Photo of Anna Sophia Oberschelp de Meneses

Anna Sophia Oberschelp de Meneses

Anna Sophia Oberschelp de Meneses is special counsel in the Data Privacy and Cybersecurity Practice Group.

Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.

Anna advises companies on European data protection law and helps clients coordinate international data protection law projects.

She has obtained a certificate for "corporate data protection officer" by the German Association for Data Protection and Data Security ("Gesellschaft für Datenschutz und Datensicherheit e.V."). She is also Certified Information Privacy Professional Europe (CIPPE/EU) by the International Association of Privacy Professionals (IAPP).

Anna also advises companies in the field of EU consumer law and has been closely tracking the developments in this area.

Her extensive language skills allow her to monitor developments and help clients tackle EU Data Privacy, Cybersecurity and Consumer Law issues in various EU and ROW jurisdictions.

Follow:Read more about Anna Sophia Oberschelp de MenesesEmailAnna Sophia's Linkedin Profile

On July 17, 2025, the European Commission launched a “call for evidence” and public consultation on the Digital Fairness Act (“DFA”), an anticipated new consumer protection law. The Commission seeks feedback on existing EU consumer protection laws and on proposals for how the DFA could address the following two problems with the existing laws, as identified through a “Fitness Check” of EU consumer law published in October 2024:

  • Lack of digital fairness for consumers. This particularly affects vulnerable groups such as minors, offering them suboptimal choices that can lead to financial harm, loss of time, negative health impacts, and indirect effects like environmental costs.
  • Unclear rules for businesses and market fragmentation. This results in increased business costs, hampers cross-border trade, leads to missed opportunities, and causes unfair competition, particularly from non-EU traders.

The Commission has also emphasized its objective to enhance the EU’s competitiveness, aiming for simplification of consumer protection rules and the removal of barriers within the EU Market. This includes efforts to achieve greater legal certainty regarding unfair commercial practices. The goal is to address enforcement deficiencies, regulatory gaps, and market fragmentation, as some Member States have regulated or are considering new regulation in these areas.Continue Reading Help Shape the New EU Consumer Protection Law: Join the Public Consultation on the Digital Fairness Act

n June 2025, the Court of Justice of the European Union (CJEU) delivered important rulings clarifying the application of the EU Unfair Contract Terms Directive (UCTD), which protects consumers from unfair standard contract terms that have not been individually negotiated. The UCTD ensures such terms are transparent, clear, and balanced; unfair terms are not binding on consumers and may expose businesses to enforcement actions.

This blog post highlights four significant cases decided in June 2025. These cases involve preliminary references from national courts to the CJEU to clarify whether national laws are aligned with EU law.Continue Reading Overview of Key CJEU Rulings on EU Consumer Protection Law of June 2025

There is an ongoing debate in Brussels about the circumstances under which AI-based safety components integrated into radio equipment are subject to the requirements for high-risk AI systems of the EU Artificial Intelligence Act 2024/1689 (the “AI Act”). The debate is particularly relevant because, if AI-based safety components are considered high-risk under the AI Act, they will be subject to a comprehensive set of regulatory requirements under the AI Act as of August 2, 2027. These requirements include risk management, data quality measures, transparency towards users, human oversight, as well as obligations relating to accuracy, robustness, and cybersecurity.

The discussion affects devices like smartphones with AI-driven emergency call features, smart home safety systems, smart home appliances and drones using AI for obstacle avoidance and emergency landing. In effect, many, if not all, of the AI-based safety components of internet-connected radio equipment could be subject to the AI Act’s requirements for high-risk AI systems.

Below we briefly outline the framework of the current debate.Continue Reading When is a Safety Component of Radio Equipment a High-Risk AI System Under the EU Artificial Intelligence Act?

On June 26, 2025, the Council and the European Parliament reached a provisional agreement on modernizing the EU’s framework for alternative dispute resolution (ADR) in consumer matters.

The current ADR framework—established in Directive 2013/11/EU (ADR Directive)—has not been amended since its adoption in 2013. As noted in our previous blog, the European Commission recognized the need to modernize the system and, on October 17, 2023, proposed a legislative package to (i) amend the ADR Directive, and (ii) repeal the Online Dispute Resolution (ODR) Regulation, which created the European Online Dispute Resolution (ODR) Platform, on the basis that this platform was infrequently used. The ODR repeal regulation was formally adopted on November 19, 2024 and the ODR Platform will be discontinued on July 20, 2025. Since then, the focus has shifted to finalizing a reformed ADR framework.Continue Reading Council and Parliament Agree on Key Reforms to the EU ADR Framework

AI chatbots are transforming how businesses handle consumer inquiries and complaints, offering speed and availability that traditional channels often cannot match.  However, the European Commission’s recent Digital Fairness Act Fitness Check has spotlighted a gap: EU consumers currently lack a cross-sectoral right to demand human contact when interacting with AI chatbots in business-to-consumer settings.  It is still unclear whether and how the European Commission is proposing to address this.  The Digital Fairness Act could do so, but the Commission’s proposal is only planned to be published in the 3rd quarter of 2026.  This post highlights key consumer protection considerations for companies deploying AI chatbots in the EU market.

