PYMNTS-MonitorEdge-May-2024

TechREG Weekly: Crypto, Cybersecurity and Online Safety Bills Advance in EU, US and UK

tech regulation

This week, important legislative initiatives made their way through European Union, U.K. and U.S. legislative bodies. Digital platforms in the U.K., and in particular social media companies, will have to step up their efforts to remove content in their platforms that is lawful but harmful or they will face sanctions. The EU Parliament’s Committee on Monetary affairs adopted new regulation in crypto assets (MiCA), but there is still a long road ahead before the regulation becomes law. In the U.S., President Biden signed a new cybersecurity law that requires companies to notify important incidents and ramson payments.

See also: EU Parliament Votes Against Crypto Mining Ban

The European Parliament voted to adopt the text of the MiCA regulation after some important limitations to the use of bitcoin were removed. Under the first proposal, bitcoin’s proof-of-work (PoW) mining would have been banned due to environmental concerns.

Instead, the committee voted to add PoW cryptocurrencies to the EU sustainable finance taxonomy that defines whether an activity can be labeled environmentally friendly by end of 2024.

Now, the European Parliament and the Council will start interinstitutional negotiations to adopt a common agreement and vote on a final version of the proposal, but this is likely to take a few months.

The US passes New Cybersecurity Law 

U.S. President Joe Biden signed the Cyber Incident Reporting For Critical Infrastructure Act of 2022. This bill will create new rules requiring U.S. critical infrastructure entities to report cybersecurity incidents within 72 hours and within 24 hours if a ransomware payment is made.  This is a departure from the current notification timelines in the U.S. and it largely aligns with requirements set by the EU’s General Data Protection Regulation.

While this legislation applies only to “covered entities,” its effects will likely be felt across sectors and industries. As the legislation includes breaches suffered by supply chain and cloud providers, this may expand the effects of such breaches downstream, and customers of these suppliers may need to be ready for additional auditing and, in some cases, reviews of their contractual relationships.

See more: US Cybersecurity Law Increases Reporting Duties For Most Firms

Tech Executives May Face Criminal Sanctions Under New UK Online Safety Bill 

The U.K. government introduced in Parliament a new Online Safety Bill that will impose obligations on companies to identify and remove illegal and harmful content from their platforms.

The Online Safety Bill represents a departure from the self-regulation approach that Big Tech, and in particular social media firms, have been enjoying for many years. The two main distinctive features of this law are that 1) it prohibits not only “illegal” but also “legal but harmful” content; and 2) executives from tech companies will face the possibility to serve jail time if they fail to comply with requests from Ofcom, the communications regulator overseeing the implementation of this bill.

Read more: UK´s Online Safety Bill Comes With Possible Jail Time for Violators

New Authentication Rules in UK Put Merchants on Alert  

On Monday, March 14, new strong customer authentication (SCA) rules started to apply in the U.K. and merchants that didn’t implement these new rules risk customer purchases being declined.

See also: Merchants Risk Losing Customers as New UK SCA Rules Kick Off

Federal Reserve’s Top Seat Still Empty as Raskin Withdraws 

Sarah Bloom Raskin, the Biden administration’s nominee for the most powerful banking regulator seat, withdrew her nomination Tuesday (March 15) after months of turmoil and opposition from Republicans along with one key Democrat.

Learn more: Sarah Bloom Raskin Withdraws as Biden’s Pick for Top Fed Banking Regulator

US Lawmakers Want to Tighten Compliance Rules for Crypto Firms 

Four Democratic United States senators want to prohibit cryptocurrency platforms from conducting business with sanctioned companies and people, CoinDesk.com reported Thursday.

Under the terms of the proposed Digital Assets Sanctions Compliance Enhancement Act, the White House would be required to identify any foreigner who operates a crypto exchange or facilitates digital asset transactions by Russians on the Office of Foreign Asset Control’s sanctions list.

But the bill may extend beyond Russian sanctions. One provision would authorize the Financial Crimes Enforcement Network (FinCEN) to identify users transacting with more than $10,000 in cryptocurrency.

Read more: Sen. Warren Proposes Sanctions Compliance Law for Crypto Firms

Meta is Fined for Data Breach and Faces Fines in South Africa 

Meta was fined 17 million euros ($18.6 million) for violating the European Union’s privacy regulations by failing to prevent data breaches on its Facebook platform. This case started in 2018, when the Irish Data Protection Commission launched an investigation into a breach that impacted several millions of Facebook accounts. Among the breaches was one triggered by a software bug that gave outside developers access to millions of user photos.

In South Africa, the competition regulator is seeking to prosecute Meta Platforms for abusing its dominance in the social media sector. The case is now in the Competition Tribunal.

Read more: Meta Fined $18.6M Over Facebook Data Breach

Nigeria Fights Money Laundering 

The Nigerian Senate has passed a bill to amend money-laundering regulations. The law requires lenders to report all single transactions worth more than 5 million naira, or $12,035, and those involving corporations over 10 million naira, to a Special Control Unit Against Money Laundering.

Read more: Nigerian Senate Passes Bill to Tighten Money-Laundering Rules

PYMNTS-MonitorEdge-May-2024