California Governor Signs Into Law Cannabis Tax Relief Bill –

To print this article, all you need is to be registered or login on

Help for California’s fledgling cannabis industry finally
appears to be on the way. For years, the industry has shouldered
heavy taxes – a 15% state-wide excise tax, sales and use
taxes up to 10.75%, and local business licenses taxes up to 15% in
some jurisdictions. And, to top it off, California imposed a
cultivation tax on cannabis flowers of $161.28 per dry-weight
pound. While growers could sustain this tax burden when business
was good, wholesale prices plummeted in the fall of 2021 and left
growers unable to turn a profit.

Enter Assembly Bill 195, a budget “trailer
bill” signed into law by Governor Newsom on June 30, 2022.
Among other things, AB 195 amends the California Revenue and
Taxation Code to eliminate the cultivation tax on harvested
cannabis. Specifically, harvested cannabis that enters the
commercial market on or after July 1, 2022 is not subject to the
cultivation tax, even if the distributor or manufacturer received
the cannabis from a cultivator prior to July 1, 2022. AB 195 also
shifts the point of collection and remittance of the 15% state
wide-excise tax from distributors to retailers effective January 1,
2023, and sales or transfers of harvested cannabis that has entered
the commercial market by cultivators to distributors or
manufacturers after July 1, 2022 are exempt from cultivation tax if
the cannabis is ultimately subject to this 15% excise tax on retail
sales. AB 195 tracks Governor Newsom’s proposed budget,
1 which suggested slashing the cultivation tax rate to
zero. For growers and the cannabis industry alike, this is a
welcome sign of relief.

Beginning July 1, 2025, the California Department of Tax and Fee
Administration must adjust the excise tax rate every two years to a
rate that would generate an amount of revenue equivalent to what
would have been collected from the cultivation tax (such rate not
to exceed 19%). AB 195 includes other provisions, including updated
allocations of the Cannabis Tax Fund and tax credits to commercial
cannabis businesses.


1. Discussed in a prior article here.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Cannabis & Hemp from United States

12 Steps To Take Before And During A Data Breach

Godfrey & Kahn S.C.

Your organization, like many others, probably recognizes the severe risk that a data breach poses. No one wants their employees’ or benefit plan participants’ personal information to be stolen.

State Of US Data Privacy Law Compliance

Womble Bond Dickinson

In May 2017, the world of data privacy was irreparably changed when four members of the Chinese military hacked into credit-reporting company Equifax, exposing the personal information of nearly 150 million Americans.

Continued IRS Attack On ‘Zero Out’ Of Profits

Dickinson Wright PLLC

A prior article in this publication (IRS Attack on Zeroed Out Taxable Income in Recent Tax Court Cases) discussed the lessons that physician and other incorporated medical practice groups…


TrueNAS SCALE is a brilliant Network Attached Storage solution with a slight learning curve

Jack Wallen introduces you to the open-source TrueNAS SCALE NAS solution and shows you how to get started once you have it installed.

Image: VectorMine/Adobe Stock

Your business or family probably uses something akin to Google Drive to store files and folders. That makes perfect sense, given how everyone needs ready access to data at all times. But there are some pieces of data you don’t want to be housed by a third-party service, such as sensitive information you don’t want to risk becoming public.

When you have such information, or simply want easy access to file storage within your LAN, you should turn to open-source solutions such as TrueNAS.

SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)

TrueNAS recently released TrueNAS SCALE, a hyper-converged storage solution capable of meeting high demand. With TrueNAS you can create integrated Linux virtual machines and containers, deploy it as a single node or to a cluster, expand it with third-party apps, manage data with snapshots and so much more. TrueNAS is truly your one-stop shop for NAS storage needs.

TrueNAS might well be one of the most powerful, flexible NAS solutions on the market. And even better, it can be deployed on commodity hardware or as a virtual machine.

The installation of TrueNAS is relatively easy, as it is done via a traditional Linux distribution. If you’ve ever installed Linux, you won’t have any problem getting TrueNAS up and running. Once it’s up and running, however, you might not know the next steps to take. I will lend you a helping hand with what to do once you have TrueNAS up and running.

What you’ll need

To make this work as expected, you’ll need TrueNAS installed and extra drives added for storage purposes. If you’re deploying TrueNAS as a virtual machine, you’ll need to attach a couple of extra drives. When deploying TrueNAS via VirtualBox, you can follow this tutorial to find out how to add extra storage drives.

And that’s all you’ll need. Let’s get started.

How to add a new pool

The first thing you must do is add a new pool that will house our shares. Log into TrueNAS with the root user account and the password you created during installation, and then click Storage in the left navigation (Figure A).

Figure A

The TrueNAS Dashboard is the page that will greet you upon the first login.

When you land on the Storage page, you’ll be prompted to create a new Pool (Figure B).

Figure B

The TrueNAS Storage page is currently empty, so a new Pool must be created.

Click Create Pool to reveal the Pool Manager (Figure C).

Figure C

The Pool Manager is where you create your pools.

It should automatically detect your available drives. If not, click Suggest Layout and TrueNAS will guess the type of layout which is best suited for the available drives.

As you can see (back in Figure C), TrueNAS has laid out my pool with the two drives I’ve added to VirtualBox. All you should have to do is give the new pool a name and click Create.

Once the pool is created, you’re ready to move on.

How to create a user

I’m going to assume you’re not connecting to either an LDAP or AD directory and will create users manually. To create a new user, click Credentials in the left navigation, and then in the resulting pop-up panel (Figure D) click Local Users.

Figure D

The Credentials side panel in action.

In the resulting window (Figure E), click Add.

Figure E

The Local User management window.

You should see a new pop-up panel (Figure F) where you can fill in the necessary information for the new users.

Figure F

Creating a new Local User in TrueNAS.

Make sure, at the bottom, you check the box for Samba Authentication. You can also add an SSH Public Key for even more secure access. Once you’ve finished adding the user details, scroll to the bottom and click Save. Continue this process until you have all the users you need.

How to create a share

Now that you have both a pool and users, we can create a new Share, which will be accessible by the local users you’ve created. Click Shares in the left navigation and then click Add under Windows (SMB) Shares.

In the resulting pop-up (Figure G), fill in the necessary information for the share. As for the Path, you will be limited to the directory of the Pool you created earlier.

Figure G

Creating a new SMB Share in TrueNAS.

For Purpose, select Default Share Parameters from the drop-down, give the share a name, make sure Enabled is checked, and click Save. If you want to allow Guest Access so users who do not have a local account can access the share, you must click Advanced Options and then click the checkbox for Allow Guest Access (Figure H).

Figure H

Allowing Guest Access in TrueNAS.

Of course, most won’t want to allow Guest Access, unless you have a specific need for it.

