Smart chips in your clothes, groceries, e-tickets

One of the worries with regards to consumers' privacy protection is that consumers often remain unaware of their data being gathered and processed by a specific party. This lack of awareness and/or knowledge reduces the consumers' ability to control their own data. With this in mind, a new EU-wide logo is being introduced that is meant to inform consumers which products/services they buy or use include a Radio Frequency Identification (RFID) technology, which means they contain a smart chip that allows traders' to track them. This technology is useful to traders since it benefits stock management and theft prevention. Still, it was questioned whether it sufficiently protected consumers, that is whether, for example, these smart chips were always successfully deactivated upon purchase and, therefore, consumer tracking was excluded. The new logo and data protection impact assessments that developers of RFID applications need to comply with are meant to ensure consumer privacy, pursuant to EU Data Protection rules. In general, the products will have to be more clearly labelled as containing these smart chips, consumers should be informed which data of theirs is being gathered and what devices could access it, etc. (Digital privacy: EU-wide logo and "data protection impact assessments" aim to boost the use of RFID systems)

Green paper on the Safety of Tourism Accommodation Services

The European Commission opened yesterday a public consultation with regard to the consumer safety when using tourism accommodation. While it is up to the Member States to assure the safety of tourism accommodation services, the European Commission recognizes that due to the often cross-border character of these services some quality and safety measures' standardisation could be needed. Even if as the result of the consultation it is decided that the measures used in different Member States do not need to be harmonised despite their variety, it may be necessary to ensure better information provision to tourists, so that they know what safety standards to expect in which countries and that their protection is adequate across Europe. The consultation is open until 30 November 2014 and the questionnaire may be filled by anyone interested in this matter on this website. The Green Paper is available here. We will report on the results of this consultation and any further steps taken in this legislative area next year.

IACL 2015 conference flyer and update

The talented Irene Falgueras López designed our first conference flyer (see below). Please feel free to share and drop me a line if you would like to receive a .pdf file version thereof. In the meantime, registration details for the conference have been added to our website. We expect registration to open around September this year. Remember that the call for papers is open until the 15th of November. We will be able to offer a few scholarships (conference fee waiver), at our discretion, to young authors (under the age of 35) coming from Asia, Africa and Latin America whose submissions distinguished themselves among all the answers to our call for papers.

EU Council on access to banking services and e-signatures

Yesterday the EU Council of Ministers adopted the Directive on the transparency and comparability of payment account fees, payment account switching and access to a basic payment account. As we have previously mentioned (Easy money), this new Directive aims to increase the transparency of payments in the EU, as well as ensure that EU citizens are able to open a basic account in any Member State regardless whether they are resident in it or what their financial situations looks like. The implementation deadline for the Member States is two years. (The right to a basic account for all European citizens: Commission welcomes Council adoption)

***

The Council has also adopted a new Regulation on electronic identification, which aims at improving online cross-border transactions by enhancing trust in electronic transactions (see earlier post: Parliament endorsing proposed EU e-signature). It will allow parties involved in e-commerce to easily recognised and authenticate electronic transactions, and this mutual recognition is planned to occur in 2018. (Council adopts electronic identification rules)

Green paper on geographical indications (GIs) for non-agricultural products

Scottish tartans soon protected as GI?

While others are on holiday, the Commission launched a Green Paper consultation on a possible extenision of geographical indication protection to non-agricultural products. All interested stakeholders are invited to send their comments and suggestions by 28 October 2014.

A GI is a sign, usually a name, used on goods that have a specific geographical origin and possess qualities, characteristics or a reputation essentially attributable to that place of origin. Contrary to other intellectual property rights such as trademarks or patents, GIs are available to all producers whose products originate in the defined geographical area and comply with the specifications set out for the GI.

To date, unitary GI protection at EU level is provided for wines, spirit drinks, aromatised wines, agricultural products and foodstuff only. However, the EU is bound by rules on protecting GIs under TRIPS, which covers both agricultural and non-agricultural products.

If you are interested in how non-agricultural products are protected as GIs in the Member States at the moment, have a look at this study mandated by the Commission. Enjoy the rest of the summer!

