Compliance and Regulation Law bilingual Dictionnary
In Europe, Community Law prohibits States from providing aid to companies, which are analyzed as means for the benefit of their country which the State cares about (and sometimes wrongly) having the effect and maybe the object of maintaining or constructing borders between peoples, thus contradicting the first European political project of a common area of peace and exchanges between the peoples of Europe. That is why this prohibition does not exist in the United States, since Antitrust Law is not intended to build such a space, which is already available to businesses and people.
This essential difference between the two zones changes industrial policies because the US federal Government can help sectors where Member States can not. The European prohibition of State Aid can not be called into question because it is associated with the political project of Europe. This seems to be an aporia since Europe is handicapped against the United States.
In any form it takes, Aid is prohibited because it distorts equality of opportunity in competition between operators in the markets and constitutes a fundamental obstacle to the construction of a unified European internal market. On the basis of this simple principle, a branch of technical and specific law has developed, because States continue to support their entreprises and sectors, and many rules and cases divide this principe of prohibition into as many exceptions and nuances. Is built over the years a probation system related to it. Thus, the concept of a public enterprise was able to remain despite this principle of prohibition.
But if there is a crisis of such a nature or magnitude that the market does not succeed by its own forces to overcome and / or the European Union itself pursues a-competitive objectives, exogenous Regulation, which can then take the form of legitimate State Aid. Thus a sort of synonymy exists between State Aid and Regulation.
For this reason, the European institutions have asserted that State Aid becomes lawful when it intervenes either in strategic sectors, such as energy production in which the State must retain its power over assets, or the defense sector. Far from diminishing, this hypothesis is increasing. European Union Law also allows the State to intervene by lending to financial operators threatened with default or already failing, the State whose function is to fight systemic risk, directly or through its Central Bank. The aid can come from the European Central Bank itself helping States in issuing sovereign debt, the Court of Justice having admitted in 2015 the non-conventional monetary policy programs compliance with the treaties. In 2010, the European Commissioner for Competition stressed that public aid is essential tools for States to deal with crises, before regulations come to the fore in 2014 to lay the foundations of the European Banking Union.
March 23, 2023
Publications
♾️ follow Marie-Anne Frison-Roche on LinkedIn
♾️ subscribe to the Newsletter MAFR Regulation, Compliance, Law
____
► Full reference: M.A. Frison-Roche, Thinking and using Vigilance through its Compliance Monumental Goals, Working Paper, March 2023.
____
🎤 This Working Paper has been done as basis for the itroduction of the colloquiul La société vigilante ("Vigilant Company") at the Aix-Marseille University on March 24, 2023 (conference given in French)
____
► Summary of the Working Paper: The concept of "Vigilance" is difficult to define. Probably because even as it is becoming a standard, it has just entered the legal systems. And what a splash it is! To understand it, it must not be isolated. Neither in the only French law attracting all the attention, all the fears, all the hopes, the so-called Loi Vigilance ("Vigilance Law"), nor in the only technical mechanisms that make Vigilance a reality.
Vigilance is itself only a part of a deeper movement, of which it is the advanced point, allowing us to anticipate the evolution of the whole: Compliance Law.
In this light and for not getting lost in it, because the stakes are so high that one quickly loses the measure of things, with each party lashing out at the others, so Vigilance, the key element of Compliance, requires above all alliances, that we can first examine the entry of Vigilance into the legal system and then understand it through the Monumental Goals which give the measure of it, i.e. both the scope and the limit, each one having to act within the margins that are theirs, States, companies, stakeholders, and judges.
A Will for tomorrow can then emerge today, carried by Europe.
____
🔓read the Working Paper⤵️
Nov. 12, 2022
Publications
♾️ suivre Marie-Anne Frison-Roche sur LinkedIn
♾️ s'abonner à la Newsletter MAFR Regulation, Compliance, Law
____
► Référence complète : M.-A. Frison-Roche, Automated Compliance, a pertinent tool for Compliance Law, the whole, document de travail, novembre 2022.
____
📝Ce document de travail sert de base à une participation à un débat sur "Automated Compliance : "the" solution or "a" solution?, qui déroule dans le Sommet global de Gaia-X le 17 novembre 2022.
____
►Résumé du document de travail : s'appuyant sur la présentation préalablement faite au débat par un membre de la Commission européenne, il s'agit de souligner trois éléments qui montrent que l' Automated Compliance (ou Compliance by design) est à la fois un outil central, mais qu'il n'est un outil du Droit de la Compliance dont il ne saurait remplir par sa seule performance technologique toutes les fonctions dans un Etat de Droit.