With your Pool, Users and Share created, TrueNAS is ready to serve. Those with a local TrueNAS account should be able to access the share via their OS file system and start adding files and directories.

Congratulations! You now have a powerful NAS solution attached to your LAN that can expand to meet and exceed your needs.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.


Standards For Accessible Medical Diagnostic Equipment, EV Charging Stations, And Self-Service Equipment Are Forthcoming – Healthcare

To print this article, all you need is to be registered or login on

Seyfarth synopsis: The Spring 2022 Unified Regulatory Agenda
is out with rulemakings on medical equipment, EV charging stations
and fixed self-service transaction machines on the list of items to
be addressed.

We predicted that there would be more regulatory
activity in the ADA Title III universe under the Biden
Administration and the Spring 2022 Unified Agenda of Regulatory and
Deregulatory Actions (the “Agenda”) confirms our
forecast. However, the Agenda does not include any proposed
rulemaking concerning website or mobile app accessibility, an area
where businesses continue to be barraged with private lawsuits in the absence
of regulations.

Medical Diagnostic Equipment. Back in 2017, the
U.S. Access Board — the federal agency tasked under Title III
of the ADA with drafting accessibility guidelines which must then
be adopted by the Department of Justice (DOJ) before they become
law — issued a final guidance containing standards for accessible
medical diagnostic equipment. The Agenda states that the DOJ will be issuing
an Advanced Notice of Proposed Rulemaking (ANPRM) about these
guidelines in September 2022 with a public comment period to close
in November 2022. The Agenda previews that “[a]mong the public
input that the Department is seeking in this ANPRM is whether there
are any issues relating to the potential adoption of the . . .
[Access Board’s] Standards for Medical Diagnostic Equipment in
the ADA regulation.” Manufacturers of medical diagnostic
equipment, as well as health care facilities that purchase and use
such equipment, should actively participate in the ANPRM

EV Charging Stations. According to the Agenda,
the Access Board will be issuing a Notice of Proposed Rulemaking
(NPRM) in September 2022 to set standards for accessible EV charging stations with the
intent that the DOJ will eventually incorporate those guidelines in
the current ADA Standards for Accessible Design. The rulemaking
responds to the Infrastructure Investment and Jobs Act’s
allocation of $7.5 billion to construct a national network of
500,000 EV charging stations nationwide.

Fixed Self-service Transaction Machines. With
the proliferation of self-service machines at public accommodations
in the past few years, it is no surprise that the Access Board will
be working on standards for accessible self-service kiosks,
information transaction machines, and point-of-sale devices. The
Agenda states that an NPRM will be issued in August 2022. It is
very important for manufacturers of these machines, as well as the
businesses that use them (e.g. retailers, rental car
companies, lodging facilities, health care providers, banks,
parking facilities, restaurants) to file comments on the Access
Board’s forthcoming proposed guidelines because, once
finalized, they are not likely to change in DOJ’s rulemaking
process to make them enforceable standards.

While the rulemaking process can take years, we predict the DOJ
will work hard to get all of these new standards finalized before
the end of the Biden Administration because a regime change will
most certainly halt all regulatory activity, yet again.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Food, Drugs, Healthcare, Life Sciences from United States


European Digital Compliance: Key Digital Regulation & Compliance Developments – Contracts and Commercial Law

To help organisations stay on top of the main developments in
European digital compliance, Morrison Foerster’s European
Digital Regulatory Compliance team reports on some of the main
topical digital regulatory and compliance developments that have
taken place in the second quarter of 2022.

This follows on our previous updates on European digital
regulation & compliance developments for 2021 (Q1, Q2, Q3, Q4) and
of 2022.

In this issue, we note the large strides taken towards adoption
of the EU Digital Services Act (which seeks to regulate the
operations of all digital service providers operating in the EU,
wherever the provider happens to be based) and the EU Data
Governance Act. We also highlight other recent and forthcoming
digital regulatory initiatives from the EU (and also case law),
including changes that companies will need to make to online
ordering processes affecting EU-based consumers. We also look in
more depth at how the UK government is taking forward its
self-declared “pro-competitive” regime for the regulation
of digital markets and at a slight relaxation of UK product
labelling rules for digital hardware.

EU Digital Policy and Legislation

  1. EU Digital Services Act: Agreed & Ready for

  2. EU Data Governance Act: May 2022, Council approved the

  3. EU proposed regulation on online child sexual

  4. Germany: Draft legislation requires centralised youth
    protection mechanisms in operating systems, covering apps, browsers
    and app stores

  5. EU: Proposed amendments affect online financial
    services agreements, including a “withdrawal

  6. EU: New Vertical Block Exemption Regulation

  7. EU: Proposal on “green” claims in digital
    (and other) products

UK Digital Policy and Legislation

  1. UK Competition and Consumer Reform: Greater Regulatory
    Enforcement Powers

  2. UK digital regulatory policy: UK Government confirms
    plans to introduce pro-competition regime for digital

  3. UK: Relaxation of product safety labelling

Cyber Security and Resilience

  1. Cybersecurity: NIS 2 Directive

Notable Case Law

  1. EU case law: When do online traders need to give
    pre-contract information about their or third-party
    manufacturers’ guarantees?

  2. EU case law: Requirement for a clear “Purchase
    Button” online

  3. EU case law: the legitimacy of content recognition

  4. EU Telecoms Regulation: German enforcement measures
    against “zero-rating” offerings

1. EU Digital Services Act: Agreed & Ready for

In April 2022, the EU Parliament and Council reached political agreement on the
Digital Services Act (DSA). The EU
Parliament’s Internal Market Committee also endorsed the
agreement in June, and it’s now expected that the DSA will be
formally adopted by the EU Parliament very soon. The finalised text
is not yet available to the public.

In parallel with the Digital Markets Act (DMA),
the DSA seeks to regulate the operations of all digital service
providers operating in the EU – wherever the provider happens to be
based. It will come into effect as an EU Regulation, meaning that
no further implementation into Member State law will be

The DSA aims to address large digital platforms, impose greater
accountability on intermediaries for third-party content, and
protect users from illegal goods, content or services. The DSA sets
out a new framework of obligations to apply to all digital services
that connect consumers to goods, services or content, including new
procedures for faster removal of illegal content as well as
comprehensive protection of users’ fundamental rights online.
It adopts the principle that illegal offline acts should also be
illegal online.

The DSA will apply to any online intermediary offering services
in the EU. Intermediary services are broken down into various

  • organisations offering network infrastructure (e.g.,
    internet access providers, domain name registrars);

  • hosting services (e.g., cloud and webhosting

  • online platforms (e.g., online marketplaces, app
    stores, collaborative economy platforms and social media
    platforms); and

  • very large online platforms (VLOPs), which reach more than 45
    million consumers in Europe.

