On December 22, the Portuguese Ministers’ Council approved a new regulation that will progressively put an end to golden visas, first in the metropolitan areas of Lisbon and Oporto, and, from July 2021 onwards, in the entire coast regions of Portugal. In the future, this residency permit will only be granted in the inland regions of Portugal, as well as in the autonomous regions of Madeira and Azores. This means that foreign investors intending to acquire a Portuguese residence permit will have to do so investing in real estate outside the country’s major cities.

The change will enter into force on July 1, 2021, but between 2021 and 2022 there will still be a transitional period during which the application of these new rules will be progressive, in the sense that the required investment amounts in metropolitan areas will be progressively higher and the possibility of application in these areas will be reduced over time. These investment amounts, however, have not yet been revealed.

This measure was included in the State Budget for 2020, but, because of the COVID-19 pandemic, has been postponed, and returns now slightly modified, in the Portuguese government’s view, to keep up with the economic recession the country is presently going through.

The Council of Ministers’ press release mentions that the purpose is to promote and increase foreign investment in the interior and low-density regions of Portugal, mainly in “urban requalification, cultural heritage, activities of high environmental or social value, productive investment and job creation".

This decision worries most real estate market players who fear it will push foreign investors away from Portugal and to other countries where there are no restrictions.

The Portuguese Association of Real Estate Promoters and Investors said the end of golden visas in Lisbon and Oporto means the loss of €700 million in investment per year by the National economy.

1. The first two ‘hub-and-spoke’ decisions

For the first time, the Portuguese Competition Authority (Autoridade da Concorrência – ‘AdC’) issued not one but two decisions on ‘hub-and-spoke’ arrangements in alcoholic and spirit beverages market imposing a total fine of circa €304 million  – the largest fine ever imposed by AdC –  against six large food retail chains.

Both cases now fined are not the first ‘hub-and-spoke’ cases investigated by AdC. The large retail chains sector is a key-sector on the watchdog of AdC. During 2017, AdC carried out dawn-raids into the premises of 44 entities and from which would result the opening of 16 proceedings, mostly against large retail chains.

Currently, investigations have led to seven statement of objections for “hub-and-spoke” arrangements, including the one issued a week ago. Last week, AdC had issued a statement of objections against three of the six large food retail chains now fined – Modelo Continente, Pingo Doce and Auchan – for another ‘hub-and-spoke’ arrangement in cosmetics and personal care products market.

In the first decision, AdC considered that the six large food retail chains Modelo Continente, Pingo Doce, Auchan, Intermarché, Lidl and E. Leclerc (the spokes) used the commercial relationship with the supplier (the hub) Sociedade Central de Cervejas (‘SCC’) – which commercializes, among others, beers Sagres and Heineken, ciders, such as Bandida do Pomar and sparkling water such as  Água do Luso – to progressively increase their prices in the retail market. A SCC board member and a business unit director of Modelo Continente were also fined by AdC.

The AdC’s investigation concluded that the distributors and the supplier concerted prices between 2008 and 2017, that is, for more than nine years, at the consumers’ expense.

In the second decision, AdC fined the same four large food retail chains (Modelo Continente, Pingo Doce, Auchan and Intermarché), as well as Lidl and Cooplecnorte (E. Leclerc), for concerting  prices, through the spirits supplier Primedrinks, in various alcoholic and spirit beverages, including wines from Esporão and Aveleda producers, whiskies such as The Famous Grouse or Grant´s, Hendrick’s gin or Stolichnaya vodka. This ‘hub-and-spoke’ arrangement occurred between 2007 and 2017, that is, more than 10 years.

Although ‘hub-and-spoke’ arrangements differ from traditional horizontal cartels in the lack of direct communication between the horizontal competitors, the adverse market effects may be similar – both may result in a hard-core price-fixing cartel, through a common supplier, thus restricting price competition between players and depriving consumers from price differentiation.

Under the current two decisions, AdC imposed, other than fines, the undertakings to immediately cease the ‘hub-and-spoke’ arrangements, as AdC was not able to rule out whether the investigated practices would continue.