En premier lieu, l'Union européenne semble en difficulté lorsqu'elle veut tout à la fois bâtir un système juridique qui lui est propre sur la base de Lois dont chacune est la pièce d'un gigantesque puzzle pour obtenir une industrie pérenne et autonome dans une économie numérique mondiale totalement renouvelée, ce qui fait peser sur les entreprises une charge considérable d'intégration de toutes ces règles du jeu, tout en affirmant qu'il faut alléger la charge que la "réglementation" fait peser sur elles.
En second lieu, la meilleure solution pour résoudre cette ambition contradictoire est effectivement dans la technologique, les algorithmes intégrant directement les réglementations. Mais plus encore, l'ensemble de ces textes reposent sur une autonomie laissée en Ex Ante aux entreprises européennes pour s'organiser entre elles afin de concrétiser les "buts monumentaux" que l'Union européenne a décidé d'atteindre, dont la réalisation d'un cloud souverain est au centre.
Ainsi la distinction et l'articulation d'un "Droit de la Compliance", défini par ces "buts monumentaux", dont lequel l'intelligence artificielle est un outil, le "tout" (Compliance Law) et la "partie" (Automated Compliance) est essentielle.
En troisième lieu, cette distinction et articulation est non seulement bénéfice mais elle est obligatoire. En effet, même si le Droit de la Compliance constitue une branche du Droit, elle fonctionne dans le système juridique générale, qui ne fonctionne que par l'esprit des textes, les outils algorithmiques ne capturant que la lettre de ceux-ci. Ces tribunaux sont et seront au cœur du Droit de la Compliance, le cas Schrems l'a bien montré. C'est pourquoi la Technologie et le Droit doivent travailler ensemble, et davantage à l'avenir, notamment parce qu'un outil pour l'effectivité du Droit ne pourra jamais rendre compte de la vie même du système juridique.
________
🔓Lire ci-dessous les développements⤵️
Sept. 1, 2022
Thesaurus : Doctrine
► Full Reference: S. Pottier, "Pour une compliance européenne, vecteur d’affirmation économique et politique" ("For European compliance, a vector of economic and political affirmation"), in M.-A. Frison-Roche (ed.), Les Buts Monumentaux de la Compliance, coll. "Régulations & Compliance", Journal of Regulation & Compliance (JoRC) and Dalloz, 2022, p. 475-482.
____
📕read a general presentation of the book, Les Buts Monumentaux de la Compliance, in which this article is published
____
► Summary of the article (donne by the Journal of Regulation & Compliance): Today's monumental goals, particularly environmental and climatic ones, are of a financial magnitude that we had not imagined but the essential stake is rather in the way of using these funds, that is to determine the rules which, to be effective and fair, should be global. The challenge is therefore to design these rules and organize the necessary alliance between States and companies.
It is no longer disputed today that the concern for these monumental goals and the concern for profitability of investments go hand in hand, the most conservative financiers admitting, moreover, that concern for others and for the future must be taken into account, the ESG rating and the "green bonds" expressing it.
Companies are increasingly made more responsible, in particular by the reputational pressure exerted by the request made to actively participate in the achievement of these goals, this insertion in the very heart of the management of the company showing the link between compliance and the trust of which companies need, CSR also being based on this relationship, the whole placing the company upstream, to prevent criticism, even if they are unjustified. All governance is therefore impacted by compliance requirements, in particular transparency.
Despite the global nature of the topic and the techniques, Europe has a great specificity, where its sovereignty is at stake and which Europe must defend and develop, as a tool for risk management and the development of its industry. Less mechanical than the tick the box, Europe makes the spirit of Compliance prevail, where the competitiveness of companies is deployed in a link with States to achieve substantial goals. For this, it is imperative to strengthen the European conception of compliance standards and to use the model. The European model of compliance arouses a lot of interest. The duty of vigilance is a very good example. It is of primary interest to explain it, develop it and promote it beyond Europe.
________
June 21, 2022
Thesaurus : Soft Law
Référence complète : Equinet : Pour une IA européenne protectrice et garante du principe de non-discrimination, Avis établissant des recommandations et des principes essentiels pour la future législation européenne portant sur l'intelligence artificielle, 21 juin 2022.
____
May 4, 2022
Thesaurus : Soft Law
► Référence générale : Haut Comité juridique de la place financière de Paris, Rapport sur l'extraterritorialité du Droit de l'Union européenne, mai 2022.
