Tuesday, 16 January 2018

Consumer Law in the Data Economy - conference invitation

Below you may find the programme for the conference on "Consumer Law in the Data Economy" which will take place on Friday, April 13 at the University of Amsterdam. Attendance is free, but registration is mandatory (registration at email address: y.terhorst@uva.nl). We are looking forward to interesting discussions!



Saturday, 13 January 2018

The brave new world of open banking: a bit more on PSD2

The 13th of January 2018 is an important date in advancing the framework of financial consumer protection. From today the Second Payment Services Directive (PSD2) became applicable in Member States.

As we already mentioned in previous posts, PSD2 is bringing many benefits for consumers by using the product regulation technique, a technique that is rarely applied on EU level as a consumer protection tool. The PSD2 abolishes charges for credit cards, regulates the price of cross-border payments, and bans firms to charge for fulfilling their information duties under the Directive. In addition, it also aims to protect consumers by transferring the risk and associated costs of a fraudulent payment or payment by mistake on the payment institution (see the summary here). These are without a doubt important milestones in advancing consumer protection, we must therefore hope that the rules will be enforced properly conferring the intended benefits on consumers.

There is another important aspect of the system of protection established by the PSD2 that we have not mentioned so far. PSD2 goes into the heart of a relationship of a customer and payment service provider enabling customers to decide on the fate of their data and enabling third parties to access data upon the customers' consent. PSD2 gives the possibility of opening up banking data for third party access, leaving the final choice in taking up the possibility to national regulatory authorities. Seeing the great potential for opening up the banking sector for competition, UK's Competition and Markets Authority instructed the 9 largest banks to open up their data, calling the initiative 'open banking.' This is said to be 'Britain's gigantic financial experiment' (see more here and here) that will be come to life gradually in the coming months. Banks must start allowing third parties, such as retailers, technology groups and rival lenders to access the accounts of customers who authorize it, accessing information such as bank statements and account balances. This is said to bring the biggest shake-up in the retail banking since the ATM has been invented 50 years ago (see here)! Sharing customer data via Open Application Programming Interface intends to increase innovation in the banking sector, opening up the market for fintech enterprises who are able to offer competitive prices and more innovative products to those provided by traditional banking.

Those UK customers that participate in the open banking project could benefit from bespoke budgeting advise and more convenient payment services. Several apps has already been launched that aggregate all of a persons financial information held by multiple banks, offering tailored products and services to customers. For example, Plum a savings account provider whose app analyses the customers income and spending habits calculating an affordable amount to save and then depositing this amount on a separate account. Or the online mortgage broker app Trussle that alerts consumers when they should remortgage to find a better deal taking into account information such as the value of the home, early exit fees and the cost of the new deal (see more here). In the future, there could also be apps that enable consumers to compare how much they spend for electricity bills with other people like them, or to receive real time offers from shops while they are shopping.

Sharing data however is not without risks. As mentioned above, PSD2 already incorporated a safety mechanism of transferring the risk of fraud and mistaken payments to payment service providers. The other risk that remains are those related to data protection, that are addressed by GDPR. Even though the supporting framework is in place, opening up access to personal, financial data is not an easy choice. There seem to be a lot more work to be done on informing consumers (this seem to be an area where information could be a useful consumer protection tool given the established framework of protection). Consumers should be at least made aware of what data will be shared, with potentially which providers and what are the limits of data sharing, or how will they be protected should something go wrong. Consumers should the be further educated in understanding the new offers, and in being able to compare the exciting opportunities offered by fintech firms.

Open banking and fintech therefore opens up a brave new world, it will be seen whether consumers are brave enough to participate in it.

Friday, 12 January 2018

More on PSD2

As anticipated yesterday, tomorrow is the deadline for MS to implement the Payment Services Directive two. Here some recap and useful links.

While the stop to payment surcharges may be the most visible change for consumers, the Directive contains a number of other rules aimed at facilitating market entry for a number of operators providing payment-related services, next to some additional consumer-friendly provisions (for instance, consumers will bear no responsibility for online frauds if their bank has authorised payments without identification procedures).   

The ban on surcharges, to which MS were allowed to make exceptions for a limited set of cases (business cards, PayPal, Amex...), is applicable both on- and offline. There seems to be nothing, however, in respect of traders who simply refuse non-cash payments - which is the problem consumers most often encounter in high-street shopping. 

For retailers, the new possible burden is alleviated by the Directive's interaction with Regulation 2015/751, which aims to reduce the interbank exchange charges ultimately making card payments expensive for consumer service providers. 

