I have been asked to comment on the European Court of Justice decision of October 18 relating to the application of public procurement rules to a drug supply arrangement between a privately owned hospital and a public hospital.
Last week the PIP legal saga took another unexpected turn.
On October 10, 2018 the French Court of Cassation overturned the decision of the Appeal Court, which had cleared from liability TUV Rheinland, the notified body involved in the PIP case, and sent the case back to the Appeal Court.
Breast implants made by the French firm Poly Implant Prothèse (also known as “PIP”) had been marketed for years until, in 2010, it was discovered that silicone used for such breast implants was industrial, rather than biomedical. The investigation found that employees of PIP removed evidence of the industrial silicone gel before inspections by TUV Rheinland, the notified body who was in charge of audits on the manufacturing of the breast implants.
Breast implants are medical devices that may be marketed in the European Union if they are granted a CE marking, which is based on the certification by a notified body that the device satisfies legal requirements. The scandal, although linked to a criminal scheme, showed certain weaknesses of the medical device legislation and ultimately led to the adoption of the EU Medical Device Regulation in 2017.
PIP closed down in 2010 and, although its founder was jailed and fined, the many thousands of affected women could not be compensated by PIP. TUV Rheinland was initially condemned for negligence in 2013 and ordered to pay damages of 5.7 million euros, but was later cleared from liability by a French Appeal Court in 2015.
The Court of Cassation has now sent back the case to the Court of Appeals in order to shed light on two issues. TUV’s press release on the decision can be read here. According to Maître Cécile Derycke, Counsel for the TÜV Rheinland companies: “The TÜV Rheinland companies are serene. […] We are confident that the Court of Appeal to which the case has been referred back will confirm that TÜV Rheinland LGA Products GmbH performed its mission as a notified body diligently and in total compliance with the applicable regulations and TÜV Rheinland France SAS committed no fault.”.
Stay tuned to find out if TUV Rheinland’s is found to be a victim or a perpetrator in the PIP scandal… and if affected patients are entitled to compensation by TUV.
On September 12th the European Parliament approved amendments to the controversial Proposal for a Copyright Directive, the “Directive of the European Parliament and of the Council on Copyright in the Digital Single Market”, which aims at updating copyright rules.
Not many topics have polarized opinions in recent years in Europe. While supporters claim to have protected artists and to have inflicted a blow to the American tech giants, critics have talked about the “death of the internet”.
For clarity, even if the Directive passed the European Parliament vote, the changes are not yet definitive and it may be too early to conclude on what this decision entails. The Directive text shall be further reviewed in subsequent negotiations and there is still a slight chance that it may be rejected at another vote by the European Parliament in 2019. In addition, the Directive, even if (and when) definitely approved, should be implemented by single Member States.
But which results does the Directive aim to achieve?
Its scope and purpose appear based on the evolution of digital technologies, which has changed the way copyright works and other protected material are created, produced, distributed and exploited, with the consequence that new uses, new payers and new business models have emerged. The digital environment has given birth to new opportunities for customers to access copyright-protected content. In this new framework, right-holders face difficulties to be remunerated for the online distribution of their works. So, even if the objectives and principles laid down by the EU copyright framework remain valid, there is an undeniable need to adapt them to the new reality.
The Directive also intends to avoid the risk of fragmentation of rules in the internal market. In fact, the Digital Single Market Strategy1 adopted in May 2015 identified the need «to reduce the differences between national copyright regimes and allow for wider online access to works by users across the EU». The idea expressed in the 2015 by the European Commission was to «move towards a modern, more European copyright framework». The EU legislation purports to harmonize exceptions and limitations to copyright and connected rights, however some of these exceptions, which aim at achieving public policy objectives, such as research or education, remain regulated on national level, with the consequence that legal certainty around cross-border uses is not guaranteed.
As to the content of the Directive, we note the following points:
The Directive has been designed with the intent to rebalance the core problem of contemporary web: big platforms like Facebook and Google are making huge amounts of money providing access to material made by other people. Nevertheless critics object that this intent could lead to serious collateral effects.