____
_____
Feb. 27, 2022
Compliance: at the moment
Feb. 23, 2022
Thesaurus : Doctrine
Référence complète : Briatta, G., Concrete steps towards progress in the Banking Union, The European Finance Magazine, fév. 2022, p.116-.
____
Feb. 9, 2022
Teachings : Droit de la régulation bancaire et financière - semestre 2022
► Référence complète : Frison-Roche, M.-A., Prévention et sanction des Abus de Marchés, in Leçons de Droit de la Régulation bancaire et financière, Sciences po (Paris), 9 février 2022.
____
► Résumé de la leçon sur les Abus de marché : Dans une conception classique et du Droit et du "libre marché", le principe est la liberté d'action de la personne. Même si l'exercice de cette liberté, voire d'un droit subjectif peut causer un dommage, par exemple un dommage concurrentiel, c'est en quelque sorte le prix légitime d'une société libre et concurrentielle. Ainsi dans une conception libérale, seul l'abus est sanctionné, c'est-à-dire l'exercice fautif que l'on fait de sa liberté ou de son droit, allant parfois jusqu'à l'exigence d'une faute qualifiée.
Mais les secteurs bancaires et financiers ne sont pas gouvernés par le principe de libre concurrence. Ils sont gouvernés par le principe de régulation, le principe de concurrence n'y a qu'un rôle adjacent. Cela ne pourra qu'engendrer de graves difficultés lorsque le Droit de la concurrence et le Droit bancaire et financier font s'appliquer d'une façon cumulée ou confrontée sur une même situation.
Les marchés financiers sont construits sur le principe de régulation qui pose le principe de transparence et de partage d'une information exacte : c'est ainsi que l'intégrité des marchés financiers est assurée, l'Autorité des Marchés financiers en étant le gardien.
La prévention et la sanction des "abus" de marché est donc non pas une part résiduelle du Droit financier, mais un pilier de celui-ci, contrairement au Droit des marchés ordinaires concurrentiels, sur lesquels l'opacité et le non-partage des informations est la règle.
Cela explique l'état du droit des "abus de marché", dont l'effectivité de la prohibition est essentielle pour le bon fonctionnement ordinaire des marchés financiers. Leur prohibition nationale a été harmonisée par le Droit de l'Union européenne, à travers des textes dont les signes reprennent l'appellation anglaise : Market abuses (ainsi le nouveau Règlement communautaire sur les abus de marché est dit Règlement MAR (Market Abuses Regulation) et la directive qui l'accompagne MAD (Market Abuses Directive).
Il sanctionne un certain nombre de comportements, qui portent atteinte à l'intégrité des marchés,
Mais il n'exprime plus des exceptions par rapport à un principe : des fautes par rapport à des libertés ou à des droits. Il exprime des moyens par rapport à des principes dont la sanction des abus ne constitue que la concrétisation de principes dont ils sont la continuité même : l'efficacité du marché, son intégrité, sa transparence, l'information de l'investisseur.
C'est pourquoi la sanction des abus de marché ne sont pas du tout un phénomène périphérique par rapport à la Régulation des marchés financiers et à l'activité et au fonctionnement des bancaires, comme l'est le Droit pénal : elle est au contraire à la fois ordinaire et centrale. Cette différence des deux ordres publics va se retrouver dans la question lancinante de la sanction pénale et de la sanction administrative des mêmes abus de marché (par exemple "manquement d'initié" et "délit d'initié", qui ont tendance à se cumuler dans des techniques de répression qui seront l'objet de la prochaine leçon.
_____
🔎 Accéder aux slides servant de support à la leçon sur les abus de marché
🔎 Revenir aux bases avec le Dictionnaire bilingue du Droit de la Régulation et de la Compliance
🔎 Approfondir par la Bibliographie générale de Droit de la Régulation bancaire et financière
🔎 Revenir à la présentation générale du cours
🔎 Se reporter au plan général du cours
____
Utiliser les matériaux ci-dessous pour aller plus loin et pour préparer votre conférence de méthode ⤵️
Feb. 2, 2022
Teachings : Droit de la régulation bancaire et financière - semestre 2022
► Référence complète : Frison-Roche, M.-A., Le Droit européen de régulation et de supervision bancaire et financière, in Leçons de Droit de la Régulation bancaire et financière, Sciences po (Paris), 2 février 2022.