The strength of the DSA’s obligations is intended to be
proportionate to the nature of the services and number of users for
a given platform, so that larger digital services providers will be
subject to more rigorous standards. The DSA imposes obligations on
various online intermediary service providers, such as: to identify
and remove illegal content; not to manipulate users’ choices
through nudging or deceitful techniques (dark patterns); and to
verify and check traceability information provided by traders that
sell via platforms to consumers.

The Commission will have exclusive power to demand compliance
for platforms with more than 45 million users, and penalties
include up to 6% of those platforms’ worldwide turnover.

What’s Next?

The final vote in the EU Parliament for the DSA is expected in
July 2022, followed by a formal adoption by the Council and then
publication in the EU Official Journal. The DSA is then expected to
come into force in late 2023 or early 2024.

2. EU Data Governance Act: May 2022, Council approved the

The new EU mechanism for the wider reuse of public-sector data -
the Data Governance Act (DGA) – has now been
adopted. We previously reported on the
Data Act

As of 24 September 2023, certain categories of data such as
trade secrets, personal data and data protected by intellectual
property rights may be reused and shared by companies and
individuals alike without fear of being misused or compromised.

The DGA is a culmination of efforts by the EU to leverage the
high-value data economy in the EU, which is expected to reach ?829
billion by 2025. Previous consultation on this issue emphasised the
lack of incentivisation for both individuals and companies to
participate in data sharing. One of the DGA’s main aims will be
to ensure that in-scope data is handled consistently with the
principles and protections offered by the GDPR, ePrivacy Directive,
consumer law, competition law and other applicable EU laws.

The DGA will be underpinned by a framework for data
intermediation services (“DI Services“)
which will provide the secure environment in which parties can
share data. Where the sharing parties are companies, the DI
Services will be facilitated via digital platforms and any
providers of DI Services will need to add themselves to a central
register. From a privacy perspective, the DI Services will give
individuals full control over their personal data on top of the
protection that they receive under the GDPR, e.g., through
personal information management tools such as data wallets, so that
the individual is at all times aware of how their data is shared
with others, and can give/withdraw consent accordingly.

What’s Next?

To help the European Commission navigate its oversight of the DI
Services, a European Data Innovation Board will be created to
advise the Commission and issue guidelines on how to nurture the
development of data spaces and improve interoperability. Alongside
this, the European Council is working on a regulation on harmonised
rules on fair access to and use of data (somewhat confusingly
referred to as the Data Act) and discussions are in full swing.

3. EU proposed regulation on online child sexual abuse

The EU is ramping up the fight against online sexual abuse of
children with its draft “Regulation laying down rules to prevent and combat
child sexual abuse
“. The Regulation will impose
requirements on providers of certain digital services or platforms
operating in the EU to detect, report and remove child sexual abuse
material (CSAM) offered via their services, under
a regime overseen and enforced by regulatory authorities designated
by EU Member States.

Since 2011, the EU has been fighting child pornography. Two
years ago, the European Commission formulated a new “strategy for a more effective fight against child
sexual abuse
“. The proposed new Regulation is the latest
step in this process and combats two types of online child sexual
abuse: the online dissemination of child sexual abuse material
(CSAM) and online solicitation of children (or

The proposal addresses any services that allow users to upload
files, and any services allowing interpersonal communication
(i.e., chat, audio or video calls). The service providers
must perform a risk assessment, implement risk mitigation measures
and report the results. Moreover, a national authority can issue a
detection order, meaning that the service provider will have to
employ technology to actively search user content for CSAM or
interactions that resemble child solicitation. The authority can
also request internet access service providers to block a website
hosting, displaying or disseminating CSAM.

Of all the proposed new requirements, the most controversial has
been the creation of possible detection orders in relation to child
solicitation in interpersonal communication, because the technology
required to implement such an order would necessarily break
end-to-end encryption. Encrypted cloud storage and other “zero
knowledge” services face the same dilemma: Compliance with the
Regulation requires them to change their privacy-focused business

What’s Next?

The proposal will be debated in the EU Council and the European
Parliament, before likely entering the so-called trilogue procedure
to negotiate a final version approved by all legislative bodies.
The respective timeline is still unclear.

4. Germany: Draft legislation requires centralised youth
protection mechanisms in operating systems, covering apps, browsers
and app stores

The German Federal States are planning to amend their youth
protection rules to enable parents more easily to set up parental
controls at a central location on their own (and their kids’)
devices to restrict access to inappropriate apps. To the extent
that it affects audiovisual services (as opposed to storage media),
youth protection law is subject to State-level, not Federal,
legislative powers in Germany. Nevertheless, to provide for
coherent rules Germany-wide, the States coordinate their lawmaking
by way of “interstate treaties”.

After discussing an early concept paper with industry
stakeholders in fall 2021, the States published a “discussion
draft” of the new law for public consultation in May 2022. The
public consultation was open until late June 2022. The draft
provides that apps must obtain mandatory age ratings, and that they
may be blocked based on these ratings by a new youth protection
mechanism to be implemented in the operating systems of user

The draft further requires that operating systems for media
devices must feature a parental control mechanism that allows users
to block apps depending on their age rating. Apps that include a
certified youth protection solution will not be blocked, but
instead must provide an interface so that they can automatically
align their built-in solutions with the age-settings of the
operating system’s parental control mechanism. Furthermore,
operating systems must allow (adult) users to deactivate app
installations from non-system app stores and web browsers without
“safe search” features when the parental control
mechanism is active.

What’s Next?

The States will now digest the input received during the
consultation process, and then agree on a final wording for the new
law. This must then be ratified by all 16 German State parliaments
before it can enter into force, which will likely not happen before
early 2023.

5. EU: Proposed amendments affect online financial services
agreements, including a “withdrawal button”

The European Commission has proposed new legislation on
financial services contracts concluded at a distance that will make
various changes to EU laws regarding the regulation of online
financial services in the EU.

On the surface, the proposed change looks somewhat superficial.
The Commission will repeal the Distance Marketing Directive
(2002/65/EC) (DMD) and transfer its contents to the Consumer Rights
Directive (2011/83/EU) (CRD).

The DMD contains consumer protection rules governing financial
services contracts that are concluded remotely or at a distance,
including requirements for the information that must be provided to
the consumer before the contract takes effect, and providing a
right of withdrawal and a prohibition on unsolicited communications
from suppliers.

The CRD contains similar provisions with respect to other types
of distance consumer contracts but currently excludes all financial

So the Commission now proposes to repeal the DMD and transfer
its contents to the CRD via a new Chapter to the CRD that applies
to financial services contracts concluded at a distance. But the
net effect of the new proposal will be to make a number of changes
to the applicable regulatory regime for financial services distance
contracts, such as the following:

  • There are new pre-contractual information
    , which must reach the consumer at least
    a day before the consumer is bound by any distance contract.