A summary of the main points addressed by the Directive is available here. BEUC, the consumer union, celebrates the news but also points out that some countries - like Belgium and Slovenia - have already announced delays in implementation. 

Thursday, 11 January 2018

Charging consumers extra - how will PSD2 be enforced?

The rules of the Payments Services Directive 2 (PSD2) are to start applying in the Member States as of January 13th. A few days before the implementation deadline this Directive is already a cause of controversy in some Member States. Namely, one of its major achievements in consumer protection was the adoption of the ban on all surcharges, however small, related to consumers paying with their debit and credit cards. This didn't however mean that traders and service providers would not be allowed to ask for any extra charges from consumers, e.g. booking fees would still be acceptable when consumers bought a cinema ticket - but only provided that this booking fee would apply irrespective of the payment method chosen by the consumer. Of course, it was anticipated that consumer goods and services' prices may increase slightly as a consequence of traders passing the costs of operating debit and credit cards on to consumers. Another prediction was that some businesses may stop accepting debit and credit cards instead, though this likely would not be sustainable in the coming years with the amount of cashless transactions increasing. What was not included in the official predictions, but is unsurprising from the practical point of view, is that traders and service providers could simply rename payment charges as other charges. BBC reported on Just Eat - a popular takeaway food app - asking consumers to pay a 50p service charge on all its orders, which new charge unsurprisingly is of the same amount as the previously charged 50p surcharge on debit and credit card payments by this company (Just Eat criticised over service charge). Obviously, such actions by traders and service providers could be seen as circumventing the new law, but would the enforcement agencies actually step in and demand the removal of these new charges as hidden payment surcharges? This remains to be seen.

Wednesday, 10 January 2018

The new rules on financial benchmarks: are consumers adequately protected?

Starting with 1 January 2018 the new Regulation on indices used as benchmarks in financial instruments and financial contracts or to measure the performance of investment funds (known as the EU Benchmarks Regulation) that entered into force 30 June 2016 (see our earlier report here) is applicable in Member States. The regulation responded to the serious abuses of the regulatory gap in forming financial benchmarks, the most well known being the manipulation of Libor (London Interbank Offered Rate).

Libor is a benchmark that reflects the rate of interest a bank is willing to lend to another bank. It has a significant consumer dimension given that it influences the formation of the prices of consumer loans. The scandal therefore concerned EU consumer and mortgage loan consumers, the most affected being those with variable rate mortgage loans.

What happened in the Libor scandal? Every day a group of the largest banks submitted their interest rates for 10 different currencies and 15 different lengths of loans to the largest benchmark administrator, Thomson Reuters that would average out the submitted rates (see for more here) and publish the average as Libor. Importantly, the rates submitted were estimates that the banks are willing to lend at, and were not based on actual transactions. Subsequent investigations showed that the traders involved colluded by submitting false rates to benefit their institution and themselves. The scandal triggered heavy fines for the banks and criminal sanctions for the traders involved. Some US  based businesses also sued for damages. As far as I know, consumers so far remained (largely) uncompensated. Given the difficulties in proving the damages sustained (see for more here), consumers are likely to be better off with regulatory redress (like in the case of PPI in the UK) that has not happened yet.

The new rules aim to regulate governance and control over the benchmark formation process by improving the quality of data used by benchmark administrators insisting that benchmarks reflect economic realities, and ensuring that the data submitters are subject to adequate control, especially that they avoid any conflict of interest. In addition to these general requirements aiming to secure the safety and reliability of benchmarks, the new rules specially address consumer protection concerns by using the most common EU consumer protection tool, the provision of information.

Consumer protection rules are laid down in Title IV titled 'Transparency and consumer protection'. The key addition of the section is that firms are required to publish a benchmark statement with information specified in Article 27. The benchmark statement should define the economic reality measured by the benchmark and circumstances under which the measurement may be unreliable; identify the elements that are subject to discretion; provide notice of possible factors that may necessitate changes or the cessation of the benchmark and advise that the change may have impact on the financial contract. In addition to these rules, Article 58 of the EU Benchmark regulation amends the 2008/48/EC Consumer Credit Directive and the 2014/17/EU Mortgage Credit Directive in a way to mandate the provision of information on benchmarks. Consumer credit and mortgage firms will be obliged to inform consumers of the name of the benchmark, the administrator and the potential implications of the benchmark on the consumer. these provisions are applicable from 1 July 2018.