____
► Résumé de la leçon sur le Droit européen de Régulation et de Supervision bancaire et financière : L'Europe est avant tout et pour l'instant encore une construction juridique. Elle fut pendant longtemps avant tout la construction d'un marché, conçu politiquement comme un espace de libre circulation (des personnes, des marchandises, des capitaux). C'est pourquoi le Droit de la Concurrence est son ADN et demeure le cœur de la jurisprudence de la Cour de justice de l'Union européenne, qui tient désormais l'équilibre entre les diverses institutions, par exemple la Banque Centrale Européenne, dont les décisions peuvent être attaquées devant elle. Mais aujourd'hui le Droit de l'Union européenne se tourne vers d'autres buts que la "liberté", laquelle s'exprime dans l'immédiat, notamment la "stabilité", laquelle se développe dans le temps. C'est pourquoi la Banque y prend un si grande importance.
En outre, face aux "libertés" les "droits" montent en puissance : c'est par les institutions juridiques que l'Europe trouve de plus en plus son unité, l'Europe économique et financière (l'Union européenne) et l'Europe des droits humains (le Conseil de l'Europe au sein duquel s'est déployée la Cour européenne des droits de l'Homme) exprimant les mêmes principes. C'est bien à travers une décision prenant appui sur le Droit de la concurrence que la Commission européenne le 18 juillet 2018 a obligé Google à concrétiser le "droit d'accès" à des entreprises innovantes, apte à faire vivre l'écosystème numérique, tandis que le Régulateur financier doit respecter les "droits de la défense" des personnes qu'il sanctionne.
Aujourd'hui à côté de l'Europe économique se développe en même temps par des textes une Europe bancaire et financière (on ne sait pas si par le Droit - par exemple le droit de la propriété intellectuelle - existera une Europe industrielle).La crise a fait naître l'Europe bancaire et financière. L'Union bancaire est issue de Règlements communautaires du 23 novembre 2010 établissant des sortes de "régulateurs européens" (ESMA, EBA, EIOPA) qui donnent une certaine unité aux marchés financiers qui demeurent nationaux, tandis que les entreprises de marché, entreprises privées en charge d'une mission de régulation, continuent leur déploiement selon des techniques de droit privé. L'Union bancaire est née d'une façon plus institutionnelle encore, par trois piliers qui assurent un continuum européen entre la prévention des crises, la résolution des crises et la garantie des dépôts. En cela, l'Europe bancaire est devenue fédérale.
Sur les marchés de capitaux, des instruments financiers et des titres, l'Union européenne a utilisé le pouvoir que lui confère depuis la jurisprudence Costa et grâce au processus Lamfallussy d'une sorte de "création continuée" pour injecter en permanence de nouvelles règles perfectionnant et unifiant les marchés nationaux. C'est désormais au niveau européen qu'est conçu la répression des abus de marché mais aussi l'information des investisseurs, comme le montre la réforme en cours dite "Prospectus 3". A l'initiative de la Commission Européenne, les textes sont produits en "paquet" car ils correspondent à des "plan d'action " . Cette façon de légiférer est désormais emprunté en droit français, par exemple par la loi dite PACTE du 29 avril 2019. Cette loi vise - en se contredisant parfois - à produire plus de concurrence, d'innovation, à attirer l'argent sur des marchés dont l'objectif est aussi la sécurité, notion d'égale importance que la liberté, jadis seul pilier du Droit économique. Conçue par les but, La loi est définitivement un "instrument", et un instrument parmi d'autres, la Cour de Justice tenant l'équilibre entre les buts, les instruments et les institutions.
La question du "régulateur" devient plus incertaine : la BCE est plus un "superviseur" qu'un "régulateur" ; le plan d'action pour une Europe des marchés de capitaux ne prévoit pas de régulateur, visant un capitalisme traditionnelle pour les petites entreprises (sorte de small businesses Act européen).
____
____
Se reporter au Plan complet du cours.
____
Revenir aux bases avec le Dictionnaire bilingue du Droit de la Régulation et de la Compliance.
__________________________________________________________________________
Documentation spécifique à cette leçon sur
l'Europe du Droit de la Régulation bancaire et financière
Documentation sur les textes et les institutions :
Documentation sur la jurisprudence :
________
Updated: Jan. 24, 2022 (Initial publication: )
Thesaurus : Doctrine
Référence complète : Dupré, B., Souveraineté européenne, autonomie stratégique, Europe puissance : quelle réalité pour l’Union européenne et pour quel avenir ?, Fondation Robert Schuman, Question d'Europe, n°620, janv. 2022.
____
June 18, 2021
Compliance: at the moment
► Law is slow, but firm. By its judgment of June 15, 2021, Facebook , the European Union Court of Justice widely interprets the powers of National Authorities, since they serve the people protection in the digital space (➡️📝(CJEU, June 15, 2021, Facebook).