BEUC discussion paper on cloud contracts

Last October, an expert group on cloud computing contracts was established by the European Commission. In a recent discussion paper, consumer organisation BEUC listed a number of questions relevant to the work of the expert group on 'unfair terms in cloud computing service contracts'. These cover a wide range of issues, including (with emphasis added):

'- What elements should be taken into account to assess unfairness by lack of transparency?

- [C]lauses [that establish consumer obligations not proportionate to those of the trader] could be considered unfair under the general unfairness test of the Unfair Contract Terms Directive. Do you think there are elements specific to cloud computing services that should be taken into account to establish the lack of balance in the parties’ rights and obligations?

Would the assessment of these elements be different in paid and ‘free’ cloud computing contracts?

- To what extent suppliers of cloud computing services should obtain, for the mere access to the website, the explicit consent of consumers in order to ensure that they are aware of the contractual conditions (if the accessibility implies the conclusion of a contract)?

Would it be necessary to distinguish between the agreement on the contract terms and the agreement on the collecting and processing of personal data?

- Would it be appropriate that the contract provides specific cases in which the supplier is entitled to suspend the services that are the subject of the contract? Should these cases differentiate between contracts in which the contracting party is a consumer or a SME?

Should we envisage the need that the suspension of the services is preceded by a notice to user (that, in the specific cases of delay or failure in payments, gives to user a time limit within which he may fulfill)?

- How these clauses should incorporate the CRD requirements? For example, should the clause indicate that the consumer’s relevant means of payment (e.g. credit, debit card) will be charged only after he or she explicitly agrees so at the end of the trial period?

- Should the authoritative language version be the one used for the conclusion of the contract taking into account the pro-consumatore interpretation principle of the unfair contract terms directive?

Would this situation be different in a contract in which one party is a SME?

- Is it possible to identify basic elements that should be included in arbitration clauses of cloud computing service contracts (e.g. distinction between internal complain handling and independent ADR; non-mandatory and / or biding nature of the arbitration settlement)?

- Is it justified to request the consumer’s agreement to grant a licence over the content he/she supplied and that is protected under copyright law? To what extent this would be necessary to develop innovative cloud-based products?

If the answer to the first question is possible, under what circumstances that licence would be necessary? Is it necessary to make a distinction between paid and ‘free’ services?

- The framework of Directive 95/46/EC, national legislation and the interpretation of the Article 29 Working Party defines when the consent is valid. However, if the consumer has no choice but to accept, can this consent be considered ‘free’?

- Taking into account the requirements of Directive 95/46/EC, to what extend these types of clauses should be considered unfair?

Do you think that this type of processing of personal data is necessary to the development of innovative cloud services?

- Under what circumstances would it be justified to (legally) allow an exoneration of liability of the supplier of cloud computing services (e.g. due to the influence of external factors)?

- How these clauses [on contractual limitation of compensation due by the supplier] could be re-written in order to comply with the specific provisions of the unfair contract terms directive? Should we make a difference between paid and ‘free’ cloud service contracts?

- If the supplier assigns the contract or some rights or obligations deriving from it, it would be envisage the obligation for the supplier to inform the user, giving him the possibility to terminate the contract?

- What minimum elements should be included in jurisdiction and applicable law clauses? Would it be sufficient a disclaimer claiming that the consumer may be protected under his own legislation or it is necessary to be more specific?

- Despite the fact that in any event, the cloud provider has to comply with its obligations according to Articles 10, 11 and 14 of Directive 95/46/EC, do you think that in these situations [of transfer of personal data in corporate mergers] the consumer should be given with the possibility to withdraw from the contract?'

Self-regulation of in-app purchases

We have mentioned previously on this blog the need for better consumer protection against misleading applications that consumers use while gaming online on their mobile devices or computers (Misleading apps). While the apps market is growing, it needs to be ensured that consumers are not victims of such practices like, e.g.: when they are offered a game for 'free', but playing it actually requires purchasing various extensions; children or adults are targeted within the game for purchase purposes; consumers are often paying through default settings without realizing the full extent and conditions of the payment; no possibility to complain to the trader since there is no information given on how to contact him. (In-app purchases: Joint action by the European Commission and Member States is leading to better protection for consumers in online games)

The EU Consumer Protection Cooperation network of national enforcement authorities works closely with Apple, Google and the Interactive Software Federation of Europe and have asked these representatives of the market in December 2013 to develop standards that would apply to all online applications. This month a position paper has been published evaluating the solutions suggested by Google and Apple to the above-mentioned issues. ISFE has not proposed any specific measures to its members.