  • In relation to the right of
    , there will need to be a withdrawal button
    that is clearly visible.

  • Providers must give consumers an adequate
    about the proposed financial services
    contracts to enable the consumer to assess whether the contracts
    are adapted to their needs and financial situation. Also, if a
    trader uses an online tool for this purpose (such as a chatbot or
    “roboadviser”), the consumer will have a right to request
    and obtain human intervention.

What’s Next?

The EU Council and the European Parliament will now consider the
Commission’s proposal. If and when adopted, EU member states
will be given 24 months to transpose the Directive into national

The proposal will not have effect in the UK unless the UK
government enacts similar requirements. So financial services
providers operating across Europe will need to consider whether to
apply two different approaches or harmonise their systems around
one approach – presumably the more consumer-friendly EU regime.

6. EU: New Vertical Block Exemption Regulation adopted

From 1 June, a new Block Exemption Regulation for vertical
agreements (the so-called
Vertical Block Exemption Regulation No. 2022/720
VBER, including related
) applies to all new in-scope agreements operative in
the EU.

The purpose of the block exemption is to provide a “safe
harbour” and generally exempt agreements between market
players at different levels of the supply chain (so-called
“vertical agreements”, e.g. between brand owners and
retailers) from the EU’s prohibition on anti-competitive
agreements (Art. 101 TFEU, including its national equivalents) if
certain market share thresholds are met and provided the agreement
does not contain certain prohibited restrictions. This regime is
intended to reduce burden on businesses by giving them legal
certainty around the compliance of certain categories of agreement
with antitrust laws.

The new VBER retains many of the provisions found in the
old VBER
. For example, while there are some new clarifications
on resale price maintenance, the new VBER continues to generally
treat it as a hardcore restriction, consistent with recent
enforcement action by the European Commission (EC) in this

However, there are some significant changes that companies need
to understand in order to ensure that their distribution
arrangements in the EU continue to benefit from the exemption. For
instance, the rules for online sales restrictions have softened
(e.g. by applying a softer approach to dual pricing for online and
offline sold products, or by allowing restrictions on the use of
online market places). But the new VBER is stricter with respect to
dual distribution systems (where manufacturers sell directly to
customers but also via retailers) and restrictions imposed by
online market places (particularly so-called “most-favoured
nation” clauses). We have summarised the key changes for
businesses in our recent client alert.

What’s Next?

Contracts already in place before 1 June 2022 must be amended to
comply with the new rules by 31 May 2023. Any new agreement that
falls within scope of the new VBER needs to be drafted
appropriately. In particular, operators of online marketplaces
should review the changes carefully and ensure not only that they
make the necessary adjustments to their existing contracts but also
that they follow the VBER guidelines when concluding new

7. EU: Proposal on “green” claims in digital (and
other) products

The European Commission (EC) is planning amendments to the
Unfair Commercial Practices Directive (UCP) and the Consumer Rights
Directive (CRD) to support the next steps towards a cleaner and
greener EU economy. This change will apply to all businesses
operating in the EU, including those with a digital focus, because
sustainability is a hot topic across all industries.

The EC’s declared aim is to strengthen the protection and
position of consumers in order to achieve climate and environmental
objectives under the EU’s “Green Deal“.

The planned amendments to the CRD would introduce new
pre-contractual information obligations for contracts with
consumers on the durability and reparability of products. For
businesses with a digital focus, the proposal suggests an
obligation on digital providers to provide information to buyers
and consumers on the existence and length of the period during
which the manufacturer commits to providing software updates.

The planned amendments to the UCP would mainly update the
current law on misleading commercial practices in relation to green
claims without introducing major changes. The draft introduces new
(clarifying) provisions and extends the so-called “black
list” (of prohibited behaviour) to ensure that companies do
not mislead consumers about the environmental and social impacts of
their products or services, the use of sustainability labels and
the durability and reparability of products. The proposal, for
instance, explicitly provides that it would be misleading to make
generic environmental claims (e.g., “environmentally
friendly”, “eco” or “green”) where the
claimed environmental performance of the product or seller cannot
be demonstrated, or to make an environmental claim about the entire
product, even though the claim only concerns a certain aspect.

What’s Next?

The proposal remains subject to discussion and its
implementation may still take some time. Businesses should
nevertheless begin to consider the likely changes to be made in the
UCP in relation to “green” claims. This is because most
of these principles already apply to all businesses today under the
general prohibition on misleading commercial practices. In case of
violations, companies are faced with private enforcement, such as
cease-and-desist or damage claims, as well as fines.

8. UK Competition and Consumer Reform: Greater Regulatory
Enforcement Powers

The UK has proposed reforms to its consumer protection laws to
give the Competition and Markets Authority (CMA) greater
enforcement rights against proscribed online or digital conduct,
and to introduce specific reforms to make companies responsible for
fake online reviews and so-called “subscription

The CMA has long been requesting these reforms, which will
likely result in a significant uptick in enforcement activity, once

A Draft Digital Markets, Competition and Consumer Bill (the
Draft Bill“) was included in the
Queen’s Speech in May 2022, which sets out the UK
government’s priorities for the year ahead. The Draft Bill is
set to provide better protection for consumers online and enable
the regulator (the CMA) to take more effective action on behalf of
consumers. The Draft Bill will impose tighter rules on
organisations operating online and strengthen the CMA’s
enforcement powers, including the ability to impose fines of up to
10% of global turnover for breaches of consumer law.

The increase in the CMA’s enforcement powers is a
significant reform. Currently, the CMA is unable to enforce
decisions without going through the courts, and no penalties can be
imposed for breaches (except where there is a failure to comply
with a court order). Under the Draft Bill, the CMA will itself be
able to issue decisions, and issue fines for more serious

The Draft Bill will also tighten rules in relation to specific
areas of online activity, particularly subscription traps and fake
reviews. With regards to subscription traps, the Draft Bill
introduces specific requirements for organisations to send
customers reminders regarding roll-over or auto-renewal contracts,
and ensure that consumers are able to exit contracts in a
straightforward and timely way. As we have pointed out before, the issue of
auto-renewals is something that the CMA has previously considered,
and EU regulators are also focused on it.

To increase protection from fake reviews, the Draft Bill
proposes to add fake reviews to the list of automatically unfair
practices under the Consumer Protection from Unfair Trading
Regulations 2008. For example, online platforms will be
“banned” from hosting consumer reviews without taking
reasonable and proportionate steps to check they are genuine. What
the regulator considers to be “reasonable and proportionate
steps” has yet to be clarified.

Similar reforms are expected in the EU, where Member States are
required to give their national consumer regulators the power to
impose fines of up to 4% of global turnover by the end of May

What’s Next?

Despite its inclusion in the Queen’s speech, the Government
has not yet committed to legislating the Draft Bill in the current
parliamentary term; as a result, it’s not yet clear when the
new rules will come into force.

