept of a controlled contract language that has been derived from the aerospace industry.

What is behind a name? Gerhard Donhauser introduces the meanings of names, pseudonyms and anonymity using the example of the renowned author Joanne K. Rowling.

Felix Gantner carefully examines legal facts, legal situations, and legal consequences. In this context, he presents the frame semantic and explains how the model of the application of law changes due to the consideration of frames.

We wish you a fascinating reading and are looking forward to greet you again on 21 September 2018 for the next issue of Jusletter IT!

Erich Schweighofer and Franz Kummer

Data Protection

Trade Secrets in the Digital Age – Reorganization of the StGB and StPO

Thomas Hoeren

Traditionally, lawyers are facing the problem that they are not allowed to outsource their data processing to auxiliary staff. Criminal law forbids it due to the particular confidentiality called attorney-client privilege. Through new regulations in Germany, these provisions are being liberated, nevertheless textual insecurities remain. (ah)

GDPR on the Swiss Territory

Yaniv Benhamou

Emilie Jacot-Guillarmod

This article analyses the questions of enforcement in Switzerland in relation to the EU General Data Protection Regulation (GDPR) (Regulation 2016/679, applicable as of 25 May 2018), in particular cross-border cooperation between Swiss entities or the Swiss Federal Data Protection Commissioner and EU supervisory authorities, as well as the enforcement of monetary fines against Swiss entities, both in the EU and in Switzerland.

Datenschutz und Informationssicherheit – ein natürlicher Gegensatz?

Wolfgang Schnabl

Information security and data protection are concepts that are generally hard to concile. The more monitoring is provided, the better the security. But, ideally, data protection implies no processing of personal data at all. A business security concept inevitably requires the processing of personal data, and the GDPR itself also demands security measures. ISO/IEC 27001 is an international standard describing a security management system. The GDPR describes an identical system. This standard allows common considerations of data protection and information security. (ah)

Auskunftsrecht nach § 26 DSG in der Praxis inklusive Ausblick auf die DS-GVO

Galileo Fasching

The article’s central aspect is the data protection related right of access by the data subject with respect to the ordering party of a data application. The articles 12 and 13 DPR have been implemented in § 26 DSG 2000. The added value lies within a detailed and practical explanation of the information request’s modalities. Conclusively, a prospect on the changes resulting from the enforcement of the GDPR on 25 May 2018 is offered. (ah)

FinTech & RegTech

Rechtsfragen bei der Übertragung von Token

Rolf H. Weber

Salvatore Iacangelo

The reliable and easy transfer of assets on a blockchain (mostly in the form of tokens) is a central prerequisite for using and developing new technologies economically. When tokens contain claims against the issuer, an assignment according to Art. 164 et seq. CO is required under applicable Swiss law, provided that the tokens are not issued as a security or registered as book-entries. The article discusses the question how tokens are to be qualified (as securities or uncertificated securities) and if securities can be issued as tokens de lege lata or if tokens qualify as uncertificated rights de lege ferenda. (ah)

FinTech Regulation

Lucas Ribisel

This article focuses on the influence of financial technologies (FinTech) on crowfunding, cryptocurrency, and banking law in general. The approach is a comparative one. Regulation of FinTech in the UK, Australia, and Switzerland are scrutinized and compared. The aim is to provide a concise overview of the current regulation all three legal systems and establish the status quo. The information gathered shall serve to analyse the situation in Switzerland and to indicate legal developments pro futuro, or criticise the current situation. The article concludes with an endorsing attitude towards progressive development, yet recommending also a Swiss pragmatic approach, that is, looking abroad first and implement what has proven effective already only.

Verfügungsmacht und Verfügungsrecht an Bitcoins im Konkurs

Christian Meisser

Luzius Meisser

Ronald Kogens

We propose to use the terms Verfügungsmacht (power to dispose, analogous to possession) and Verfügungsrecht (right to dispose, analogous to ownership) to discern whom a Bitcoin belongs to in case of a bankruptcy. Using the example of Tezos, we demonstrate that the storage location of private keys alone does not suffice to meaningfully answer the question to whom the foundation's assets belong. Instead, the context and the contractual arrangement, from which the right to these assets can be derived, also need to be taken into account. This view provides a legal basis for the storage of Bitcoins on behalf of a client without taking them onto one's balance sheet, ensuring that the client's assets are not included in the bankruptcy estate. Furthermore, we classify the Internet currency Bitcoin as a rival, fictive, intangible asset sui generis and opine that there is a gap in the law regarding Aussonderung (removing an asset from the bankruptcy estate and returning it to the rightful owner) and Admassierung (adding an asset to the bankruptcy estate from a third party) of Bitcoins. Courts and bankruptcy administrators are encouraged to fill this gap in accordance with article 1 of the Swiss Civil Code when faced with Bitcoins in a bankruptcy case.

