Full reference: Frison-Roche, M.-A., Compliance by Design, a new weapon? Opinion of Facebook about Apple new technical dispositions on Personal Data protection, Newsletter MAFR - Law, Compliance, Regulation, 31st of August 2020

Read by freely subscribing other news of the Newsletter MAFR - Law, Compliance, Regulation

Summary of the news:

Personal Data, as they are information, are Compliance Tools. They represent a precious resource for firms which must implement a vigilance plan in order to prevent corruption, money laundering or terrorism financing, for examples. It is the reason why personal data are the angular stone of "Compliance by design" systems. However, the use of these data cannot clear the firm of its simultaneous obligation to protect these same personal data, that is also a "monumental goal" of Compliance Law. 

In order to be able to exploit these data in an objective of Compliance and protecting them in the same time, the digital firm Apple adopted for example new dispositions in order to the exploitation of the Identifier For Advertisers (IDFA) integrated in the iPad and in the iPhone and broadly used by targeted advertising firms, is conditioned to the consumer's consent.

Facebook reacted to this new disposition explaining that such measures will restrict the access to data for advertisers who will suffer from that. Facebook suspects Apple to block the access to advertisers in order to develop its own advertising tool. Facebook guaranteed to advertisers who work with it that it will not take similar measures and that it will always favor consultation before decision making in order to concile sometimes divergent interests. 

We can sleep and already make some remarks:

• GDPR imposing to companies that they guarantee a minimal level of protection for personal data does not apply in the United-States. It is then possible that Apple acted through Corporate Social Responsibility (CSR), more than through legal obligation. 
• The mode of regulation used here is the "conversational regulation" theorized by Julia Black. Indeed, regulators let the forces in presence discuss. 
• This "conversational regulation" does not seem to be very efficient in this case and an intervention of administrative authorities or of judges could be justified via Competition Law, Regulation Law or Compliance Law, knowing that Competition Law will favor access right to information and Regulation or Compliance Law private life right. 

The whole paradox of Compliance Law rests in the equilibrium between circulation of information and secret. 

Full reference: Frison-Roche, M.-A., Difficulty of Compliance in Self-Regulation system: example of the Summer 2020 meetings of OPEC about the "conformity"​ for Oil Market Stability​, Newsletter MAFR - Law, Compliance, Regulation, 26th of August 2020

Read by freely subscribing other news of the Newsletter MAFR - Law, Compliance, Regulation

Summary of the news

The world production of oil is largely coordinated by the Organization of the Petroleum Exporting Countries (OPEC) and especially by its Joint Ministerial Monitoring Committee (JMMC). On 15th of July 2020, this Committee decides to reduce the world production of oil in order to maintain a certain price stability in a context of restricted demand because of the COVID-19 pandemic. 

However, such a stability can be maintained only if each member respects this decision and effectively reduce its production level. This meeting of 15th of July also aimed to get member's conformity. In order to get this conformity, the JMMC declared that it will use "name and shame", shaming countries which do not respect the Committee's declaration and naming those which respect it. A second meeting, on 19th of August 2020, reminded to non-compliant countries their obligation and urged them to comply before the 28th of August. 

We can observe two things: 

• The term used by the Committee is "conformity" and not "compliance", which implies less adherence to "monumental goals than the mechanical respect of formal rules.
• In an self-regulation system where there is not supposed to be a need for "conformity", the need for it is a clue that this self-regulation is malfunctioning.

Full reference: Frison-Roche, M.-A., The always in expansion "Right to be Forgotten"​: a legitimate Oxymore in Compliance Law built on Information. Example of​ Cancer Survivors Protection, Newsletter MAFR - Law, Compliance, Regulation, 25th of August 2020 

Read by freely subscribing other news of the Newsletter MAFR - Law, Compliance, Regulation

Summary of the news

The "right to be forgotten" is an invention of the Court of Justice of the European Union during the case Google Spain in 2014. It implies that digital firms block the access to personal data of someone who asks it. This "right to be forgotten", which permits to impose secret to third parties has largely been generalized by GDPR in 2016. This new fundamental subjective right is a very political and European right. United-States which, on the contrary of Europe, did not experience nazism, links the "right to be forgotten" to the protection of consumer, conception which especially leads California Consumer Privacy Act adopted in 2018 to link this right to a situation of absence of necessity of this data for the firm which obtained it. 