9. UK digital regulatory policy: UK Government confirms plans
to introduce pro-competition regime for digital markets

The UK Government has confirmed its intention to introduce a new
regulatory regime targeted at regulating major digital platforms.
The proposed “pro-competition” regime for the regulation
of digital markets will give a suite of enforcement powers to the
Digital Markets Unit (DMU), which has been established within the
CMA pending the introduction of legislation, including the ability
to designate major platforms with “Strategic Market
Status” and impose various constraints on their conduct,
including structural remedies.

History of the proposals

The proposals for a new forward-looking regime for the
regulation of digital markets have their genesis in a series of
expert panel reports and recommendations dating from 2019,
including in particular the
Digital Competition Expert Panel
, chaired by Jason Furman. The
Furman report on “Unlocking Digital Competition”
concluded that existing regulatory powers were insufficient to
tackle the novel challenges presented by the digital age and, in
particular, recommended the introduction of a new regime which
would include “pro-competition” policies to enable
regulators to improve consumer choice by lowering barriers to entry
and for interoperability, including through the use of enforceable
codes of conduct for firms designated as having “strategic
market status”.

Following the Furman Report, the CMA used its existing
enforcement toolkit to develop its understanding of the relevant
markets, starting with a wide-reaching market study into digital
advertising in the UK, which concluded in
July 2020
, and culminating in the publication of advice to the
government in December
on the design and implementation of the new regime. The
DMUwas established within the CMA from April 2021.

Against this backdrop, the UK government issued a comprehensive
consultation on proposals for reform in
July 2021
, taking on board most of the proposals made by the
CMA and the Furman Review. The
to these proposals was published on 6 May 2022, when
the government confirmed its intention to introduce new legislation
to establish the regime.

Overview of the proposals

Like the EU regime, the regime will involve the “ex
” regulation of firms designated as having
“Strategic Market Status” (SMS). The test for conferring
SMS will require that a company has “substantial and
entrenched market power in at least one digital activity, providing
them with a strategic position
” and that there be a nexus
to (and impact on competition in) the UK. The DMU will be required
to produce detailed guidance on how it will conduct its assessment,
which will be undertaken via a “market study” type

The regime will allow the DMU to develop an enforceable code of
conduct specific to each designated firm, with “core
obligations” to underpin this code, including the fair
treatment of users, removal of barriers to switching and ensuring
customers can make informed choices. These core obligations will be
supported by a series of “conduct requirements” which
will be set out in legislation, based on which the DMU will develop
company-specific conduct requirements, including obligations not to
leverage market power, impose discriminatory terms or engage in
bundling, as well as positive duties of transparency.

Contrasts to the EU regime

The UK proposals differ quite materially from the EU regime,
most importantly in that the proposed codes of conduct will be
bespoke to the individual firms, unlike the EU regime which will
require compliance with a set of standardised conduct rules for all
designated “Gatekeepers”. There will also be the
possibility for regulated firms to apply for an exemption for
conduct that would otherwise breach code requirements where the
relevant company can illustrate that such conduct brings about net
consumer benefits. Such exemptions will not be available under the
EU regime, although the bar for granting an exemption will likely
be high.

Another key difference is the proposed ability for the DMU to
implement broad ranging “pro-competitive interventions”
(PCIs) where the DMU has identified an adverse effect on
competition following a nine-month “market-study” type
investigation. These remedies will be intended to address the
“root causes” of market power on a company-specific basis
and could include orders to allow interoperability, third party
access to data or even structural separation.

Merger controls

Proposals for a bespoke merger regime have been dropped, but SMS
firms will be required to report “their most significant”
transactions to the CMA before closing, with its current thinking
being that this would be where there is an acquisition of over 15%
equity or voting share, the value of holding is over £25m and
the transaction meets a UK nexus test. Separately, the proposed
reforms to competition will introduce amendments to the existing
merger control thresholds to address the CMA’s ability to
investigate so-called “killer acquisitions”. In
particular, the government has proposed introducing a new basis to
intervene in mergers where the parties are not direct competitors,
which will apply where at least one party has an existing
“share of supply” of 33% in the UK and a UK turnover of

What’s Next?

While the UK government has confirmed that the regime will be
established, it is not clear when this will be, although this is
unlikely to be before 2023. In the meantime, the DMU is fully
up-and-running, and the CMA is using its full suite of existing
powers to address current market concerns and develop the
principles that will most likely apply to regulated firms once the
regime comes into force. This includes a series of market studies
and specific enforcement actions against some of the major

Most recently, the CMA announced in June 2022 the results of its
market study into mobile phone ecosystems, in which it concluded
that a more detailed market investigation should be launched into
mobile browsers and cloud gaming. The Market Study report provides insight how the
regime might be “operationalised”, including the
CMA’s view on what an assessment of strategic market status would look like, as
well as examples of conduct that could be addressed under codes of
conduct and PCIs.

10. UK: Relaxation of product safety labelling rules

In June 2022, the UK government announced changes to help
businesses to apply the new UK Conformity Assessed (UKCA) mark on
most products placed on the market in Great Britain. This eases the
transition from the EU’s “CE” mark, which will cease
to apply to the UK market post-Brexit. The new rules are expressly
intended to cover the supply of electronic devices.

Since the Brexit transition period ended, the UK government
allowed businesses to continue to use the CE marking on affected
products sold in the UK until 31 December 2022. With only six
months to go until the end of this grace period, the UK government
has announced some relaxation of the rules to ease the transition
from CE to UKCA markings:

  • Manufacturers of affected products will be able to apply the
    UKCA mark to products that were conformity assessed by EU bodies
    before the end of 2022. There will be no need to have a separate UK
    assessment until the product’s certificate expires or 31
    December 2027, whichever is earlier.

  • Some CE-marked products imported into the UK before the end of
    2022 will not need to be re-certified for the UKCA

  • Existing rules on labelling will be extended until the end of
    2025, so UKCA markings can be added to products by sticky labels or
    through accompanying documentation.

What’s Next?

The government will quickly introduce the necessary legislation
before the end of 2022. Manufacturers or suppliers into the UK of
affected products (including digital hardware and electronic
devices) should review how the new labelling and marking rules
affect their products.

11. Cybersecurity: NIS 2 Directive

Cybersecurity risk management and reporting obligations rules in
Europe are about to change significantly. The new Directive on
measures for a high common level of cybersecurity across the EU
(NIS 2) will impose stricter cybersecurity risk
management requirements on more organisations, and introduce
tougher supervisory and enforcement measures.

The Council of the EU and European Parliament have reached a
provisional agreement on NIS 2, which was first proposed by the EU
Commission in December 2020. Once formally adopted, NIS 2 will
replace the current Directive (EU) 2016/1148 on security of network
and information systems (NIS 1).