AI & Law

Robo Sapiens and Data Protection

Robert van den Hoven van Genderen

AI and Robotics will inescapable be part of our society. These systems and artificial entities will process unimaginable amounts of our personal data. The GDPR requirements for transparency and explicit consent will vanish the in black hole of self learning algorithms. If AI is integrated in human functioning as well as on a physical as also on intellectual level it will be very difficult to enact credible legal rules for the protection of personal data. Probably it will be an idea to create separate rules for a human(-like) anthropomorphic entity and human enhancement. Next to data protection regulations by design and a sui generis law on legal personhood we would better create non-discrimination rules to avoid separation between enhanced and non-enhanced humans!

Künstliche Intelligenz und haftungsrechtliche Konsequenzen

Nicolai Bleskie

Artificial Intelligence as a technical phenomenon at the beginning of its development potential does indeed still appear surreal. However, being widespread already, it is becoming increasingly significant. From a legal point of view, that leads to considerable problems. This is due to the lack of foreseeability, controllability and difficult addressability – core elements which normally enable exposure to liability. The author analyses the capability to integrate this innovative appearance into the current legal structure and proposes future-oriented solutions.

Copyright

Rechtsvergleich und Lösungsansätze zur Providerhaftung in Deutschland und der Schweiz

Pirmin Schenk

The passive legitimation of providers for legal violations in the internet is the result of jurisdiction on the one hand and Art. 28 CC on the other hand. The rules in the CO are applicable for damage claims. In Germany, a liability privilege exists through the Telemedia Act. Additionally, there is a right to third-party information as well as a breach of duty of care according to property law. A provider privilege, data storage, data filter systems, blocking orders as well as limitations of liability for providers are presented and critically evaluated as solution approaches for Switzerland. A legal regulation for liability of providers is indicated. (ah)

Google Books: Rechtsvergleichung von «Fair Use»

Galileo Fasching

Der Beitrag beschäftigt sich mit dem Verfahren Authors Guild, Inc. v. Google, Inc. und schildert davon ausgehend innovative urheberrechtliche Schutzmechanismen bzw. künftige Verwertungsmodelle. Der Beitrag thematisiert schwerpunktmäßig die aktuellen Entwicklungen (hierzu zählen etwa CreativeCommons-Lizenzen, DRMS, Digitalisierungsinitiative, Geoblocking, Livestreaming, Data Mining und Links) im Urheberrecht.

A Unitary Copyright for Europe?

Jens-L. Gaster

This contribution discusses pending EU copyright reforms in the context of the EU’s digital agenda.

Legal Information & Legal Theory

Warum eine Konsolidierung mehr als die Summe der Novellen ist

Beate Maier-Glück

The article broaches the issue that a consolidation (understood as «merging of a legal act and its amendments into a single text») is not only able to expand the interpretative framework of the consolidated text by creating a text for reading but also by delivering additional information. (ah)

Meaning and Metameaning as Entities: Content (Is) and Institutional Meaning (Ought)

Vytautas Čyras

Friedrich Lachmayer

The «meaning of meaning» is addressed. This theme was addressed by Ogden and Richards in 1923 as a semiotic triangle. We, however, consider the operational treatment of legal meaning. We distinguish between two kinds of meanings: institutional meaning and content meaning. The latter represents the semantics of a legal act – the text. The research question is how to represent the institutional meaning. Operations are, for example, to strengthen or lessen the meaning. We relate the institutional meaning with its representation; cf. the FRISCO framework and the semiotic tetrahedron. Multiple representations make sense because various stakeholders view the legal act differently.