Although the recognition of consumer protection concerns should be applauded in such an important regulatory instrument, my impression is that  the special consumer protection rules, the one section devoted to consumer protection, do little to actually protect consumers. I wonder how consumers will understand the complex financial terminologies of benchmarks and how they will assess the associated risks of uncertainties for example of the circumstances under which measurement of economic realities reflected in benchmarks become unreliable, and what can they do even if they would understand the implications of the use of selected benchmarks. We can therefore only hope that the rest of the regulatory instrument setting out the actual process of benchmark formation will make benchmarks sufficiently safe and stable for everyone, including us, consumers.

Thursday, 4 January 2018

Shopper-gate going on in Italy

Assuming at least some of our readers will be interested in the interface between consumer issues and environmental measures, what follows are some highlights on a dispute that is dominating the news in Italy. 

As of 1 January, the Italian legislator has finally implemented the 2015 Plastic Bags Directive, requiring member states to take measures securing they meet set targets in the reduction of waste from plastic bags. Lightweight shoppers, one should keep in mind, are a major source of pollution - particularly at sea. 

So, what is the matter in the Mediterranean? While bigger supermarket bags have already for some time been replaced by biodegradable bags that supermarkets provide for a fee (of around 10 eurocents), the new law puts a ban on free "very lightweight" bags for fresh produce, mainly fruit and vegetables. These will also have to be made of at least partially biodegradable material and shops will have to charge consumers per bag. The exact fee may vary from shop to shop, likely ranging from 1-5 eurocents. 

Image from: cianciullo.blogautore.repubblica.it
In the midst of what promises to be a very heated electoral campaign, consumer association and some opposition parties have been very vocal in criticising the law, which, one must say, goes beyond the requirements of the 2015 Directive: the latter, indeed, allowed MS to exempt these "very lightweight" plastic bags. Many have observed, however, that imposing a fee and composition rules on this specific form of packaging was made necessary by the frequent abuse consumers make of the availability of free veggie bags and the vast number of them which households consume. 

Local practices, such as the fact that fruit and vegetables are usually weighted and price-tagged within the fresh department rather than at cashier desk and the supermarkets' expectation that consumer use separate bags for different sorts of produce, may have contributed to aggravating the situation. Fact is, the solution is quite radical in comparison with other countries, where the same bags continue to be available for free. 

The consumer associations that have complained about the new measure also seem not to be appeased by the fact that consumers will be able to use the bags for their organic waste (which is collected separately in large parts of the country) instead of buying those bags separately - perhaps they think their "constituents" are also not that interested in waste recycling?

All in all, an interesting not-so-small example of a clash between consumer and environmental advocacy (one may think turtle and fish lovers should be pretty happy with the measure). Have a good Thursday! More info (in Italian) here.

Tuesday, 2 January 2018

Data protection in 2018: waiting for the GDPR...

Happy 2018 dear readers! 
The new General Data Protection Regulation, which may make it more difficult for websites and other providers to collect our data without express consent, will only come into force in a few months. 

Meanwhile, national authorities seem to be reaching a point where they are ready to adopt less straightforward strategies to put a halt to what feels to many as excessive practices. See for instance the German competition authority, Bundeskartellamt, whose president has just announced in the press (with an interview in the Rheinischen Post, see also here a summary in Die Zeit) that the authority is investigating Facebook's data collection activities as an abuse of dominant position.

Although Facebook has no German subsidiary, action under competition law seems to be made possible as long as the practice exerts its effects in German territory. The authority had already put Facebook on notice a few weeks ago, especially with reference to the practice of collecting data when consumers browse outside of the social network to later reconnect such data to the user's Facebook account. 

Facebook's main defence against the charge is that they are just one social network and users can easily opt for one of their competitors, so they do not enjoy the position of market dominance which is a precondition for any charge of abuse under competition law. Looking forward to seeing this issue develop!

Friday, 22 December 2017

AG Sharpston Opinion in Finnair case : An electronic complaint is a complaint in writing

On the 20th of December, the AG opinion on Case C-258/16 Finnair Oyj v Keskinäinen Vakuutusyhtiö Fennia (hereafter: Finnair case) was published. The case concerned the interpretation of Art. 31 of the 1999 Convention for the Unification of Certain Rules Relating to International Carriage by Air (hereafter: Montreal Convention) on timely notice of complaints.

Facts of case

Ms Mäkelä-Dermedesiotis travelled from Malaga to Helsinki on a Finnair flight in 2010. Upon arrival she discovered that items were missing from her checked-in luggage. On the same day of the flight, Ms Mäkelä-Dermedesiotis contacted the customer service of Finnair to report the incident. In that phonecall, she identified the lost items and informed the Finnair representative of their value. The representative entered the information provided by Ms Mäkelä-Dermedesiotis into the Finnair electronic information system. Ms Mäkelä-Dermedesiotis had taken out insurance and received compensation for her loss and the insurance company, Fennia, was subrogated in her place in the claim against Finnair. Finnair argued that Ms Mäkelä-Dermedesiotis had not filed a written claim within the periods laid down in Article 31 of the Montreal Convention.

