Clifford Chance

Introduction

Wordle, a simple word game, is the latest internet phenomenon.

The game offers an undisclosed five-letter word every day. Players enter their guesses into a grid, which reveals whether the letters are in the word and in the right place. Wordle is praised for its simplicity: it is web-based and need not be downloaded as an app.

Unfortunately, Wordle is the exception rather than the rule in a world where there is an app for everything. As the powers of app stores reach an all time high, the US Senate considers legislation making it illegal for app stores to require developers to use the in-app payment system as a condition of distribution.

In Africa, the saga of Nigeria's Twitter ban finally came to an end, as the ban was lifted after Twitter agreed to several demands by the government. Kenya makes progress in data protection and in digital credit regulations.

The trial of the e-CNY, China's digital currency, has seen several millions of payments a day during the Winter Olympics. China has also issued a draft bill on regulating deepfake technologies.

In Europe, the Commission unveiled the text of the European Chips Act, aimed at bolstering Europe's chips producing capabilities. EU and Singapore published a statement on closer digital cooperation. In the UK, the government launched a new AI standards hub, and proposes to strengthen the draft Online Safety Bill.

Lastly, Oman has become the latest country in the Middle East to promulgate a data protection law - this will come into force from February next year.

Africa

Nigeria lifts Twitter ban seven months after site deleted president’s post

Nigeria's government restored access in the country to Twitter on 13 January 2022 after a seven-month suspension that was imposed after the social media site deleted a post by Nigeria’s president that threatened a violent crackdown on secessionist groups.

The government blocked access to the site in June, but reversed course after Twitter reportedly agreed to several demands including legal registration of operations, taxation, and managing prohibited publication in line with Nigerian laws.

This could have far reaching consequences for global tech companies targeting consumers in Nigeria. The government said the agreed conditions “open a new chapter in global digital diplomacy” and “set a new operational template for Twitter to come back stronger for the benefit of Nigerians”.

Publication of the Kenyan Data Protection Regulations 2021

Early in 2021, the Ministry of ICT, Innovation and Youth Affairs issued draft regulations that would have a wide impact on how businesses in Kenya collect, manage and treat personal data. 

The Ministry has now finalised and gazetted three sets of regulations (published 14 Jan 2022) that will now come into force (provided the National Assembly does not object to the contents of any of the regulations within 28 days of publication). Businesses will need to comply with: (i) the Data Protection (General) Regulations, 2021; (ii) the Data Protection (Registration of Data Controllers and Data Processors) Regulations, 2021; and (iii) the Data Protection (Compliance and Enforcement Regulations), 2021.

The General Regulations include provisions governing the following key areas: consent requirements, commercial use of personal data, data retention schedules, disclosure on automated decision-making and data breaches.

The Registration of Data Controllers and Data Processors Regulations include provisions governing the application for registration of a data controller, and thresholds for mandatory registration of a data controller or data processor.

The Compliance and Enforcement Regulations include provisions governing a complaints procedure and daily fines.

Central Bank of Kenya Publishes Draft Digital Credit Providers Regulations

The Central Bank (Amendment) Act 2021 came into force on 23 December 2021, fortifying the Central Bank's ability to have control over digital lending and borrowing. The legislation meant that rather than simply registering to operate within Kenya, start-ups now have to obtain a licence to provide these services.

Following the 2021 Act coming into force, the Central Bank also published the draft Digital Credit Providers Regulations (DCP Regulations). The DCP Regulations provide additional details on areas such as the licensing requirements, credit information, data protection and consumer protection. The DCP Regulations are not yet in force as the Central Bank was collecting views from the public up until 21 January 2022.

Americas

Senate Judiciary Committee Passes Open App Markets Act with Strong Bipartisan Support

On February 3rd, the Senate Judiciary Committee advanced the Open App Markets Act (S.2710) with strong bipartisan support. The Act passed by a margin of 20-2, with Senators John Cornyn (R-TX) and Thom Tillis (R-NC) voting against it. Introduced by Senator Richard Blumenthal (D-CT) in August 2021, the Act would prevent a covered company (as defined in the law) from requiring developers to use the covered company's in-app purchase system as a condition of distribution. The Act was introduced in response to concerns brought by Epic Games in lawsuits against Apple and Google concerning restrictions on in-app purchases through means other than the Apple App Store and Google Play store, respectively.

If signed into law, the Act would make it illegal for a covered company to "(1) require developers to use an In-App Payment System owned or controlled by the Covered Company or any of its business partners as a condition of being distributed on an App Store or accessible on an operating system; (2) require as a term of distribution on an App Store that pricing terms or conditions of sale be equal to or more favorable on its App Store than the terms or conditions under another App Store; or (3) take punitive action or otherwise impose less favorable terms and conditions against a developer for using or offering different pricing terms or conditions of sale through another In-App Payment System or on another App Store." Further, the Act mandates interoperability, requiring a covered company "that controls the operating system or operating system configuration on which its App Store operates shall allow and provide the readily accessible means for users of that operating system to— (1) choose third-party Apps or App Stores as defaults for categories appropriate to the App or App Store; (2) install third-party Apps or App Stores through means other than its App Store; and (3) hide or delete Apps or App Stores provided or preinstalled by the App Store owner or any of its business partners." A covered company may also not unreasonably prefer or rank its own apps over other apps. A covered company is defined as a person that owns or controls an app store with more than 50 million U.S. users.

