7 February 2024

Newsletter n°1 (January 2024)

✨ARTIFICIAL INTELLIGENCE ✨

➡️ Launch of a French “human creation” label in the publishing world. Firsh Launch on a worldwide basis!

A label has been launched in France to guarantee that a book is indeed the fruit of “human creation”. Behind this certification is a French company and the self-publishing house Librinova.

The process would be as follows for the author:

1) the author signs a contractual undertaking in which he or she guarantees that all elements of his or her creation have been produced exclusively by human means;

2) automated verification, using software

3) an interview with the author by an auditor, who then proceeds to a sample reading of the work.

The (private) service would cost 49 euros – a certain percentage would go to Librinova to remunerate this engagement and verification work.

Fish already notes that the European regulation (IA Act) adopted on December 9, 2023 (which must now be formally adopted by the European Parliament and the European Council, and then by the Member States, in order to become law immediately applicable in the 27 Member States by 2026) does indeed impose a transparency and information standard: all players who put an AI on the market will have to comply with an obligation of transparency, informing consumers about the product that has been created by AI and informing rights holders about the content that has been used to generate it.

♠ FIRSH tip: the initiative is welcomed, consumers rather readers will make their choices with full knowledge of the facts, happy reading!

****

➡️ IBM study: According to the “Global AI Adoption Index 2023” report, commissioned by IBM, IT professionals are calling for AI to be trusted and governed.

Firsh describes the trends for France:

large French companies (< 1000 employees) are actively using AI in their business. 45% of companies even intend to accelerate and increase investment in this technology

France is in the middle of the pack when it comes to accelerating investment in AI, with a rate of 45%. China (85%), India (74%) and the United Arab Emirates (72%) are the markets most likely to accelerate AI deployment, while companies in the UK (40%), Australia (38%) and Canada (35%) are the least likely to accelerate deployment
only half of these companies are taking key steps to achieve trustworthy AI, such as reducing bias (17%), tracking where data comes from (34%), ensuring they can explain the decisions of their AI models (37%) or developing ethical AI policies (36%)
the main obstacles to deployment they report are limited AI skills and expertise (25%), ethical concerns (19%)
missing use cases (18%) and high costs (18%)
consumers are more likely to choose services from companies with transparent and ethical AI practices (75% strongly or somewhat agree).

♠ FIRSH tip: Trustworthy AI is a must for French companies: it’s crucial to focus governance on trust and therefore develop AI according to an AI ethics and governance charter. Employee training is essential, and the use of AI needs to be clearly defined within the company. Working with biases and reliable data sources is essential.

✨ TECHNOLOGIES✨

➡️NIS2 directive to be transposed: how can we help small businesses and local authorities deal with cyber risks and challenges?

The NIS2 directive aims to standardize cyber practices and establish common standards for security and risk management. It has a broader scope of application, with higher thresholds and an increase in the sectors concerned. In principle, small or micro-enterprises (with fewer than 50 employees) are excluded from the scope of the directive. The directive now distinguishes between “highly critical sectors” and “other critical sectors”.

Obligations: In particular, companies must establish a security plan and risk management process to respond rapidly to any cybersecurity incident, and are required to report any incident or cyberthreat to the relevant national authority within 24 hours, and then disclose the incident to the public within 72 hours of its occurrence. The key word here is ANTICIPATION.

Heavy penalties (like the RGPD): in both cases, the highest amount is retained:

– fine of up to €10 million or 2% of annual sales, for essential entities (EE);

– fines of up to 7 M€ or 1.4% of annual sales, for important entities (EI).

Compliance deadline (in part): October 17, 2024.

✨PERSONAL DATA✨

➡️CNIL fines Yahoo! 10 million euros

The CNIL (French Data Protection Authority) received a number of complaints from users concerning the failure to take into account the refusal of cookies, and the obstacles encountered in withdrawing consent to the deposit of cookies on Yahoo!’s search engine and e-mail service. After an inspection, the CNIL found that :

did not respect Internet users’ choice with regard to cookies. Advertising cookies can only be placed when explicit consent has been given.
put in place measures to dissuade them from withdrawing their consent to the deposit of cookies, namely the loss of access to the messaging system. However, it must be possible to withdraw consent freely. As e-mail constitutes an important element of privacy, the user could not freely withdraw his consent.