Article 31 of the Montreal Convention states that:
1.Receipt by the person entitled to delivery of checked baggage … without complaint is prima facie evidence that the same has been delivered in good condition and in accordance with the document of carriage or with the record preserved by the other means referred to in paragraph 2 of Article 3
2.In the case of damage, the person entitled to delivery must complain to the carrier forthwith after the discovery of the damage, and, at the latest, within seven days from the date of receipt in the case of checked baggage … In the case of delay, the complaint must be made at the latest within twenty-one days from the date on which the baggage … [has] been placed at his or her disposal.
3.Every complaint must be made in writing and given or dispatched within the times aforesaid.
4. If no complaint is made within the times aforesaid, no action shall lie against the carrier, save in the case of fraud on its part.’

Questions

The case eventually reached the Supreme Court of Finland which referred the following 4 questions to the CJEU:
(1) Is Article 31(4) of the Montreal Convention to be interpreted as meaning that, to preserve a right of action, it is necessary, in addition to giving notice of a complaint in due time, that the complaint be made in writing within the times specified, in accordance with Article 31(3)?
(2) If, to preserve a right of action, a complaint must be made in writing in due time, is Article 31(3) of the Montreal Convention to be interpreted as meaning that the requirement of writing may be fulfilled in an electronic procedure and also by the registration of the damage in the information system of the carrier?
(3) Does the Montreal Convention preclude an interpretation by which the requirement of writing is regarded as fulfilled where, with the knowledge of the passenger, a representative of the carrier records in writing the notice of complaint/the complaint either on paper or electronically in the carrier’s system?
(4) Does Article 31 of the Montreal Convention subject a complaint to further substantive requirements than that of giving notice to the carrier of the damage sustained?’

Opinion

The incident in question, where items were missing from the luggage but not the luggage itself, is best characterised as damaged baggage rather than loss of baggage, according to the AG. That is important to ensure that Art. 31 of the Montreal Convention applies.
The answer to the first question according to the AG is that the notice under Art. 31 needed not only to be made within the 7-day limit but also to be made in writing in order to be valid. That is hardly surprising as Art. 31(4) of the Montreal Convention clearly sets out both requirements and any other interpretation would leave the airline carrier vulnerable to complaints about damaged luggage that would be difficult to verify.
The real essence of the opinion can be found in questions 2 and 3 which ask whether an electronic record of the complaint via representative is compliant with the requirement of Art. 31 of the Montreal Convention to have the complaint ‘in writing’.
In order to answer the second question AG Sharpston contrasted the main characteristics of written and oral communication. The key characteristics of written communication are permanence and retrievability, while oral communication is only recalled from memory and it is difficult to verify. In other words, verba volant, scripta manent. The question then becomes whether electronic communication satisfies the requirements of permanence and retrievability and according to the AG, that is indeed the case. To support her argument, she points out how it is increasingly common, especially for airline companies to keep all their records electronically and how limiting the meaning of ‘in writing’ to a record made in paper would go against the purpose of the Montreal Convention. (para 44 of AG Opinion).
As Finnair held an electronic record of the complaint it was always possible to generate a printout of the complaint which would mean that even a stricto sensu interpretation of ‘in writing’ as ‘in paper’ would be satisfied. (para 49 of AG Opinion) This is a logical interpretation of the condition one that reflects technological developments and everyday practice and is not too onerous for consumers.
This brings us to the third question of whether the consumer needs to record the complaint themselves or whether someone else can do it on their behalf and under their direction as was the case here where the complaint of Ms Mäkelä-Dermedesiotis was recorded by a representative of Finnair. According to AG Sharpston, the Montreal Convention does not set any requirements that aim to prove the origin of the complaint, such as signing the complaint; meaning that the Montreal Convention does not preclude enlisting help for ‘transforming the complaint he wishes to make into written form’ (see para 57 of AG Opinion). So, a complaint that originated with the passenger who decided to report the complaint, as well as its content, that a representative of the airline assisted to record, is compliant with the requirements of the Montreal Convention.
Finally, the answer to the fourth question was that there are no other substantive requirements to be satisfied other than the complaint to be given in written form in the time limits prescribed.