Among other things, NIS 2 will set the baseline for
cybersecurity risk management measures and reporting obligations
across all covered sectors, which includes energy, transport,
chemical manufacturing, production and distribution, postal and
courier services, healthcare and digital infrastructure.

NIS 2 forms part of the EU’s wider effort to better protect
critical national infrastructure from cybersecurity threats,
including the heightened risk and critical vulnerabilities
associated with networking and information systems, and digital
supply chains.

See our more detailed client alert for further insight.

What’s Next?

The provisional agreement is now subject to approval by the
Council of the EU and European Parliament and is expected to take
place within the coming months. Once NIS 2 has been adopted, EU
Member States will have 21 months thereafter to incorporate the
provisions into their national law. However, EU Member States may
well introduce national implementing laws ahead of the deadline, as
some of them did with NIS 1.

12. EU case law: When do
online traders need to give pre-contract information about their or
third-party manufacturers’ guarantees?

The European Court of Justice (CJEU) has ruled that online
traders need to give pre-contractual information to consumers about
a manufacturer’s guarantee if that information has been made an
essential element of the offer (Victorinox, Case
C-179/21). This ruling clarifies what pre-contractual information
is actually required to meet consumer protection laws (
the Consumer Rights Directive (2011/83/EU)

The mere existence of a guarantee is not enough to trigger
disclosure; traders can be silent about any manufacturer guarantees
unless there is a legitimate consumer interest. This interest
arises if that information is decisive for the consumer in
deciding whether or not to enter into a contractual relationship
with the trader.

To determine the central or decisive element of the offer,
traders should consider:

  • the way in which the goods are offered (including the content
    and layout);

  • the prominence of the guarantee mentioned – i.e., if
    the manufacturer’s guarantee is only mentioned incidentally and
    not for commercial purposes, it is less likely to be
    central/decisive; and

  • the likelihood that average consumers would be confused about
    who was offering the guarantee and how they could exercise their
    rights under it.

Traders must still provide relevant information about their own

What’s Next?

The scope of this decision has been recently amplified by the
ECJ ruling that
an online intermediary can be a trader for the purposes of the
(see our summary from our
Q1, 2022 update
). This ruling is binding in the EU but
(post-Brexit) not in the UK. UK courts may choose to take the
ruling into account.

13. EU case law: Requirement for a clear “Purchase
Button” online

The European Court of Justice (CJEU) has ruled that, under the
EU Consumer Rights Directive (CRD), an EU-based consumer is not
bound by an online contract if any button or similar function used
for online orders is not labelled, in an easily legible manner,
only with either the words “order with obligation to
” or a corresponding unambiguous formulation
indicating that placing the order entails an obligation to pay the

The CJEU case concerned the question of how the
so-called “purchase button” on a seller’s online
interface must be labeled in light of the CRD’s statutory
obligation to use the wording “order with obligation to
pay” or “corresponding” wording. In its recent
ruling, the CJEU found that the directive requires that the fact
that the function triggers an obligation to pay has to be:

  • entirely clear from only the words on the label on the relevant
    button (or a similar, alternative function); and

  • without any reference to an overall assessment of the
    circumstances such as the purchase flow.

The referring court (Local Court of Bottrop, Germany) had to
decide whether a contract between a consumer and a hotel company
was validly entered into and enforceable. The consumer had followed
the procedure on a website on which the hotel company had offered
its rooms. After clicking a button labelled “I’ll
reserve”, the consumer had entered his personal details and
the names of the individuals accompanying him, before clicking on a
button labelled with the words “complete booking”. The
hotel company claimed that the consumer would have to pay for the
four double rooms that where subject of the procedure, despite
never having shown up at the hotel.

The referring German court had doubts whether the obligations of
the German version of the CRD were satisfied. Like the CRD itself,
German law does not contain specific examples of
“corresponding formulations,” with the consequence that
sellers may use words of their choice that satisfy the requirement
that the obligation to pay is evident. In the view of the referring
court, albeit clear from the booking process, the term
“booking” in the expression “complete booking”
is not necessarily associated in everyday language with the
obligation to pay financial consideration, but is often also used
as a synonym for “pre-order or reserve in advance free of

Previous rulings of local German courts have taken into account
the overall circumstances of the ordering process and, in
particular, the configuration of that process, for the purpose of
determining whether words such as those used by the operator of the
booking website constitute an unambiguous formulation corresponding
to the words “order with obligation to pay”.

What’s Next?

Especially where EU Member State law does not provide examples
of button labels, sellers are advised to assess whether the wording
on their final ordering button (or similar function) explicitly
indicates that its activation triggers an obligation to pay.

14. EU case law: the legitimacy of content recognition

Article 17 of EU Copyright Directive includes a provision
requiring online content-sharing service providers
(OCSSP) to ensure that copyright-protected works
cannot be uploaded without the prior consent of rights-holders -
and has long been considered by those services’ users as a
potential violation of their fundamental rights. This was based on
the assumption that Art. 17 implied the use of upload filters.

Upload filter technology, in turn, was considered by some as not
sufficiently developed to safeguard users’ rights to upload
works on basis of copyright exemptions such as citation or parody.
Against the background of these discussions, Poland brought an
action for annulment of Art. 17 EU Copyright Directive before the
European Court of Justice (CJEU). Poland argued that Art. 17 EU
Copyright Directive infringed the freedom of expression and
information guaranteed in the Charter of Fundamental Rights of the
European Union.

The CJEU did not follow this argument, concluding instead that
the obligation imposed on online content-sharing service providers
to review (prior to its dissemination to the public) the content
that users wish to upload to their platforms, has been accompanied
by appropriate safeguards implemented by the EU legislature to
ensure compliance with the Charter of Fundamental Rights. The CJEU
explained that Art. 17 strikes a fair balance between fundamental
rights of the services’ users on the one hand and the
creators’ intellectual property rights on the other.

While not spelling out in detail how upload filter technology
needs to be programmed or how Member States should transpose this
requirement, there are some valuable takeaways.

  • Firstly, Member States can legitimately request the use of
    upload filter technology as long as they take great care that
    safeguards that protect users’ rights are included.

  • Secondly, the court states that, in some cases, implementation
    of content recognition technology will be the only way to comply
    with Art. 17 EU Copyright Directive.

  • Thirdly, the CJEU nevertheless clarifies that OCSSPs cannot be
    required to preventively block the upload to content where its
    lawfulness would require an independent assessment by the OCSSP
    considering the information provided by the rights-holders and
    existing copyright exemptions. This strengthens OCSSPs’
    positions by placing an additional burden on rights-holders to
    provide extensive information on their works to the providers.

What’s Next?