The CNIL found that the company did not respect the choice of Internet users to refuse cookies on its “Yahoo.com” site, and did not allow users of its “Yahoo! Mail” messaging service to freely withdraw their consent to cookies. As a result, the Authority fined Yahoo! 10 million euros.

♠ FIRSH tip: make sure your cookie policies comply with personal data regulations. Controls are ongoing.

***

➡️CNIL fines Amazon 32 million euros

The CNIL received complaints from employees concerning Amazon’s practices in the reception, storage, preparation and delivery of parcels. After an inspection, the CNIL found that the system for monitoring employee activity and performance was disproportionate:

the provision of assistance to employees or their reassignment in real time, the planning of work in warehouses and the assessment and training of employees, as well as the aim of monitoring employees’ actual work, assessing them or training them, do not require access to the smallest details of the employee’s quality and productivity indicators collected by means of scanners over the last month;
the processing of three indicators linked to activity performance cannot be based on legitimate interest, as it leads to excessive computer surveillance of the employee with regard to the objective pursued by the company;

The CNIL also found breaches of the obligations to provide information and transparency, as well as of the obligation to provide security, insofar as :

the company did not ensure that the privacy policy had been provided to temporary workers before their personal data was collected by the scanners;
employees and external visitors were not properly informed of the video surveillance systems, and access to them was not sufficiently secure (the password was not strong enough, and access to the account was shared).

In short, the CNIL found that the system for monitoring employee activity and performance was excessively intrusive, since the video surveillance was set up without information and was insufficiently secure. As a result, the CNIL fined Amazon 32 million euros.

♠ FIRSH tip: keep employees and temps well informed about the surveillance systems in place within the company.

✨INTELLECTUAL PROPERTY✨

Originality of the work: a game box can be protected by copyright

The packaging of a game box can be protected by copyright when it reveals a creative effort and special intellectual research, making it distinctive from competing products.

The criteria used in this case in favor of the Joué/Club Group :

the Joué/Club group’s imprint is characterized not only by its packaging, which promotes games, but also by the fact that it fosters an image among its customers of quality, fun and sporty products, which can be identified by color codes according to the range (leisure, nature or sport).
originality results from the combination of precise colors and specific, evocative graphic elements that encourage consumers to buy not only the game in the box, but also all the other toys offered by Joué/Club stores
a closer look at competitors’ products shows that the overall visual impression of this banal game nevertheless distinguishes it from other similar toys
the boxes of the other toys are quite different, giving the packaging its distinctive character from similar or identical products.

Cour of appeals of Rennes, 3^e ch. com., 23 janv. 2024, n° 21/07485

✨NEWS « FIRSH »✨

Claire Poirson’s contributions to Media & Conferences

In January, FIRSH assisted its clients notably in the following projects:

Legal structuring of a start-up having developed an AI tool in healthcare (for research)
Litigation with the Bordeaux Court of Appeal in a trademark claim for fraudulent registration, trademark infringement and unfair competition/parasitism.
Preparation and finalization of an engagement deed to initiate arbitration proceedings with the Paris Chamber of Commerce and Industry in connection with an international dispute concerning the breach of an IT/Telecommunications contract.
Opposition proceedings against the registration of a trademark on the basis of one of our clients’ renowned trademarks with the INPI.
Intellectual Property” audit as part of two fund-raising campaigns for companies operating innovative digital platforms
Brand strategy and trademark registration for clients in the real estate and cosmetics sectors
Participation in the first meeting of the Collège Numérique, Firsh having been selected as digital expert for the Secrétariat Général pour l’Investissement.

📢To follow us on LinkedIn and receive our newsletter, click here: Link to our LinkedIn page.

📢There is no direct collection of your personal data and therefore no emailing from FIRSH !