PORTUGAL Law and Practice Contributed by: Jorge Silva Martins, João Carminho and Inês Coré, CS’Associados
proposed AI Liability Directive introduce new considerations for liability in cases of IoT device malfunctions, especially when AI- driven automation is involved. Service provid - ers and manufacturers must establish clear responsibility frameworks in case of failures. • Interoperability and standardisation: The EU promotes common technical standards for IoT devices to ensure seamless integration and prevent fragmentation of digital markets. Compliance with the EU Radio Equipment Directive (2014/53/EU) is required for IoT device certification in Portugal. AI integration AI is increasingly used in network manage - ment, predictive maintenance, chatbots, fraud detection, and personalised services. While AI improves efficiency, it also raises regulatory con - cerns: • AI governance and transparency: The upcom - ing EU Artificial Intelligence Act (AI Act) will regulate AI applications, particularly high-risk AI systems used in telecommunications. Compliance with transparency, explainabil - ity, and non-discrimination principles will be mandatory for telecom providers using AI- driven automation. • Automated decision-making and consumer rights: Under the GDPR, telecom operators using AI for automated decision-making (eg, billing, service recommendations, or fraud detection) must ensure transparency and allow users to contest decisions. Key Legal Considerations for Companies Companies in the TMT sector integrating 5G, IoT, and AI must navigate a complex legal frame - work, particularly in the areas of data protection, cybersecurity, AI governance, competition law, and consumer rights.
The GDPR imposes strict obligations on compa - nies handling personal data, requiring lawful pro - cessing, transparency, and data security meas - ures. Given the vast amounts of data processed by IoT devices and AI-driven systems, compli - ance with user consent, data minimisation, and cross-border transfer rules is critical. In parallel, the NIS2 Directive and Cybersecurity Act mandate robust network security measures for telecom providers and digital service opera - tors, ensuring resilience against cybersecurity threats, especially in 5G infrastructure and IoT ecosystems. The EU AI Act introduces a risk-based framework, imposing stringent compliance, transparency, and accountability requirements on AI systems used in telecommunications, such as automated customer service, fraud detection, and network optimisation. Companies must also consider liability risks, as the proposed AI Liability Direc - tive seeks to establish clearer legal accountabil - ity for harm caused by AI-driven decisions. In the competition law space, the Digital Markets Act (DMA) and EU antitrust rules (Articles 101 and 102 TFEU) regulate market dominance, data access, and interoperability, preventing unfair restrictions on competitors, particularly in 5G partnerships and IoT data sharing. Consumer protection laws, including the DSA and Consumer Rights Directive, require TMT companies to ensure fair commercial practices, contract transparency, and dispute resolution mechanisms. For AI-powered services and IoT products, clear disclosures on data collection, software updates, and algorithmic decision- making are essential to avoid regulatory scrutiny.
393 CHAMBERS.COM
Powered by FlippingBook