From a Natural Language to a Controlled Contract Language

Milva Finnegan

Readability of contracts is a challenge. Over time a natural set of traditional words and writing style has ensued. A controlled language is derived from a natural language and usually consists of a dictionary and a set of writing rules in a controlled document. This article introduces the idea of a controlled contract language for contract drafting. The comparative model examined is ASD-100STE used in the aerospace industry for writing technical manuals. ASD-100STE’s goal is to enhance document readability to assure comprehension across all writers and users.

Pseudonym und Anonymität

Gerhard Donhauser

What’s in a name? Probably names are loaded with meanings, attributions and expectations; they guarantee creditworthiness or the opposite of that – at least under certain conditions. The pseudonymous use of another name may allow escaping from these conditions, sometimes attached to temporary anonymity. Maybe all this can be illustrated by turning our eyes to recent literary activities of the writer Joanne K. Rowling.

Das juristische Hin- und Herwandern des Blicks vom Tatbestandsframe zum Sachverhaltsframe

Felix Gantner

The prevailing theory of application of law is the legal syllogism, which describes the logical derivation of a legal consequence from a general statement describing a legal norm and a declarative sentence about specific facts. While applying the law the content of characteristics of general terms is compared with attributes of factual characteristics and – if possible – equated. The basis for this theory is a model of semantics of components, which starts from an individual comparison of conceptual components and their contents. However, the findings of neuroscience and cognitive science are superseding the model of semantics of components with the theory of frame semantics. Frames are interconnected structures for organizing and storing knowledge. This article describes what frames are and how the model of the application of law changes by considering frames.

News

Consulting Private Files on a Work Computer

Jurius

ECHR – In the Chamber judgment in the case of Libert v. France, the European Court of Human Rights held,that there had been no violation of Art. 8 ECHR (right to respect for private and family life). (Judgement 588/13)

Covert Video Surveillance Led to Privacy Violation

Jurius

ECHR – In the Chamber judgment in the case of López Ribalda v. Spain the European Court of Human Rights held that there had been a violation of Art. 8 ECHR (right to respect for private and family life), and that there had been no violation of Art. 6 § 1 ECHR (right to a fair trial). (Judgement 1874/13)

Surveillance of Lecture Halls Violated Professors' Right to Privacy

Jurius

ECHR – In the Chamber judgment in the case of Antović and Mirković v. Montenegro the European Court of Human Rights held that there had been a violation of Art. 8 ECHR (right to respect for private and family life). (Judgement 70838/13)

Klage gegen Facebook Ireland

Jurius

CJEU – Mr Schrems may bring an individual action in Austria against Facebook Ireland. By contrast, as the assignee of other consumers» claims, he cannot benefit from the consumer forum for the purposes of a collective action. (Judgement C-498/16)

Prüfungsantworten sind personenbezogene Daten

Jurius

CJEU – The written answers submitted at a professional examination and any comments of the examiner with respect to those answers constitute a candidate’s personal data to which he has, in principle, a right of access. To give a candidate that right serves the objective of the EU legislation to guarantee the protection of the right of individuals to respect for private life with regard to the processing of personal data relating to them. (Judgement C-434/16)

Urheberrechte bei Fernsehprogrammen in der Cloud

Jurius

CJEU – The making available of copies of television programmes saved in the cloud must be authorised by the holder of the copyright or related rights. The service constitutes a retransmission of the programmes concerned. (Judgement C-265/16)

EU-Kommission intensiviert Förderung und gemeinsame Nutzung von Gesundheitsdaten

Jurius

The European Commission is putting forward a set of measures to increase the availability of data in the EU, building on previous initiatives to boost the free flow of non-personal data in the Digital Single Market.

Europäisches Konzept zu Künstlicher Intelligenz

Jurius

The European Commission is presenting a series of measures to put artificial intelligence (AI) at the service of Europeans and boost Europe’s competitiveness in this field.