We will see what the future of this Directive will be, and which consequences will entail. The path seems to be still long, but, at least, it has started.
Who’s Who Legal just published its 2018 rankings, highlighting the leading practitioners recognized “for their excellent work across the full spectrum of life sciences law”.
Our very own Paola Sangiovanni has been recognized among the top three most highly regarded practitioners in the life sciences legal industry in Italy. Here’s what Who’s Who Legal says about Paola:
«The “fantastic” Paola Sangiovanni at Gitti and Partners is “a truly dedicated life sciences expert”, who is considered “a great deal-maker”. Her transactional expertise in the life sciences space is in high demand, thanks to her “client-focused approach and excellent service”».
We are very proud to share such a terrific achievement with our clients and friends, and we would like to thank you all for your continued support!
Finally (!), the Italian government has enacted a legislative decree that amends the existing Data Protection Code in order to ensure its compliance with the GDPR. Additionally, the Italian legislator has filled the gaps that the GDPR had left to Member States.
Here are the main takeaways in the health area:
We have interviewed Dr. Peytee Grusche, special counsel at the Australian law firm Russell Kennedy, to ask about her view on GDPR. Peytee assists clients in the areas of research and development, commercialisation of intellectual property, patent, trade mark and design registration and enforcement.
Do Australian companies care about GDPR, and why?
Yes, Australian companies do care about the GDPR if they have an establishment in the European Union (EU), if they offer goods and services in the EU, or if they monitor the behaviours of individuals in the EU. Also, if Australian businesses are recipients of personal data, then they will be caught by the provisions of the GDPR.
Have you seen significant compliance efforts?
We have had clients request advice on their privacy policies in order to update them to include compliance with the GDPR. In particular, where AU businesses are recipients of personal data advice, on standard data protection clauses and binding corporate rules. Also, we have received instructions for advice on compliance with GDPR in respect of direct marketing practices (mailouts, newsletters etc).
How would you compare the GDPR to Australian data protection legislation?
The GDPR and the Australian Privacy Act 1988 have much in common including the requirement to show that businesses comply with the privacy principles. However, there are some differences under the GDPR which do not appear in the Australian Privacy Act 1988 including a number of rights for individuals.
Under the GDPR, individuals have the rights to erasure, right to data portability and right to restriction of processing. The Australian Privacy Act does not include the equivalent rights to these new rights. However, it specifies that business must take reasonable steps to destroy or de-identify personal information that is no longer needed for a permitted purpose. Additionally, where access is given to an individual’s personal information, it must generally be given in the manner requested by the individual.
What is the preferred strategy of Australian companies who face different standards in data protection legislations around the world?
Thank you, Peytee!
Last May 25 the GDPR came into force. It was hard not to notice given the inundation of emails that everyone received, as well as the clear signs of burnout in the eyes of GDPR experts.
Here are my personal top 3 takeaways from that experience:
Paola Sangiovanni will be speaking at a seminar on GDPR on May 3, 2018 at Gitti and Partners’ office in Brescia.
The seminar, followed by a reception, will focus on DOs and DONTs for small and medium enterprises in the field of data protection.
While Italians are still awaiting the enactment of a national data protection law that will clarify the relationship between GDPR and the previous privacy legislation, GDPR compliance efforts must nonetheless continue.
Join us in this interesting seminar to find out what should be done and what should be avoided!
Ready for the weekend? I have these article on my reading list: perhaps you, too, may enjoy some food for thought on some of the hottest topics in the fields of law and innovation:
Whatever you will be reading, have a great weekend!
Paola Sangiovanni will be speaking at the Paperless Lab Academy event (http://www.paperlesslabacademy.com/) on March 20, 2018 in Baveno (NO), Italy, on the topic of the impact of the new GDPR for science.
Sofie van der Meulen, Senior Supervision Officer at Dutch Data Protection Authority, will offer a special introduction titled “Why Privacy Matters”.
This promises to be an interesting event. See you there!