AG Sharpston provided a convincing and intelligent analysis of the issues in question which was well grounded in the realities of the passenger-airline relationship. Airline companies should not be allowed to circumvent their responsibilities to passengers based on a narrow interpretation of the law. Accepting that electronic communications constitute communication ‘in writing’ is logical and consistent with the way companies function in the 21st century. Overall, this is a welcome opinion that, if adopted by the Court will make a difference for many consumers in what is a very common occurrence. This blog will keep you informed you of all the developments of the case.

Thursday, 21 December 2017

CJEU gives Member States a green light to regulate Uber

Just yesterday the Court of Justice delivered its judgment in one of the two high-profile cases brought before it with respect to the European operations of the US-based digital multinational Uber. The ruling in C‑434/15 Asociación Profesional Elite Taxi (or Uber Spain) comes as a serious blow to the company, which has continuously insisted to act merely as a provider of an online intermediation service. The Court has, however, largely followed the earlier opinion of the Advocate-General Szpunar (see our posts on both opinions here and here) and classified the activities of Uber as "services in the field of transport".

Why is this relevant?

Due to its socio-economic importance - both at the national level and from the internal market perspective - as well as specific features - particularly with respect to the (former) public or quasi-public transport networks - transport sector has traditionally been given a special treatment under the EU Treaties. For the similar reasons Member States have long been reluctant to open their national transport markets to liberalisation. As a matter of fact, it required an action brought by the Parliament against the Council to confirm the positive obligation of the latter to extend the freedom to provide services to that sector (case C-13/83 Parliament v. Council). This has led to an intensification of the legislative efforts aimed to remove the barriers to cross-border provision of different transport services - air, road, rail and water - and at the same time reaffirmed the specificity of the path taken in that area, resulting inter alia in the exclusion of "services in the field of transport" from the scope of Services Directive.

In the case at hand the specificity of the transport sector meets with another special area of the EU law - that related to the provision of the so-called "information society services". This domain, associated mainly with online activities, has been subject to a separate legal scheme - the E-Commerce Directive

The question thus appeared whether the activity of Uber - that is the provision of a paid service, by means of a smartphone application, consisting of connecting non-professional drivers using their own vehicles with persons wishing to make urban journeys - should be qualified as a service in the field of transport, an information society service, neither or both. Should the services in question fall under the scope of either Services or E-Commerce Directive, the liberalisation regime established in those acts would kick in, meaning that Member States would only be allowed to restrict their provision if specific conditions set out in those directives were fulfilled.

Judgment of the CJEU

The Court opted for an interpretation which is least favourable to Uber and leaves the widest margin of discretion to the Member States. Its reasoning appears to be largely based on the AG opinion, even though no direct references to that document are made. The following points are worth highlighting:
  • The intermediation service consisting of connecting non-professional drivers with the passengers by means of a smartphone application is, in principle, a separate service from the underlying transport service and, again in principle, meets the criteria for classification as an "information society service" (paras. 34-35).
  • However, the concrete service provided by Uber is more than an intermediation service. In the specific case at hand, the service of intermediation is rather an integral part of an overall service whose main component is a transport service (paras. 38, 40).
  • This is because, as explained in paragraph 39, firstly, the intermediation service is "based on the selection of non-professional drivers using their own vehicle, to whom the company provides an application without which (i) those drivers would not be led to provide transport services and (ii) persons who wish to make an urban journey would not use the services provided by those drivers" and, secondly, Uber exercises "decisive influence" over the conditions under which that service is provided by the drivers (infuences prices, processes payments, engages in quality control).

Consequently, services provided by the company cannot be classified as information society services, but rather belong to services in the field of transport. This means that the activities of Uber fall outside the scope of the E-Commerce and Services Directives as well as Article 56 of the Treaty on the Functioning of the European Union. They are, by contrast, covered by Article 58(1) TFEU and further provisions applicable to the area of transport. This is of limited help to Uber as no common rules coverning the type of services provided within its business model (i.e. non-public urban transport) currently exist at the EU level. Member States, therefore, enjoy a wide margin of discretion when it comes to regulating the conditions under which services of that type can be provided. 

Concluding thought

The judgment is a significant defeat for Uber, which should probably brace itself for the upcoming ruling in the parallel French case. Its implications for other businesses belonging to the so-called "platform economy" may, nevertheless, be less far reaching than it can seem at first sight. After all, it is the specificity of the transport sector that left the services provided by the company outside the scope of both directives. Additionally, the reference to a "decisive influence", while not legally uncontroversial, suggests that it is only in fairly specific circumstances that an online service may fall outside the scope of the information society framework. Negative consequences of the judgment thus appear to be largely Uber-specific - at least for the time being. Or, as its critics might say, what goes around comes around.