AI Chatbots Cannot Be the Only Contact Channel

Under EU law–particularly the Consumer Rights Directive (“CRD”) and the eCommerce Directive–consumers must have access to traditional communication channels such as the trader’s postal address, telephone number, and email address.  The Court of Justice of the EU has made clear that consumers must be able to contact traders directly, quickly, and effectively (Case C-649/17).  While chatbots can assist, they cannot replace mandatory human contact options.

AI Chatbots as Supplementary Communication Channels

The CRD requires traders to disclose their primary contact details before concluding a contract, but does not prohibit offering AI chatbots as additional communication tools.  Where chatbots enable consumers to retain durable records of their interactions – including timestamps – traders should inform consumers about that.  Durable records are defined as information stored in a medium accessible and unalterable for future reference, such as emails or downloadable files.

In any event, certain communications, such as the acknowledgment of a consumer’s right of withdrawal, must be provided in a “durable medium,” ensuring consumers have a stable and accessible record of important contractual information.

Human Oversight and the Right to Human InterventionContinue Reading Digital Fairness Act Series: Topic 2 – Transparency and Disclosure Obligations for AI Chatbots in Consumer Interactions

On March 20, 2025, the Court of Justice of the European Union (“CJEU”) ruled on the fairness, under EU consumer protection law, of a contractual clause allocating a percentage of an athlete’s income to a professional services provider (Case C‑365/23 [Arce]).  This ruling sets an important precedent and strengthens the protection afforded by consumer protection law to minors who enter into professional service contracts, whether in sport or elsewhere.

Background

The case was referred to the CJEU by a Latvian court.  It concerns a contract whereby a company undertook to provide career support services – including coaching, training, sports medicine, sports psychology, career guidance, club contracts, marketing, legal services, and accounting – to a basketball player, who was a minor at the time and therefore represented by his parents.  In exchange for the company’s services, the athlete agreed to pay 10% of any net income (plus VAT) he would receive over a period of 15 years from the signing of the contract.  At the time of signing the contract, the athlete was not a professional.  Some years later, however, he became a professional athlete.  When the athlete refused to pay the percentage to the company, the company sued him to enforce the contract.  The Latvian courts asked the CJEU, whether it could assess the fairness of this long-term financial commitment under the Latvian legislation implementing Directive 93/13/EEC on unfair terms in consumer contracts (“UCTD”).

Application of the Unfair Contract Terms Directive

Under the UCTD, a contractual clause in a business-to-consumer contract (not negotiated by the consumer) is unfair if it causes a significant imbalance in the parties’ rights and obligations under the contract, to the detriment of the consumer.  The CJEU ruled that the UCTD, as transposed into Latvian law, applies to the contract between the professional services provider and the athelete because the athlete was not yet engaged in professional sport at the time the contract was signed.  The status of “consumer” must be assessed at the time of the conclusion of the contract.  Consequently, the athlete was a “consumer” within the meaning of the UCTD.  The CJEU ruled that the UCTD applies even if the individual later embarks on a professional career.Continue Reading CJEU Rules on Fairness of Remuneration Clause in Sports Contract

On March 21, 2025, the European Commission announced that the Consumer Protection Cooperation Network (“CPC-N”) had initiated enforcement proceedings against an online gaming company, for allegedly violating EU consumer protection laws and engaging in practices that could pose a particular risk to children.  The gaming company now has one month

Continue Reading Consumer Watchdogs Turn Their Attention to the Online Gaming Industry

On October 3, 2024, the European Commission published a report evaluating the effectiveness of existing EU consumer protection laws in protecting consumers in the digital space.  More specifically, the report assesses the effectiveness of the following three consumer protection laws: (i) the Unfair Commercial Practices Directive (“UCPD”); (ii) the Consumer

Continue Reading EU Commission Publishes Report Assessing EU Consumer Laws and Paves Way for New and Stronger EU Consumer Law for the Digital Space

Now that the EU Artificial Intelligence Act (“AI Act”) has entered into force, the EU institutions are turning their attention to the proposal for a directive on adapting non-contractual civil liability rules to artificial intelligence (the so-called “AI Liability Directive”).  Although the EU Parliament and the Council informally agreed on the text of the proposal in December 2023 (see our previous blog posts here and here), the text of the proposal is expected to change based on a complementary impact assessment published by the European Parliamentary Research Service on September 19.

Brief Overview of the AI Liability Directive

The AI Liability Directive was proposed to establish harmonised rules in fault-based claims (e.g., negligence).  These were to cover the disclosure of evidence on high-risk artificial intelligence (“AI”) systems and the burden of proof including, in certain circumstances, a rebuttable presumption of causation between the fault of the defendant (i.e., the provider or deployer of an AI system) and the output produced by the AI system or the failure of the AI system to produce an output.

Potential Changes to the AI Liability Directive

In July, news reports leaked a slightly amended version of the European Commission’s AI Liability Directive proposal to align the wording with the adopted AI Act (Council document ST 12523 2024 INIT).  The amendments reflect the difference in numbering between the proposed AI Act and the enacted version.

Over the summer, the EU Parliamentary Research Service carried out a complementary impact assessment to evaluate whether the AI Liability Directive should remain on the EU’s list of priorities.  In particular, the new assessment was to determine whether the AI Liability Directive is still needed in light of the proposal for a new Product Liability Directive (see our blog post here).Continue Reading The EU Considers Changing the EU AI Liability Directive into a Software Liability Regulation