Verwertbarkeit von Dashcam-Aufnahmen als Beweismittel im Unfallhaftpflichtprozess

Jurius

BGH – The VI. Civil Senate of the Federal Supreme Court has decided on the usability of dashcam records as evidence in an accident liability process. (Judgement VI ZR 233/17) (ah)

Angebot des Werbeblockers AdBlock Plus nicht unlauter

Jurius

BGH – The I. Civil Senate that is responsible for competition law amongst other things decided that the offerings of the advertisement blocking program AdBlock Plus do not infringe the Fair Trade Practices Act. (Judgement I ZR 154/16) (ah)

Prüfungspflicht des Betreibers einer Internet-Suchmaschine bei Persönlichkeitsrechtsverletzungen

Jurius

BGH – The VI. Civil Senate of the Federal Supreme Court decided that the operator of an internet search engine is not obligated to ascertain if the resulting contents contain violations of the right of personality before the search results are shown. The operator must only then react when he has received a concrete indication of an obvious and entirely clear infringement of the general right of personality. (Judgement VI ZR 489/16) (ah)

Erfolglose Verfassungsbeschwerde gegen die Einführung des elektronischen Anwaltspostfachs

Jurius

BVerfG – With a published resolution, the 1st chamber of the First Senate has rejected a constitutional complaint against legal regulations on legal electronic communication. (Urteil I BvR 2233/17) (ah)

Digitaler Hausfriedensbruch

Jurius

The Federal Council has presented a draft for a law that criminalizes the unauthorized use of IT systems. The legal principles of §§ 123 and 248b Penal Code shall be transmitted into the digital world and a new § 202e shall be created to achieve an appropriate level of protection for confidentiality and integrity of IT systems. (ah)

Speicherung und Aufbewahrung von Randdaten der Telekommunikation zulässig

Jurius

BGer – The Federal Supreme Court dismisses the complaint of six private persons regarding the saving and storing of telecommunication's peripheral data as it has happened under the Federal Mail and Telecommunications Monitoring Act that was in force until 1 March 2018. The interference with the concerned persons´ basic rights was proportionate. (Judgement 1C_598/2016) (ah)

Urheberrechtliche Vergütungspflicht für Radio- und TV-Verbreitung in Hotelzimmern

Jurius

BGer – The distribution of radio and television programs in hotel rooms and other hospitability companies is subject to copyright obligations. The respective joint tariff «3a addition» of the copyright collecting societies is not to be applied retroactively onto 1 January 2013, but – for practical reasons – only from 8 July 2015 on. The Federal Supreme Court approves the claims of GastroSuisse and hoteleriesuisse. (Judgement 2C_685/2016, 2C_806/2016) (ah)

Massnahmen für eine zukunftsorientierte Datenpolitik der Schweiz

Jurius

The opendata.swiss portal now makes freely available over 3’364 published datasets from 53 organisations (including 21 federal offices). In order to ensure that Switzerland remains an attractive data location for the economy and the population, the Federal Council intends to continue to promote free access to official datasets. In addition, the Federal Council is striving to establish a more up-to-date and more consistent legal basis and framework. At its meeting of 9 May 2018, the Federal Council specified the initial benchmarks for its data policy and put in place measures in relation to open data and data portability.

Bundesrat verabschiedet zweite Nationale Strategie zum Schutz vor Cyber-Risiken

Jurius

With the national strategy for protecting Switzerland from cyber risks 2018–2022, the Federal Council meets the needs of the increased importance of cyber risks. The strategy that was adopted by the Federal Council on 18 April 2018 shows how the Federation, the economy, the cantons and the universities want to jointly counter cyber risks and demonstrates which measures shall be implemented within the next five years. (ah)

Arbeitsgruppe Blockchain/ICO wird ins Leben gerufen

Jurius

The State Secretariat for International Financial Matters (SIF) has established a blockchain/ICO working group, which will review the legal framework and identify any need for action with the involvement of the Federal Office of Justice (FOJ), the Swiss Financial Market Supervisory Authority (FINMA) and in close consultation with the sector.

Digitalisierung wird die Mobilität revolutionieren

Jurius

The transportation's digitization will have a massive impact on mobility in the future and will perhaps even revolutionize it. This will not only result in an increase of transportation safety as well as many new mobility offers and services, but also in more efficiency in intermodal transportation. It will be a crucial step towards sustainable use of scarce resources. (ah)

TechLawNews by Ronzani Schlauri Attorneys

Are You GDPR-compliant? GDPR-what!?

Daniel Ronzani

Auftragsdatenverarbeitung nach DSGVO

Simon Schlauri

How to Sign Your Agreements

Daniel Ronzani

Unzulässige Ausweitung des Begriffs des Fernmeldedienstes durch den Dienst ÜPF

Simon Schlauri