Law is slow. The reproach is so often made. But the bottom line is that, in the noise of changing regulations, it establishes clear and firm principles, letting everyone know what to stand for. The more the world is changing, the more Law is required.
When Law degenerates into regulations, then it is up to the Judge to make Law. "Supreme Courts" appear, de jure as in the United States, de facto as in the European Union by the Court of Justice of the European Union which lays down the principles, before everyone else, as it did for the "right to be forgotten" in 2014 (➡️📝CJEU, Google Spain, May 13, 2014), and then with the impossibility of transferring data to third countries without the consent of the people concerned (➡️📝CJEU, Schrems, October 6, 2015).
Facebook litigation is kind of a novel. The company knows that it is above all to the Courts that it speaks. In Europe, it is doing it behind the walls of the Irish legal space, from which it would like to be able not to leave before better dominating the global digital space, while national regulatory authorities want to take it to protect citizens.
There is therefore a technical question of "jurisdictional competence". The texts have provided for this, but Law is clumsy because it was designed for a world still anchored in the ground: the GDPR of 2016 therefore organizes cooperation between national regulatory authorities through a "one-stop-shop", forcing the authorities to relinquish jurisdiction so that the case is only handled by the "lead" National Authority. This avoids splintering and contradiction. But before the adoption of the GDPR, the Belgian data protection regulator had opened a procedure against Facebook concerning cookies. The "one-stop-shop" mechanism, introduced in 2016, is therefore only mentioned before the Brussels Court of Appeal, which is asked to relinquish jurisdiction in favor of the Irish Regulatory Authority, since the company has in Europe its head office in this country. The Court of Appeal referred to the CJEU for a preliminary ruling.
By its judgment of June 15, 2021 (➡️📝CJUE, Facebook, June 15, 2021), it follows the conclusions of its Advocate General and maintains the jurisdiction of the Belgian National Regulator because, even after the GDPR, the case still undergoes national treatment. In this decision, the most important is its reasoning and the principle adopted. The Court notes that the "one-stop-shop" rule is not absolute and that the national regulatory authority has the power to maintain its jurisdiction, in particular if cooperation between national authorities is difficult.
Even more, will it not one day have to adjust Law more radically? We need to consider the fact that the digital space is not bound by borders and that the ambition of "cross-border cooperation" is ill-suited. It is of course on this observation of inefficiency, consubstantial with the digital space, that the European Public Prosecutor's Office (EPPO) was designed and set up, which is not a cooperation, nor a "one-stop shop", but a body of the Union, acting locally for the Union, directly linked to Compliance concerns (➡️📝Frison-Roche, M.-A. "The European Public Prosecutor's Office is a considerable contribution to Compliance Law", 2021 and ., European Public Prosecutor's Office comes on stage: the company having itself become a private prosecutor, are we going towards an alliance of all prosecutors ?, 2021).
So that's what we should be inspired by.
June 14, 2021
Compliance: at the moment
► Do Compliance and Democracy have a relationship? China replies: no. Europe responds and must respond: they are intimate. The definition of Compliance Law is therefore essential.
In an interview of great clarity given in French to the Newspaper Les Echos on June 2, 2021, about Brexit, China and Russia (➡️📝 "Brexit, Chine, Russie : les confidences de la diplomate Sylvie Bermann"), Sylvie Bermann reminds the evolution of China. She sums up the situation as follows: « La Chine ne veut pas dominer le monde, elle veut être la première et surtout qu'on ne puisse pas lui imposer un système, la démocratie » ("China does not want to dominate the world, it wants to be the first and above all that no one can impose on it a system, Democracy,").
This is reflected in China's conception of Compliance Law. If one defines Compliance Law only as a "method" for the effectiveness of rules, consisting of a kind of "Ex Ante enforcement process" leading to 100% effectiveness of regulations by subjects who must show to everyone the respect they have for these regulations and who are rewarded by this proof thus given, then China, in its current use of Law, illustrates exactly this definition: subjects, individuals and companies, prove their "obedience" to rules - whatever the rules" substantial content -, which is evaluated ("rating") and rewarded, in a mechanical reign of the Ex Ante, served by technologies. Democratic mechanisms are not required; they are even disturbed, because they interfere with the efficiency of the system. The technological and purely technocratic conception of Compliance ("Regulation by data", for example) uses the same definition of Compliance Law, which leads to choose algorithms’ efficiency.