The decision will likely impact the national transpositions of
Member States for the EU Copyright Directive. Even though the
transposition deadline passed in June 2021, many Member States are
still in the process of implementing Art. 17 of EU Copyright
Directive into their national laws.

15. EU Telecoms Regulation: German enforcement measures against
“zero-rating” offerings

In response to a series of judgments by the European Court of
Justice (CJEU) from 2021, in April 2022 the German telecoms
regulator Bundesnetzagentur (BNetzA) banned the zero-rating
offerings of Germany’s top two mobile phone service

“Zero-rating” regimes are implemented in mobile
service contracts with limited data volumes. They allow users to
use certain predefined online services, e.g.,
social-media, without consuming their data volume.

In earlier decisions, BNetzA found that the relevant zero-rating
programs generally comply with the EU Open Internet Regulation
(Regulation 2015/2021 of 25 November 2015). BNetzA relied on the
guidelines on implementation of the Open Internet Regulation by the
Body of European Regulators for Electronic Communications (BEREC)
in force at the time, which generally consider zero-rating programs
to be permissible, subject to certain conditions.

In 2021, however, the CJEU ruled not only that the specific
programs that were subject of the proceedings are incompatible with
the net neutrality principles as laid down in the EU Open Internet
Regulation, but also that the entire concept of zero-rating
violates the Regulation’s principles on equal treatment of data
traffic. This led to the BNetzA ruling, but also resulted in BEREC
revising its guidelines on implementation of the Open Internet
Regulation. The new guidelines, published on June 9, 2022, now
clarify that all differentiated pricing practices that are not
application-agnostic are inadmissible. This includes zero-rating

What’s Next?

German affected mobile phone service providers have until 31
March 2023 to adjust to the BNetzA’s decision. Until then, all
existing and yet to be concluded contracts with a zero-rating
component can be continued. The German providers will most likely
not be the last ones affected by the ruling of the CJEU. Due to the
new guidelines of the BEREC, bans of zero-rating tariffs by the
other EU telecom regulators can be widely expected. This will not
only impact relevant mobile phone providers, but also any content
providers that currently benefit from zero-rating programs across
the EU.

We are grateful to the following members
of MoFo’s European Digital Regulatory Compliance team for their
contributions: Femi Omisore.

Because of the generality of this update, the information
provided herein may not be applicable in all situations and should
not be acted upon without specific legal advice based on particular

© Morrison & Foerster LLP. All rights reserved


Opinion | Dmitry Muratov and Maria Ressa fear for democracy

Placeholder while article actions load

In their Nobel Peace Prize lectures last Dec. 10 in Oslo, both Dmitry Muratov of Novaya Gazeta and Maria Ressa of Rappler, journalists of distinction and grit who faced off against repressive governments, warned of dangers ahead. “The world has fallen out of love for democracy,” said Mr. Muratov. “The world has begun to turn to dictatorship.” Ms. Ressa declared: “Without facts, you can’t have truth. Without truth, you can’t have trust. Without trust, we have no shared reality, no democracy, and it becomes impossible to deal with our world’s existential problems: climate, coronavirus, the battle for truth.”

They were the first working journalists to win the Nobel Prize since 1936, but just months after the ceremony, their warnings ring more true than they might have imagined. Mr. Muratov’s publication suspended operations in March under President Vladimir Putin’s threat to punish news media that criticize Russia’s barbaric war on Ukraine. On June 28, Ms. Ressa announced that Rappler has again been ordered to close by Philippine authorities after a years-long struggle to expose the underside of President Rodrigo Duterte’s crackdown on drugs — and other abuses.

They are at the front lines of a global contest of immense importance. A healthy democracy depends on a vibrant civil society in which independent associations and groups act as connectors between the public and its rulers. The press plays an indispensable role, making the system accountable and leading to change. But a regime that holds a monopoly on power cannot tolerate a free and freewheeling press, as both Rappler and Novaya Gazeta discovered. Democracy dies in darkness, the words that grace our front page, also describe a deepening crisis around the globe, from Ukraine to Myanmar, Belarus to Cuba, China to Russia. Journalists are struggling, their backs against the wall in the quest for truth.

Ms. Ressa, who has been an outspoken champion of free speech, founded Rappler in 2012, building a scrappy news website that exposed arbitrary executions in the drug war and took on the difficult topic of social media manipulation and disinformation. On June 29, the Philippine Securities and Exchange Commission reaffirmed a 2018 decision that Rappler violated a ban on foreign ownership in mass media — involving an investment by Omidyar Network — and issued a shutdown order. Rappler vowed to appeal, and called the proceedings “highly irregular.” Ms. Ressa said it would not shut down. She has been a target of government harassment for years. “In less than two years, the Philippine government filed 10 arrest warrants against me,” she said in the Nobel address. “I’ve had to post bail 10 times just to do my job. … All told, the charges I face could send me to jail for about 100 years.” She added, “What was meant to intimidate me and Rappler only strengthened us.”

Her determination is admirable, but no one should underestimate the difficulty of standing up to a powerful tyrant. Hopefully, Rappler will not stop shedding light on dark corners, and Novaya Gazeta will soon return to this essential mission.


The future is a process, not a destination

On June 10, many were surprised by the news that TBD, a subsidiary of Block, Twitter’s co-founder Jack Dorsey, announced the launch of the Web5 platform. Web 1, 2, 3 and now Web 5? But where is Web 4? Those who don’t care about number sequences can just downloaded Web 7.

But first, so that no one gets behind in understanding this article, let’s quickly talk about the stages of Web evolution. If you already know the subject, you can skip to the next topic.

From the static web to the collaborative web

In the beginning, there was what we now call Web1, at that time simply known as the web. At this stage, the first websites, portals and online services were developed, and users could only read the information, without the chance of direct interaction. As no interaction was possible between users. Those who accessed the web just consumed the content made available in a web of one-way communication and, for this reason, Web1 was also called “Static Web.”

With the evolution of Web support technologies, Web2 gradually arrived with the emergence and proliferation of social networks and all the applications such as blogs, forums and podcasts that made new forms of participative communication possible.

In fact, due to the development of these new tools, users began to communicate with each other and share their own content. In this step, the user who was once just a passive actor, became the holder of the creation and management of online content, building new processes and interactions, which is why Web 2 has been dubbed the “Collaborative Web.”

When did Web3 emerge?

Just like the other stages of the web, it is difficult to pinpoint when Web3 was born. This is because Web development is a process and, as such, has no set start date. But, many argue that the idea of Web3 emerged around 2006, although the term Web3 was only coined in 2014 by Gavin Wood. It is supposed to be the next step of the internet. And, I say supposedly, because it is still in its infancy and therefore there is still no certainty of what the next stage of the Web will really be.

Note that there is no single creator of Web3. It is being developed as a collaboration of different individuals and organizations building upon each other. But, overall, those involved in smart contract platforms on blockchains such as Ethereum, EOS and TRON are the ones who are admittedly leading the way in building Web3.