The Open App Markets Act is the second antitrust bill passed in the Senate Judiciary Committee this year. The American Innovation and Choice Online Act (S.2992) advanced by a vote of 16-6 on January 20th, but it did not garner as much bipartisan support as the Act. The American Innovation and Choice Online Act would prohibit certain discriminatory and exclusionary conduct by companies that met specific criteria and were designated as covered platforms by U.S. antitrust agencies. Prohibited conduct under the American Innovation and Choice Online Act includes companies self-preferencing their own products or services, or restricting other business's access to services or data.

Speaking of the Act, Senator Amy Klobuchar (D-MN), Chair of the Subcommittee on Antitrust, said, "By establishing new rules for app stores, this legislation will help level the playing field and ensure an innovative and competitive app marketplace. Now that it has passed the Judiciary Committee with strong bipartisan support, we are one step closer to it passing the Senate and being signed into law." Senator Mike Lee (R-UT), the Ranking Member of the Subcommittee on Antitrust, also voted in support of the Act. A vote before the full Senate has not been announced as of this publication.

APAC

China offers digital currency at the Beijing Winter Olympics

China's digital currency, e-CNY, has been trialled in the Beijing Winter Olympics. Overseas visitors could use e-CNY without having to open a local bank account. Payments in e-CNY are made via the digital yuen wallet app, a physical card or on wearables. According to an official of the People's Bank of China (PBOC), there have been "a couple of million" of payments in the digital currency every day.

This is the latest in a series of digital currency trials in China, which have already taken place in various other cities. On 4 January, the PBOC ramped up its digital currency effort by releasing pilot versions of its digital yuen wallet app on Apple and Android app stores.

Consultation on deep synthesis technologies in China

On 28 January 2022, the Cyberspace Administration of China (CAC) issued the draft Provisions on Deep Synthesis Internet Services, seeking feedback until 28 February. The draft Provisions will apply to not only "deepfakes", where a person in an existing image or video is replaced with someone else, but also technologies that generate any type of content that could be understood as "media", such as text. Deep synthesis services providers will be required to verify the identity of the users of their technologies, and to cooperate freely with the authorities in inspection and to produce the necessary data and technical support on request.

Europe

European Commission unveils a new European Chips Act

On 8 February 2022, the European Commission unveiled its proposal for a new European Chips Act. The overarching theme of the proposed Act, as we reported back in November 2021, is to address Europe's dependency on a number of non-EU suppliers for semi-conductors. The proposed text includes a EUR 11 billion investment (pooled from the EU, member states, and the private sector) for a "Chips for Europe" initiative, a "Chips Fund" to help SMEs and start-ups access finance, and a coordination mechanism between members states and the Commission to monitor the supply of chips and to anticipate shortages.

The Commission also proposed an accompanying Recommendation to bridge the gap until the legislation is adopted and allow the coordination mechanism to commence straight away. The Commission proposed to convene a European Semiconductor Expert Group to coordinate any crisis response measures and monitor the semiconductor supply chain.

The draft Chips Act must now be approved by the European Parliament and Council under the ordinary legislative procedure.

EU-Singapore statement on closer digital cooperation

On 14 February 2022, the EU and Singapore published a joint statement on accelerating steps towards a comprehensive Digital Partnership.

The Partnership will establish a framework for digital trade between the EU and Singapore, and address issues such as data flows, digital infrastructure, the development of digital skills for workers, and the digital transformation of businesses and public services. There will also be cooperation in emerging areas such as AI, 5G/6G and digital identities. The two sides have agreed to launch technical workshops to scope the content and processes of the Digital Partnership, and work towards a political agreement in 2022. The issue of semiconductor supply chain, which was the subject of the newly unveiled European Chips Act, will also be discussed in the workshops.

UK's AI Standards Hub

On 12 January, the UK government announced a new AI Standards Hub to develop technical standards for artificial intelligence. This is part of the UK's National AI Strategy, published back in September 2021.  According to the press release, in its pilot phase the hub will focus on:

• Growing UK engagement to develop global AI standards by bringing together information about technical standards and development initiatives in an accessible, user-friendly and inclusive way.
• Bringing the AI community together through workshops, events and a new online platform to encourage more coordinated engagement in the development of standards around the world.
• Creating tools and guidance for education, training and professional development to help businesses and other organisations engage with creating AI technical standards, and collaborate globally to develop these standards.
• Exploring international collaboration with similar initiatives to ensure the development of technical standards are shaped by a wide range of AI experts, in line with shared values.

UK's draft Online Safety Bill

There is a new development in the UK's draft Online Safety Bill, which aims to establish a regulatory framework for tackling harmful content online. On 4 February, the government announced that it will expand the list of priority offences in the Bill. Internet companies will be required to not only put in place systems to remove illegal content as soon as they become aware of it, but also take proactive measures with regards to the most harmful "priority" forms of online illegal content.

In addition, the government confirmed that several offences recommended by the Law Commission will be added to the bill, including a ‘genuinely threatening’ communications offence, a harm-based communications offence to capture communications sent to cause harm without a reasonable excuse, and an offence for when a person sends a communication they know to be false with the intention to cause non-trivial emotional, psychological or physical harm.

Middle East

Oman's new data protection law

Oman has become the latest country in the Middle East to issue a data protection law. On 9 February, the Ministry of Information announced the Royal Decree 6/2022 Promulgating the Law on the Protection of Personal Data. The law brings Oman's data protection regime closer to international standards and provides for data subject rights including the right to access personal data, to erasure, and not to be subject to processing without consent. Penalties for non-compliance may be up to OMR 500,000. The law will come into effect a year later, on 9 February 2023.