Europe must keep going to make another choice: European Compliance was born out of the Court of Justice of the European Union’s case law, in the 2014 judgment, Google Spain (➡️📝CJEU, Google Spain, May 13, 2021), to protect the person by inventing a subjective right: the right to be forgotten, in a digital space with infinite memory. Based on the Rule of Law, Compliance Law is then defined by its Monumental Goals, which are the protection of people and puts the judge at the center. It is the reverse of Chinese mechanics.
Therefore, they are definitions that lead the world: about the definition of Compliance Law by "Monumental Goals", see ➡️📅 the 2021 cycle of colloquia co-organized by the Journal of Regulation & Compliance (JoRC) and its university partners on Monumental Goals; on the technical influence of this definition on "Compliance tools" ➡️📕see Frison-Roche, M.-A., Legal Approach to Compliance Tools: Building by Law the unity of Compliance Tools from the definition of Compliance Law by its "Monumental Goals", 2021.
Nov. 25, 2020
Thesaurus : 06.1. Textes de l'Union Européenne
Full reference: Directive (EU) 2020/1828 of the European Parliament and of the Council of 25 November 2020 on representative actions for the protection of the collective interests of consumers and repealing Directive 2009/22/EC
Nov. 23, 2020
Interviews
Full reference: Frison-Roche, M.-A., Facebook: Quand le Droit de la Compliance démontre sa capacité à protéger les personnes (Facebook: When Compliance Law proves its ability to protect people), interview with Olivia Dufour, Actu-juridiques Lextenso, 23rd of November 2020
Read the interview (in French)
Read the news of the Newsletter MAFR - Law, Compliance, Regulation about this question
Nov. 18, 2020
Conferences
🎥Compliance Law, an adequate legal framework for GAIA-X, in 🧮GaiaX Summit2020, The World with GAIA-X
► Full Reference: M.-A. Frison-Roche, "Compliance Law, an adequate legal framework for GAIA-X", in Pan-European GAIA - X Summit, The World with GAIA-X, November18, 2020.
____
🧮See the general presentation of the Summit
____
📈See the slides, basis of this intervention.
____
► Summary of the intervention: Europe may offer an adequate legal framework for the GAIA-X project through Compliance Law. Compliance Law is a new form for Regulatory Law, driven by "Monumental Goals", negative Monumental Goals, for instance prevention of systemic failures, and positive Monumental Goals, for instance innovation or stability. This very new branch of Law works on these Monumental Goals, which must be explicit and internalized in Crucial Enterprises. These Crucial Enterprises concretize these Goals, supervised by public Authorities.
European Compliance Law already works, for instance about Personal Data protection (case law and GDPR) or prevention banking systemic failures (Banking Union), Compliance Tools being in balance with Competition principle. European Union Law is moving from the Ex-Post Competition Law to the Ex-Ante Compliance Law, internalizing Monumental Goals in Crucial Enterprises.
There is a perfect adequacy between European Compliance Law and GAIA-X. This project built by Crucial Enterprises must be supervised by public authority, maybe a specific or the European Commission. The governance of GAIA-X must be transparent and accountable. This private organization must use it powers in respect of the proportionality principle, controlled by the public supervisory body. The legal framework is required but it is sufficient.
___
📈see the slides, basis of this intervention.
____
🎥watch the video of this intervention.
________
Nov. 1, 2020
Newsletter MAFR - Law, Compliance, Regulation
Full reference: Frison-Roche, M.-A., Due process and Personal Data Compliance Law: same rules, one Goal (CJEU, Order, October 29, 2020, Facebook Ireland Ltd v/ E.C.), Newsletter MAFR - Law, Compliance, Regulation, 1st of November 2020
Read by freely subscribing other news of the Newsletter MAFR - Law, Compliance, Regulation
Read Marie-Anne Frison-Roche's interview in Actu-juridiques about this decision (in French)
Summary of the news:
As part of a procedure initiated for anti-competitive behaviors, the European Commission has three times requested, between the 13th of March and the 11th of November 2019, from Facebook the communication of information, reitarated in a decision in May 2020.
Facebook contests it alleging that the requested documents would contain sensitive personal information that a transmission to the Commission would make accessible to a too broad number of observers, while "the documents requested under the contested decision were identified on the basis of wideranging search terms, (...) there is strong likelihood that many of those documents will not be necessary for the purposes of the Commission’s investigation".
The contestation therefore evokes the violation of the principles of necessity and proportionality but also of due process because these probatory elements are collected without any protection and used afterwards. Moreover, Facebook invokes what would be the violation of a right to the respect of personal data of its employees whose the emails are transferred.