In Europe, this willingness to protect directly the person increases the scope of such a subjective right. Thus, in France and in Luxembourg, since 2020, a cancer survivor can thus ask that such an information is not accessible among his or her health data, especially for insurance companies which use them in their risk calculus to set premium amount. Netherlands will do the same in 2021 to fight against discrimination between banks' and insurances' clients. 

The "monumental goal" is therefore not so much here the protection of individual freedoms as the protection of the vulnerable person, which is bye the way the keystone of a Compliance Law, concealing sometimes prohibition to circulate information (as here) and sometimes obligation to circulate information (in other cases, where the alert must be given) depending on whether vulnerable people are protected either by one or by the other.

Référence complète : Malik, A., La conformité dans les établissements financiers sous le prisme du droit pénal, thèse Toulouse, 2019. 

Lire la thèse. 

Référence complète : Lequet, P., Loi « devoir de vigilance » : de l'intérêt des normes de management des risques, in Revue juridique de l'environnement, vol.42, n°4, 2017, pp.705-725.

Les étudiants de Sciences po, peuvent consulter l'article via le Drive, dossier "MAFR- Régulation & Compliance"

Référence complète : Hermitte, M.-A., Le lanceur d'alerte, héros des sociétés scientifiques et techniques ?, in  Réseau européen de recherche en droits de l'homme (RERDH), Héroïsme et Droit, coll. "Thèmes et Commentaires", Dalloz, 2014, p.135-148. 

____

Full reference: Collard, C., and Roquilly, C., Les risques juridiques et leur cartographie : proposition de méthodologie (Legal Risks and Their Mapping: proposition of Methodology), La Revue des Sciences de Gestion, vol. 263-264, no. 5, 2013, pp. 45-55.

Sciences Po's students can read this article via Sciences Po's Drive in the folder MAFR - Regulation & Compliance

Full reference: Bon-Michel, B., La cartographie des risques : de la rationalisation du futur à l'apprentissage du risque. Cas de l'identification du risque opérationnel au sein d'un établissement de crédit (Risks Mapping: from Rationalization of the Future to Risk Learning. Case of the Identification of the Operational Risk in a Credit Establishment), Management & Avenir, vol. 48, no. 8, 2011, pp. 326-341.

Sciences Po's students can read this article in the Sciences Po Drive in the folder MAFR - Regulation & Compliance 

Référence complète : FRISON-ROCHE, Marie-Anne, L’utilité du notariat face à des marchés menacés par la crise, Droit & Patrimoine, Lamy, n°204, juin 2011, p.38-42.

Il faut appliquer la technique du "coût/avantage » pour mesure son utilité lorsque des marchés sont menacés par la crise. En effet, s’il y a des défaillances de marché, par exemple par la financiarisation de ceux-ci, ils ne peuvent plus supporter des risques qui s’avèrent systémiques. Or, l’incertitude des propriété" et la chaine d’engagements inconsidérés constituent des risques systémiques. Le notariat s’avère utile en ce qu’il produit des actes authentiques, actes normatifs produisant de l’incontestabilité, c’est-à-dire de la sécurité réduisant les risques sur les marchés. En outre, par ces diligences et l’organisation disciplinaire de la profession, le notaire assure la plus juste coïncidence entre le negotium et l’instrumentum, ce qui garantit ou restaure sur les marchés la confiance, qui en est le bien commun.

Accéder à l'article.

Lire le résumé de l'article ci-dessous.

Référence complète : Frison-Roche, M.-A., La prise en charge par le droit des systèmes à risques, observations récapitulatives, in Le droit face à l’exigence contemporaine de sécurité, P.U.A., 2000, pp. 259-282.

Accéder à l'article.