•  Misleading advertising of games as 'free'

• Apple adds a text 'In-App Purchases' close to the download button, but the apps themselves are still advertised as free and the font of the text 'In-App Purchases' is smaller and more difficult to read than the word 'FREE'; it is not clear whether all games, which has been marked this way, have only optional in-app purchases.
• Google has removed the word 'free' where its online games contain in-app purchases possibilities and publishes a clear information about the presence of in-app purchases possibilities; it also considers as of 30 September 2014 publishing of the price range information of all the in-app purchases offered by specific games. These solutions are considered compliant by the CPC network.

•  Exhortations to children

• Apple claims that it informs its developers (through standard contract terms and conditions) that they need to comply with all relevant legal requirements and, therefore, Apple feels that its the developer's responsibility if they infringe EU or national laws; while Apple suggests to help enforcement authorities with taking down any illegal apps, its solutions are not far-reaching enough considering that Apple, as a platform for these illegal apps, has an obligation to take them down.
• Google set a special email address for contact with CPC and European Commission about infringements of EU law appearing on its platforms. It also promises to draw attention of its developers worldwide to limitations of the UCPD that could apply to online games introduced on the EU market (by 31 July 2014). A review, warning and ban system has also been implemented for developers whose products are non-compliant with EU law.

• Information about and consent to purchase

• Apple has not made any clear commitments as to improving the information about payment and obtaining consent for it. CPC believes that the 15 minutes' payment window currently offered by Apple should not remain the default setting in the future. Consumers should be at least offered a choice to have to authorize each payment individually and this choice should be presented neutrally with no default having been chosen. This choice should be regularly and repeatedly presented to consumers. Additionally, consumers should give an explicit consent to each in-app purchase separately and could be given a possibility to set maximum amounts for in-app purchases made without individual payment authorization. Apple at the moment seems not to be compliant with the CRD's requirements.
• By 30 September 2014 Google intends to implement a choice of three settings for consumers: a password requirement for every purchase; a password requirement every 30 minutes; or never a password requirement (with a prominent warning displayed about possible unauthorized purchases). The setting chosen by the first purchase would apply for subsequent ones. Google could improve this information by reminding consumers at intervals about settings chosen by them and offering them a choice to change them. Moreover, it still needs to obtain explicit consent to every purchase from its consumers.

• Provision of the trader's email address

• While Apple proposes to create and display an email address that could be used by consumers to contact Apple with regards to their purchases on Apple's platforms, it has not provided any details about the implementation of this system yet.
• By 30 September 2014 Google will display geographical address of the developer next to the already given developer's online details. Additionally, Google proposes to set time limits for developer's response to consumer communication.

As we can see from the above summary, Google is more cooperative with the European Commission and the CPC Network than Apple. Of course, it remains to be seen whether that cooperation will translate into more efficient end effective enforcement.

Aziz continued - CJEU judgment in Case C-169/14 Sánchez Morcillo and Abril García v Banco Bilbao

In the wake of the European Court of Justice's groundbreaking judgment in Aziz (on which we reported last year), a number of cases regarding the compliance of Spanish law on mortgage enforcement with EU consumer law is now making its way through preliminary reference proceedings. In a judgment handed down this morning, the CJEU again came to the conclusion that the Spanish rules on enforcement of mortgages do not live up to the standards of the Unfair Terms Directive. This time, moreover, on invitation of the referring judge, the Court explicitly grounded its assessment on Article 47 of the EU Charter of Fundamental Rights, which safeguards the right to an effective remedy and a fair trial in accordance with the principle of equality of arms.