The court reminds that the office of the judge is here constraint by the condition of emergency to adopt a temporary measure, acceptable by the way only if there is an imminent and irreversible damage. It underlines that public authorities benefit of a presumption of legality when they act and can obtain and use personal data since this is necessary to their function of public interest. Many allegations of Facebook are rejected as being hypothetical.
But the Court analyzes the integrality of the evoked principles with regards with the very concrete case. But, crossing these principles and rights in question, the Court estimates that the European Commission did not respect the principle of necessity and proportionality concerning employees' very sensitive data, these demands broadening the circle of information without necessity and in a disproportionate way, since the information is very sensitive (like employees' health, political opinions of third parties, etc.).
It is therefore appropriate to distinguish among the mass of required documents, for which the same guarantee must be given in a technique of communication than in a technic of inspection, those which are transferable without additional precaution and those which must be subject to an "alternative procedure" because of their nature of very sensitive personal data.
This "alternative procedure" will take the shape of an examination of documents considered by Facebook as very sensitive and that it will communicate on a separate electronic support, by European Commission's agents, that we cannot a priori suspect to hijack law. This examination will take place in a "virtual data room" with Facebook's attorneys. In case of disagreement between Facebook and the investigators, the dispute could be solved by the director of information, communication and medias of the Directorate-General for Competition of the European Commission.
___
We can draw three lessons from this ordinance:
__________
Oct. 22, 2020
Interviews
Full reference: Frison-Roche, M.-A., "Health Data Hub est un coup de maître du Conseil d'Etat", interview realized by Olivia Dufour for Actu-juridiques, Lextenso, 22nd of October 2020
Read the news of 19th of October 2020 of the Newsletter MAFR - Law, Compliance, Regulation on which relies this interview: Conditions for the legality of a platform managed by an American company hosting European health data: French Conseil d'Etat decision
To go further, on the question of Compliance Law concerning Health Data Protection, read the news of 25th of August 2020: The always in expansion "Right to be Forgotten": a legitimate Oxymore in Compliance Law built on Information. Example of Cancer Survivors Protection
Oct. 19, 2020
Newsletter MAFR - Law, Compliance, Regulation
Full reference: Frison-Roche, M.-A., Conditions for the legality of a platform managed by an American company hosting European health data: French Conseil d'Etat decision, Newsletter MAFR - Law, Compliance, Regulation, 19th of October 2020
Read by freely subscribing the other news of the Newsletter MAFR - Law, Compliance, Regulation
___
News Summary: In its ordinance of 13th of October 2020, Conseil national du logiciel libre (called Health Data Hub), the Conseil d'Etat (French Administrative Supreme Court) has determined the legal rules governing the possibility to give the management of sensitive data on a platform to a non-europeans firm, through the specific case of the decree and of the contract by which the management of the platform centralizing health data to fight against Covid-19 has been given to the Irish subsidiary of an American firm, Microsoft.
The Conseil d'Etat used firstly CJEU case law, especially the decision of 16th of July 2020, called Schrems 2, in the light of which it was interpreted and French Law and the contract linking GIP and
The Conseil d'Etat concluded that it was not possible to transfer this data to United-Sates, that the contract could be only interpreted like this and that decree and contract's modifications secured this. But it observed that the risk of obtention by American public authorities was remaining.
Because public order requires the maintenance of this platform and that it does not exist for the moment other technical solution, the Conseil d'Etat maintained the principle of its management by Microsoft, until a European operator is found. During this, the control by the CNIL (French Data Regulator), whose the observations has been taken into consideration, will be operated.
We can retain three lessons from this great decision:
___________
Read the interview given on this Ordinance Health Data Hub
To go further about the question of Compliance Law concerning health data protection, read the news of 25th of August 2020: The always in expansion "Right to be Forgotten": a legitimate Oxymore in Compliance Law built on Information. Example of Cancer Survivors Protection
Oct. 9, 2020
Newsletter MAFR - Law, Compliance, Regulation
Full Reference : Frison-Roche, M.-A.,Attorney's Professional Secret & Filter mechanism in balance with fighting Money Laundering: constitutional analysis in favor of Attorney's Secret, Newsletter MAFR - Law, Compliance, Regulation, October 9, 2020.