Related: What the hell is Web3 anyway?

It’s important to note here is that one of the most popular programming libraries used to write Ethereum code is called web3.js. And there is also a foundation, the Web3 Foundation, which is run by the founders of the Polkadot network.

Broadly speaking, the main goal of Web3 is to try to solve the biggest problem of Web2: the collection of personal data by private networks that enable surveillance capitalism, a true marketplace of future behavior.

And for this, Web3 has as its main focus of innovation to be a web of decentralized networks, not controlled by any one entity, formed by platforms that use consensus mechanisms that everyone can trust. In it, decentralized applications (DApps) would be built on top of open networks, and no entity would be able to collect data without the user’s consent, nor limit or censor anyone’s access. That is, as extracted from the Web3 Foundation’s own website, Web3 has a mission to create “a decentralized and fair internet where users control their own data, identity and destiny.”

The second focus of innovation promised by the Web3 developers is that these decentralized networks would enable the value or “money” of the internet to be transferred directly between users’ accounts, without intermediaries. And, these two features — decentralization and internet money — are still in their early stages, are the keys to understanding Web3.

However, many critics have expressed concerns about the current Web3 such as its dependence on funding from Venture Capitalists like Andreessen Horowitz, which would compromise its main focus of innovation — providing the user with a truly decentralized web.

Well, now that everyone is on the same page, let’s clarify what has certainly become the question of many after Jack Dorsey said that “Web 5” powered by Bitcoin will replace Web3.

Related: Polkadot vs. Ethereum: Two equal chances to dominate the Web3 world

Web4 is gone?

After Web3 — the term encompasses all the blockchain and decentralized technologies being built around the world — the next stage of the Web is not really a new version but is an alternative version of what we already have (Web2) or are already building (Web3).

Web4, also known as “Mobile Web,” is one that has the necessary infrastructure to adapt to the mobile environment. Imagine a web that connects all mobile devices in the real and virtual world in real-time.

Well, Web4 enables mobility and voice interaction between the user and the robots. If the focus in previous websites was on the user interacting with the internet by being in front of the desktop and in front of the computer, the focus of Web4 is on enabling the user to use and distribute information regardless of location via mobile devices.

Therefore, Web4 changes the relationship between humans and robots, which will have a symbiotic interaction. In this fourth stage of the Web, humans will have constant access to robots, and everyday life will become increasingly dependent on machines.

“Web5,” or the “Emotional Web”

Although many only heard of Web5 for the first time when headlines reported Jack Dorsey’s statement, the fact is that the term is not new.

To get an idea, Tim Berners-Lee, the inventor of the Web, gave a lecture at TED Talks in 2009 in which he already talked about Web5: “Open, connected, intelligent Web,” which he called the Emotional Web.

According to the creator of the web himself, the Web5 would be the Emotional Web. Actually, the true form of Web5 is still forming, and according to the signs we have so far, this web also known as the Symbiotic Web will be an interconnected network that communicates with us as we communicate with each other (like a personal assistant).

This Web will be very powerful and totally run on (emotional) interaction between humans and computers. Interaction will become a daily habit for many people based on neurotechnology. Here it is worth mentioning that despite surveillance capitalism, currently Web2 “itself” is “emotionally” neutral, meaning that it does not perceive users’ feelings and emotions. Now, with Web5 proposing to be an emotional web, this may change in the future. An example of this is WeFeelFine, an organization that maps people’s emotions through headphones.

Along these lines, in Tim Berners-Lee’s Web5, users will interact with content that interacts with their emotions or facial recognition changes. In this context, it seems that the “Web5,” announced by Jack Dorsey, has nothing to do with the Emotional or Symbiotic Web envisioned by Tim Berners-Lee in 2009.

Related: An open invitation for women to join the Web3 movement

What Jack Dorsey’s Web5 is all about

TBD, a subsidiary within Block (formerly known as Square), was founded in July 2021 with the goal of creating “an open platform for developers” focused on decentralized finance (DeFi) and Bitcoin (BTC). Now TBD has its first goal to build “Web 5: an Extra Decentralized Web platform,” where users will have full control of their own data.

“This will probably be our most important contribution to the Internet. Proud of the team. (“Rest in Peace, Web3 Investors),” Dorsey said in a tweet on the morning of June 10. According to TBD’s presentation on Web5, the internet’s main problem is the lack of an “identity” layer: “In the current Web, identity and personal data are turned into the property of third parties,” and this is why Web5 will focus on decentralizing identity, data storage, as well as its applications.

TDB also claims that it will create an extra decentralized Web platform to solve this problem.

Related: Digital sovereignty: Reclaiming your private data in Web3

Possibilities: The future is a process, not a destination

Much of what is dismissively referred to as “false promis” by critics of Web3 seems much more challenging to achieve with Bitcoin alone — at least for now. Bitcoin’s decentralization and priority to cybersecurity come at the expense of storage space, and, above all, transaction speed — although the advances brought by the Lightning Network are promising.

In addition, some Web3 features already seem possible through layers built on top of Bitcoin. Hiro is building smart contracts using Bitcoin. Stacks was created to enable DeFi, nonfungible tokens (NFTs), apps and smart contracts in Bitcoin. Not to mention that since 2012, the equivalent of NFTs and ERC-20 tokens already exist on the Bitcoin blockchain in the form of colored coins.

Also, there are already decentralized identity solutions based on decentralized identifiers (DIDs) on Web3, such as the one developed in the Identity Overlay Network (ION) that is built using the Sidetree Protocol on top of the Bitcoin blockchain. Add to this the fact that it is unclear what alternative routes will be used for funding and building Dorsey’s new version of Web3.

Related: Identity and the Metaverse: Decentralized control

Will this new attempt by TBD to create a decentralized layer on top of the Web via the Bitcoin blockchain solve current concerns about Web3?

Of course, the more initiatives focused on achieving a decentralized web, the better for users. But, what is essential here is that such initiatives can bring together all the technical and financial resources and bright people who are committed to the hard work and effort needed to make the decentralized web happen.

The future is a process, not a destination.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Tatiana Revoredo is a founding member of the Oxford Blockchain Foundation and is a strategist in blockchain at Saïd Business School at the University of Oxford. Additionally, she is an expert in blockchain business applications at the Massachusetts Institute of Technology and is the chief strategy officer of The Global Strategy. Tatiana has been invited by the European Parliament to the Intercontinental Blockchain Conference and was invited by the Brazilian parliament to the public hearing on Bill 2303/2015. She is the author of two books: Blockchain: Tudo O Que Você Precisa Saber and Cryptocurrencies in the International Scenario: What Is the Position of Central Banks, Governments and Authorities About Cryptocurrencies?