The case of Sánchez Morcillo and Abril García v Banco Bilbao once more concerns the weak position of consumers under Spanish law regarding the enforcement of mortgage contracts by banks. The home owners found themselves in the position where the contract allowed the bank to claim payment of the entire amount of the mortgage loan upon the failure to pay a certain number of monthly instalments. Since a considerable number of Spanish debtors are not able to pay back the entire sum at once - they are already having difficulty keeping up with the monthly instalments because of the consequences of the economic crisis -, many find themselves at risk of losing their family homes. In the present case, the CJEU showed awareness of this societal context by accelerating the preliminary reference procedure so as to diminish the risk that the house would already be sold before the Court's ruling (see the Court's order on this matter).

The referring judge particularly questioned the (in)equality of procedural defense mechanisms available to the parties involved in mortgage enforcement proceedings. Article 695(4) of the Spanish Law on Civil Procedure stipulates that in such cases appeals may only be brought against a judicial order staying the proceedings or displaying an unfair contract term. This effectively offers the bank a possibility to immediately appeal against the sustenance of a home owners objection to enforcement, whereas the party against whom enforcement is sought (the owner of the house) may not appeal if his or her objection is dismissed. The national judge in the present case doubts whether this is in line with the consumer protection offered under the Unfair Terms Directive, read in combination with Article 47 of the EU Charter.

An interesting side note: As the CJEU points out (par. 30), the question arising in this case is a direct consequence of the reform of Article 695(1) of the Law on Civil Procedure following the Aziz judgment. Following this reform, the court hearing the enforcement proceedings can now stay these while a judgment on the (un)fairness of the contract terms is pending. In that situation, Article 695(4) allows the bank to appeal against the staying of proceedings, whereas the debtors do not have similar possibilities in case their objection to enforcement is dismissed.

According to the CJEU, the relevant provisions of EU law indeed preclude a rule such as Article 695(4) of the Spanish procedural code, which gives the bank (creditor) an unjustified advantage in respect to the home owner (debtor). The Court considers that the Spanish system of mortgage enforcement does neither offer adequate nor effective protection (in the sense of Article 7 of the Unfair Terms Directive) to home owners, insofar as it still does not effectively prevent unjustified evictions: A judge in enforcement proceedings may assess the unfairness of contract terms, but this assessment is not mandatory and bound by time restrictions. Furthermore, in case a judge in parallel proceedings eventually establishes that the terms of the mortgage contract were unfair, the consumer can only claim monetary compensation (par. 43; this is what happened in Aziz). In addition, now, the procedural defenses available to the consumer are of a much weaker nature than those available to the bank, as is underlined in the present case - Spanish law does, thus, not respect the principle of equality of arms or procedural equality, safeguarded by Article 47 of the Charter.

In sum, Sánchez Morcillo is another quite far-reaching decision of the CJEU which has important implications for the development of adequate remedies against the infringement of EU consumer law. A point that draws the attention is the interaction between national and supranational judiciaries in this field, in which the principle of effectiveness functions as leverage for 'upgrading' national laws to EU standards. The constitutionalisation of this process is something that has already drawn the interest of scholars (e.g. Norbert Reich, in his new book on 'General Principles of EU Civil Law') and is likely to obtain greater significance while the percentage of references to the Charter in CJEU case law is growing.

Annual Conference on European Consumer Law 2014

The Academy of European Law (ERA) organizes in Trier on 9-10 October 2014 the Annual Conference on European Consumer Law. This year the conference will focus on: 

-        Consumer Rights Directive, 

-       Enforcement of the Unfair Commercial Practices Directive, 

-       Current consumer challenges in the digital world, 

-       Developments in the area of financial services, 

-       Latest case law of the CJEU on consumer issues,

-       Reform of the Package Travel Directive and the Air Passengers’ Rights Regulation.

For more information see here.

Conference: EU Law in the Member States. Air Passenger Rights, 10 Years on.

On 26 and 27 September 2014 at the College of Europe in Bruges (Belgium) the conference "EU Law in the Member States. Air Passenger Rights, 10 Years on" is organized by the College of Europe and by the Oxford University Institute of European and Comparative Law. Obviously, invited speakers will address various issues concerning Regulation 261/2004 on Air Passengers' Rights. For more information see here.