Summary: By its judgment of September 24, 2020, the Constitutional Court of Belgium released an essential judgment which considers:
- Compliance Law which imposes obligations on entities to fight against money laundering and the financing of terrorism is legal requirements which must be analyzed on the basis of these goals
- the national transposition law is "broader" than the transposed European texts since it is anchored in the Constitution
- the provisions of the law imposing the declaration of suspicion on an employee of the Attorney or on a Compliance Officer concerning information covered by the professional secrecy of the Attorney, the basis of Democracy, must therefore be canceled.
This reasoning is remarkable and very solid.
It is not unique to Belgium.
Lire par abonnement gratuit les autres News dans la Newsletter MAFR - Law, Compliance, Regulation
Oct. 6, 2020
Thesaurus : 05. CJCE - CJUE
Full reference: CJEU, Grand Chamber, 6th of October 2020, Privacy International c/ Secretary of State for Foreign and Commonwealth Affairs, C-623/17.
Read the summary of the judgment (in French)
Sept. 28, 2020
Thesaurus : Soft Law
Full reference: Giuliani-Viallard, A., The Europe of Compliance, at the heart of tomorrow's world. For a transformation of our European businesses and the upturn in their international competitiveness, European Issue, n°572, policy paper from the Robert Schuman Foundation, 28th of September 2020, 3 p.
Sept. 9, 2020
Newsletter MAFR - Law, Compliance, Regulation
Full reference: Frison-Roche, M.-A., Freedom&Media: when Italian Media Regulation's real "goal" is not Pluralism Protection, Freedom of Establishment prevails (CJEU, 3 Sept.2020,Vivendi), Newsletter MAFR - Law, Regulation, Compliance, 9th of September 2020
Read by freely subscribing other news of the Newsletter MAFR - Law, Regulation, Compliance
Summary of the news
The media sector is organized on an equilibrium between the principle of competition and other concerns like information pluralism. Generally, competition Law by making market accessible to many competitors ensures information pluralism. But, this is not the case if an operator get an excessive market power, running risk not only for competition but also for information pluralism. It is the reason why the Italian legal system forbids the constitution of an operator gathering more than 40% of the total income generated by the media sector or more than 10% of the total income generated by the Italian communication sector.
In 2016, Vivendi, a French media group, got more than 28% of the Mediaset Group's actions and around 30% of its voting right. The Italian communication regulation authority sized by Mediaset demands in 2017 to Vivendi to ends its participations in the group Mediaset. Vivendi contested this decision before the regional administrative court which referred to the Court of Justice of the European Union in order to know if freedom of establishment can legitimately be discarded in favor of information pluralism in this concrete case. The Court of Justice answered, in a decision of 3rd of September 2020, that the restriction of the freedom of establishment can in principle be justified by a general interest objective such as information pluralism protection but that in this concrete case, this is not justified because the fact that a firm is committed in the transmission of contents does not necessarily give it the power to control the production of such contents.
We can learn three lessons form this case:
Sept. 7, 2020
Newsletter MAFR - Law, Compliance, Regulation
Full reference: Frison-Roche, M.-A., Conflict of interests & "revolving doors": what the European Ombudsman said in May 2020, the European Banking Authority agreed in August.Three lessons, Newsletter MAFR - Law, Compliance, Regulation, 7th of September 2020
Read by freely subscribing other news of the Newsletter MAFR - Law, Compliance, Regulation
Summary of the news:
Supervision and regulation authorities' impartiality and independence are conditioned to the fact that their members do not have any conflict of interest with the sector that they supervise or regulate. Such an absence of conflict of interest is necessary to guarantee a climate of trust between the authority and operators. This supposes that regulation and supervision authority members do not cumulate functions of operator and of regulator/supervision during but also after their mandate in the regulation/supervision authority because the anticipation of a future hiring can influence present decisions.
On 2nd of August 2019, the executive director of the European Banking Authority (EBA) informed the authority of its willingness to become PDG of the Association des marchés financiers en Europe, lobby of the financial sector. EBA approved this perspective. However, "Change Finance", a civil coalition, sized the European Mediator explaining that such a professional reorientation created an inevitable conflict of interest. The European Mediator reacted on 7th of May 2020 through a recommendation saying that although EBA took preventive measures, theses measures are not sufficient with regard to the risks. In this recommendation, the European Mediator also made some general propositions to manage future conflicts of interest:
In a letter of 28th of August 2020, the president of EBA told to the European Mediator that he accepts these remarks and propositions.
In this particular case, we can draw three lessons:
June 17, 2020
Thesaurus : Soft Law
Full reference: White Paper on Leveling the Playing Field as Regards Foreign Subsidies adopted by European Commission on 17th of June 2020, 49p.