2020 was a year of monumental change everywhere – including in the interactive entertainment world. As live events went online, more people gathered in front of screens to play, connect and consume than ever before. Developers and publishers responded with new technologies, platforms, devices, games and services.  2020 saw many game-changing legal developments – developments that will continue to affect the industry in 2021. Here’s Part I of the 33 legal areas all developers and publishers should keep in mind as we embark on a new year.

Legislative Updates

Here – in alphabetical order -- are the 13 hottest legislative changes we are watching.

  • Artificial Intelligence

The EU is contemplating comprehensive legislation to govern the development and distribution of artificial intelligence. While the details are not fixed, the package is likely to include components from three recent resolutions adopted by EU Parliament: (i) the Framework of ethical aspects of artificial intelligence, robotics and related technologies; (ii) the Civil liability regime for artificial intelligence; and (iii) the Intellectual property rights for the development of artificial intelligence technologies. The first draft of this legislative package is expected in Q1 of 2021.

  • Audiovisual Media Services Directive (AVMSD)

The AVMSD went into effect September 19, 2020. But as of November 2020 only 4 EU Member States had implemented it into national law (Denmark, Hungary, the Netherlands, and Sweden). The EU Commission commenced infringement proceedings and sent letters to the 23 other EU Member States and the UK requesting they reply within 2 months with updates on implementation of the AVMSD national law. Look for additional Member States and the UK to consider AVMSD implementation in 2021.

Earlier in 2020, the EU Commission released non-binding guidelines for implementation of the AVMSD, including: (i) SVOD services must ensure that 30% of film and TV titles in their catalogues are European works; and (ii) video sharing platforms (including social media sites), where the essential functionality or principal purpose of the platform is devoted to providing programs and/or UGC, must adopt measures to protect minors from harmful content and all users from content which amounts to hate speech, incites violence, or is considered criminal. These guidelines may prove useful as implementation of the AVMSD continues in 2021.

  • Competition/Anti-Trust

EU Digital Services Act and Digital Market ActWith an eye to updating the 20-year-old e-Commerce Directive, the European Commission announced in January 2020 that it would propose a new Digital Services Act by the end of 2020. Two legislative proposals were announced in December of 2020. The first set of proposals focuses on updating digital services providers’ responsibilities and liabilities to monitor and filter content on their platforms. The second proposal, the Digital Markets Act, seeks to limit the power of large platforms by prohibiting practices that may preference their own services. We expect the legislative process to continue through 2021 and possibly further.

Chinese Anti-Monopoly Rules: China is considering draft rules aimed at promoting fair competition in e-commerce marketplaces and payment services. China’s State Administration for Market Regulation is seeking public review and feedback before proceeding further with the draft rules. However, it appears likely that China will pursue some type of antitrust regulations focused on e-commerce in 2021.

  • EU Digital Content Directive

Adopted in May of 2019, the EU Digital Content Directive aims to harmonize consumer contract law across EU Member States. It creates binding requirements for contractual conditions in digital content and services agreements. In addition, companies must grant consumers comprehensive remedies (supplementary performance, termination of contract, etc.) in the event of a lack of conformity or failure to provide the content or services. The directive does not speak to damage claims, which is left for Member States to determine respectively. Member States must implement the directive into their national laws by July 2021.

  • EU Copyright Directive

The Directive on Copyright in the EU, which came into force in June of 2019, revises safe harbor provisions which would effectively create increased liability for OSPs. The deadline for member states to implement into national law is June 7, 2021. Critics of Article 17 of the directive argue that it does not provide necessary minimum safeguard requirements or enforcement provisions, leaving it up to member states and OSPs to reconcile the requirements of Article 17 (which requires a form of upload filtering) with the protections in the Charter of Fundamental Rights (freedom of expression, freedom to receive/impart information). The Court of Justice of the EU has been asked to annul the upload filter requirements of Article 17, but a decision is not expected until after the implementation deadline. As a result, Member States may have to implement legislation based on the non-binding recommendations of the European Commission and proponents of Article 17.

  • Privacy

EU ePrivacy Regulation: The European Union ePrivacy Regulation would broaden the scope of the current ePrivacy Directive and align the various online privacy rules that exist across EU member states. The ePrivacy Regulation would take on board all definitions of privacy and data that were introduced within the General Data Protection Regulations -- and clarify them.  The ePrivacy Regulation has yet to be “published” by the EU Commission, but it remains an item of interest that is likely to have implications in 2021.

European Electronic Communications Code: The EECC, which amends the current definition of ‘electronic communications service’, came into force on December 21, 2020. Once implemented, it will mean that the ePrivacy Directive will apply to all over-the-top (OTT) services.

EU Data Governance Act: Currently in draft form, the EU Data Governance Act aims to harmonize the availability and use of data with the hope of increasing trust in data intermediaries. The EU Data Governance Act draft proposes: (i) the conditions for re-use of certain categories of data held by public sector bodies in the EU; (ii) a notification and supervisory framework for the provision of data sharing services; and (iii) a framework for voluntary registration of entities that collect and process data made available for altruistic purposes. It is intended to create a network of trusted and neutral data intermediaries and an oversight regime comprising national supervisory authorities as well as a pan-EU coordinating body. This proposal further ensures that the EU is likely to be a hotbed of privacy-related action in 2021.

California Privacy Rights Act: In November 2020, California voters approved Proposition 24, creating the California Privacy Rights Act. The Act, which takes effect January 1, 2023, amends and expands the existing California Consumer Privacy Act. In particular, the California Privacy Rights Act: (i) modifies the definition of a covered “business”; (ii) introduces “sensitive personal information” as a new regulated dataset; (iii) provides for new rights and amends existing rights for consumers; (iv) regulates the sharing of PI for cross-context behavioral advertising; (v) creates a new privacy enforcement authority; (vi) adopts certain GDPR principles; (vii) amends the definition of “service provider” and introduces a new category of “contractors”; (viii) extends the employee and business-to-business (B2B) exemption to January 1, 2023; (ix) clarifies the consent standard; and (x) expands actionable private rights. While the CPRA is still two years from taking effect, we expect to see companies taking responsive actions throughout 2021.

Canadian Digital Charter Implementation Act: This draft legislation, introduced in November 2020, would establish a new privacy law: the Consumer Privacy Protection Act (CPPA). While there is no timeline for implementation or enforcement, the CPPA would create enhanced privacy protections for individuals and a private right of action, and would require companies to implement policies and procedures to comply with the law.

  • Section 230 of the Communications Decency Act

Section 230 of the CDA -- which provides safe harbors for internet service providers from claims arising from information provided by another information content provider (including social media and gaming users) -- has been targeted for amendment or other changes. Indeed, at the end of December 2020, President Trump vetoed the National Defense Authorization Act in part because it did not repeal Section 230 (Congress overruled his veto.) The controversy over Section 230 is not likely to abate in 2021.