Our TMT Legal Update provides insights from our law experts and aims to keep you regularly up to date with sector news, trends and legislation in the Central and Eastern Europe and Central Asia regions. This issue covers key updates from our jurisdictions from the past few months. REGIONAL Implementation status of certain EU regulations Technology 01. New development regarding NIS 2 Directive implementation in various Kinstellar jurisdictions The EU's NIS2 Directive is a cybersecurity act aimed at improving overall cybersecurity in the EU. Member States must implement it by 17 October 2024. Below we provide
Kinstellar is pleased to announce that Tímea Bana, a high-profile Technology, Media, and Telecommunications (TMT), Data Protection (DP) and Intellectual Property (IP) lawyer, has joined the firm’s Budapest office as a Partner and Head of the local TMT service line and sector, effective 14 October 2024. This strategic move reflects Kinstellar’s commitment to enhancing and expanding its TMT team in Hungary to serve our clients seamlessly across all service lines and sectors. With over 20 years of experience at media companies and top-tier law firms, Tímea is a renowned expert in media, telecommunications and entertainment law. She brings a broad range of knowledge and experience across telecommunications regulatory
Kinstellar has recently provided expert legal advice to Edwards Lifesciences, a global leader in medical innovations for heart disease, as well as critical care and surgical monitoring, through a secondment arrangement, focusing on data protection. This collaboration ensured that Edwards Lifesciences navigated complex data protection regulations effectively, safeguarding their business interests and maintaining compliance with applicable laws. The expert legal advice was provided by Simona Semanová, with further support from our Kinstellar team in Prague led by Tomáš Čihula and Petr Bratský.
On March 13th the EU Parliament adopted the AI Act, marking a significant milestone in shaping the region's AI landscape. The Act will be published in the Official Journal of the European Union, and 20 days after publication, the AI Act will enter into force. Although it will take two full years until the grace period passes and almost all provisions will be applicable, AI providers should be aware of the detailed schedule of applicability. In addition, as the AI Act has extraterritorial scope, it does not only concern the 27 Member States of the European Union, but any AI provider worldwide whose AI systems are placed on the market or put into service in the EU. The first deadline expires in six months, as the rules
Location data has become an integral part of everyday digital life, providing easier navigation through various digital tools, such as maps. Despite the importance of making navigation easier, the need to preserve data privacy, such as location data, has been cast to the shadows. In light of this misuse of our private data, Google is finally set to implement a ground-breaking update for its widely used mapping service, Google Maps. The update relates to a change in the way Google stores data: instead of on the cloud, data will be stored on users’ devices. The anticipated update aims to prevent authorities from accessing users’ location history data through geofence warrants, which have long been considered controversial
The use of body cameras by law enforcement (both police forces and local government) and private security services started almost two decades ago and has been becoming more and more ubiquitous globally. It is of course a challenge in terms of privacy, as it is not only a relatively new technology where the social discourse has not had the time to form a common societal position, but it is also very invasive as in most cases people interacting with the wearer do not have the choice to use or not use the camera system. National and international authorities are just starting to form their opinion and issue guidelines on the use of body cameras, that is why it is notable that the Hungarian data protection authority
As May 2023 marks the fifth anniversary of the implementation of GDPR[1], we have prepared an overview of the five years of regulatory struggle in Romania since the regulation came into effect. By examining the value of the sanctions and the types of violations, we can identify some regulatory trends of the local practice. Statistics on fines In the first year of GDPR (i.e., May 2018–May 2019), the Romanian Data Protection Authority (“the Authority”) did not issue any fines, but only recommendations[2], even if a significant number of ex-officio investigations were performed (namely 336). This was a year of accommodation. In the following years (May 2019–end of 2021), the Authority continued to carry
Kinstellar is delighted and proud to announce the promotions to Partner of Tomáš Melišek (Bratislava), Levente Hegedűs (Budapest), Bulut Girgin (Istanbul), Anastasiya Bolkhovitinova, Natalia Kirichenko, Oleg Matiusha, Illya Muchnyk (all in our Kyiv office), and to Counsel of Dominika Bajzáthová (Bratislava). PARTNERS Tomá š Melišek, Bratislava Tomáš is the Head of the local Banking & Finance service line. He has 15 years of experience in banking and finance, focusing on project and acquisition financing as well as on financial regulations. Tomáš has substantial experience advising clients on significant financing transactions in the areas of real estate, energy, infrastructure, automotive, media
Kinstellar is delighted to announce the promotion to Managing Associate of Martin Holub and Václav Kment, and the promotion to Senior Associate of Tereza Mašková, Matěj Večeřa and Jakub Šťastný in our Prague office. With these promotions the firm acknowledges their dedication, teamwork, consistent high level of client service, legal knowledge and transactional expertise. Martin Holub focuses on real estate, in particular real estate transactions and commercial lease agreements. Assisting clients in drafting, reviewing and negotiating of various agreements, such as share purchase, lease for office premises, development management, construction, and other real-estate related documents. Václav Kment
On 27 December 2022, the Directive on “measures for a high common level of cybersecurity across the Union”, repealing Directive (EU) 2016/1148 (the “NIS 2 Directive”), was published in the Official Journal of the European Union. The NIS 2 Directive builds on a previous NIS Directive adopted in 2016 expanding its scope to other entities. Due to a rising number of cybersecurity incidents as well as ongoing increased digitalization, the aim of the NIS 2 Directive is to cover more economic sectors and to introduce additional security and reporting requirements across all EU Member States. Member States will have until 17 October 2024 to transpose the NIS 2 Directive into their national laws. Our specialists
On Monday, May 30, the Czech National Cyber and Information Security Agency (NÚKIB) issued a fresh warning on potential cybersecurity threats stemming from the use of energy-related technical or software smart metering tools (i.e. smart meters) that do not come from countries deemed to have “trustworthy” legal environments (report available in English here). Assessing the most recent risk to be “High” the NÚKIB’s warning called on so-called obligated entities to “immediately start preparatory work to deploy technology enabling the required level of direct metering,” – meaning types B, C1, C2 or C3, as per the Czech government’s Decree No. 359/2020, on electricity metering. The NÚKIB utilised an existing
Nearly a year has passed since the lapse of the transposition period for the Digital Content Directive and the Sale of Goods Directive, which brought important changes to national consumer protection rules. However, many jurisdictions still have not implemented the Directives. We are closely monitoring the implementation process in our EU jurisdictions. Below is an overview of the implementation status of the Directives in the remaining EU Member States where Kinstellar operates that have not yet implemented the Directivesand a brief summary of the main changes and the expected country-specific implications for business. In addition, we bring you information from several non-EU countries that have taken inspiration from the