On Monday, May 30, the Czech National Cyber and Information Security Agency (NÚKIB) issued a fresh warning on potential cybersecurity threats stemming from the use of energy-related technical or software smart metering tools (i.e. smart meters) that do not come from countries deemed to have “trustworthy” legal environments (report available in English here). Assessing the most recent risk to be “High” the NÚKIB’s warning called on so-called obligated entities to “immediately start preparatory work to deploy technology enabling the required level of direct metering,” – meaning types B, C1, C2 or C3, as per the Czech government’s Decree No. 359/2020, on electricity metering. The NÚKIB utilised an existing
Nearly a year has passed since the lapse of the transposition period for the Digital Content Directive and the Sale of Goods Directive, which brought important changes to national consumer protection rules. However, many jurisdictions still have not implemented the Directives. We are closely monitoring the implementation process in our EU jurisdictions. Below is an overview of the implementation status of the Directives in the remaining EU Member States where Kinstellar operates that have not yet implemented the Directivesand a brief summary of the main changes and the expected country-specific implications for business. In addition, we bring you information from several non-EU countries that have taken inspiration from the
Since the war in Ukraine became the main subject of newspaper headlines, the amount of related misinformation spread online has reached new heights. As a result, several governments have adopted legislation that provides tools to combat the spread of misinformation. Below is an overview of legislation used to combat misinformation in the Central and Eastern Europe and Central Asia regions: Bulgaria It is worth noting that on 1 March 2022 the Bulgarian electronic media watchdog decided to suspend the distribution of TV channels “Russia Today” and “Sputnik” in line with the EU response to Russian military activity in Ukraine.
With the invasion of Ukraine and a substantial increase in cyberattacks on governments, critical infrastructure and other strategic targets, the topic of cybersecurity has gained even more importance. Below is an overview of the steps that national security authorities have taken to strengthen national security. Bulgaria On 24 November 2021, the Bulgarian government designated the State e-Government Agency as a national coordination centre for the purposes of Regulation (EU) 2021/887. The establishment of the coordination centre is expected to contribute to achieving a high level of network and information security, thus boosting the standards and
Kinstellar is pleased to announce that Petr Bratský has joined the firm’s Prague office as Head of the local TMT sector and service line. His addition to the firm strengthens our expertise in the TMT area. Petr is an expert in IP/IT/Media and Telecommunications. Before joining Kinstellar, Petr worked more than five years at the leading Czech law firm Havel & Partners. In his practice, he focuses primarily on technology, intellectual property, media and film law and legislative advice. Petr also provides strategic and ad hoc compliance advice on the handling of personal data in various commercial sectors. His expertise includes advising major local and international clients from across different industries
All of us have concerns regarding data privacy in the metaverse. Countless questions come to mind, such as: What is the metaverse? Can a digital personality be considered as personal data? What happens if digital data is processed? In this short article we touch on the metaverse’s main data privacy concerns. What is the metaverse? The metaverse is a virtual world that relies on multiple technologies such as virtual reality, blockchain, artificial intelligence, etc. There is no longer just one world like the real world anymore. A new virtual-world era has begun with the advent of different metaverses such as Horizon, Decentraland, Sandbox, and Upland, and it appears that their number will continue to increase.
The most fundamental factor in the successful protection of personal data is data security. Without an adequate level of data security, it is impossible to create the conditions under which the processing of personal data can be carried out responsibly. One of the most important provisions of the European General Data Protection Regulation (2016/679/EU – abbreviated as GDPR) is the requirement that the data controller and the data processor ensure a level of data security that is proportional to the level of risk involved. And the reason for this is simple: preventing a personal data breach. A personal data breach is the most dangerous situation from a data protection point of view, as not only does it presuppose an infringement
Kinstellar is delighted to announce the new Service Heads leading our TMT-related service lines: Lukáš Mrázik, Dániel Endre Nagy and Peter Kováč for Data & Cybersecurity; Natalia Kirichenko for IP&T; Anastasiya Bolkhovitinova and Radoslav Chemshirov for Telecommunications. In their new roles as Service Heads they will work with the firm-wide TMT sector team and other sectors to expand and bring a new dimension to our current capabilities across these areas. They will be the first points of contact for incoming client requests and will engage the right lawyers from our team best suited to work on transactions for our clients. Viliam Myšička, head of Kinstellar’s
According to a recent report by the cybersecurity company ESET, since the entry into force in May 2018 of the General Data Protection Regulation (GDPR), Hungary’s data protection authority has imposed the fourth-highest number of administrative fines in the EU for GDPR violations. As per ESET’s report, the total number of fines in the EU has exceeded 650, with a total amount of more than EUR 280 million. The largest fine thus far was imposed on Amazon Europe Core S.à R.L. in Luxembourg (EUR 746 million—not included in the total amount as it is being challenged in court). Hungary ranks fourth behind Spain, Italy and Romania with 43 fines totalling nearly EUR 812,000. The average amount of a fine in Hungary
On 4 June 2021, the European Commission updated its standard contractual clauses for transfers of personal data to third countries and also released new standard clauses for controller-to-processor relationships. As data transfer standard contractual clauses (“SCCs”) can easily be incorporated into data processing agreements, they represent a widely sought-out mechanism for businesses to ensure data protection compliance when exporting data to third countries. Those businesses that rely on SCCs should now make plans to update their existing agreements to accommodate the recent changes. SCCs for data transfers to third countries Under Article 46, GDPR, in order to transfer personal data outside the EU/EEA, data
Kazakhstan’s parliament is currently considering changes to the law on the protection of personal data. This note discusses the most notable amendments introduced in the draft law and their possible consequences for businesses operating in Kazakhstan. Our note is intended to be helpful guide – it is not comprehensive and does not constitute legal advice. As of the date of this note, the draft bill is not yet adopted. Formation of an electronic service to ensure personal data protection To protect the rights of data subjects (i.e., individuals), prevent leaks and suppress the misuse of personal data, it is expected that an electronic service will be created that will contain citizens’ personal data and which will