2. How does a ‘hub-and-spoke’ work?

‘Hub-and-spoke’ arrangements are horizontal restrictions on the supplier or retailer level (the ‘spokes’), which are carried out through vertically related players that serve as a common ‘hub’ (e.g., a common retailer or service provider). The hub enables the coordination of competition between the spokes without direct contacts between the spokes, as shown below.

On 25 November 2020, the European Commission (EC) published a proposal for Regulation on European Data Governance (the Data Governance Act), which will set out a new legal framework to promote the development of common European data spaces: a Single Market for data.

The Data Governance Act is the first set of measures announced in the 2020 European Strategy for Data, and that it was followed by a public consultation carried out between February and May this year. EC also released a Questions & Answers document and a Factsheet on European data governance, alongside the Data Governance Act.

The Data Governance Act is the cornerstone of the EC’s Data Strategy, which targets a set of changes on digital regulatory and antitrust matters, including: (i) the EC’s white paper on artificial intelligence and consultations on the Digital Services Act package; (ii) a ‘New Competition Tool’ (NCT) to allow the EC to examine and make changes in market structure; and (iii) the EC notice on market definition.

Following the Data Governance Act, reviewed in Part One of this article, EC published two important legislative proposals on 15 December 2020: the Digital Services Act (DSA) and the Digital Markets Act (DMA), which are reviewed in Part Two.

Additional legislative proposals, particularly changes to the EC’s enforcement of European Union (EU) competition rules, are also expected in early 2021, and they will be addressed in due course.

Part One – Proposal for a Regulation on European data governance

The Data Governance Act proposes to establish nine common European data spaces for data sharing and pooling in strategic and critical domains, including health, environment, energy, agriculture, mobility, finance, manufacturing, public administration and skills.

For this purpose, the Act establishes three main goals:

  • Sharing of public sector data: establishing a mechanism to promote the sharing and re-use of certain categories of data held by public sector bodies in EU;
  • Data sharing service providers: creating a new notification and supervisory framework for the provision of data sharing services; and
  • ‘Data altruism’: ‘data altruism’ means individuals or businesses voluntarily consenting to the use of data (personal and non-personal) for altruistic purposes (e.g., for scientific research or improving public service). A new framework will enable entities that collect, and process data made available for altruistic purposes to be qualified for voluntary registration upon fulfilment of some requirements and be recognized as ‘Data Altruism Organizations’.

A new formal expert group is also to be created, the European Data Innovation Board, composed by EC, the European Data Protection Board, and relevant local authorities, with powers to ensure a consistent application of the Data Governance Act across all Member States, including cooperation between local relevant authorities.

Sharing of public sector data

The Data Governance Act establishes a set of common basic conditions for sharing and re-using certain categories of protected public sector data, namely personal data, data covered by intellectual property rights or confidentiality and that hence fall outside the scope of the 2019 Open Data Directive.

The Data Governance Act does not intend to create a right to re-use such data, but instead sets out the conditions under which public bodies (not including State-owned businesses or ‘public undertakings’) must comply when dealing with re-use of data.

These conditions, which must be non-discriminatory, proportionate and objectively justified, may include: (i) to re-use anonymized or pseudonymized data only; (ii) that the data only be disclosed under the EU General Data Protection Regulation (GDPR); or (iii) to delete commercially confidential information, including trade secrets. Exclusive agreements for re-using data must be avoided, except when necessary for the provision of a service of general interest and must be awarded under EU public procurement and State aid rules and for periods up to three years.

EC may impose further conditions on the re-use of highly sensitive non-personal data (that is, data that is not covered by GDPR), and on data transfer to third countries.

Data sharing service providers

The Data Governance Act creates new rules addressed to intermediaries between data ‘holders’ (data subjects) and data users – the so-called ‘data sharing service providers.’

Data sharing service providers will be obliged to submit a prior notification to the relevant local authority (to be appointed by each Member State and empowered to monitor compliance with new rules, including cooperate with other sectoral authorities).  

The provision of data sharing services will have to fulfil specific requirements: (i) the collected data cannot be used for other purposes, and any metadata can be only used for the provision of that service; (ii) data sharing services must be provided by a separate legal entity from other services; (iii) data interoperability; (iv) services providers must act under a fiduciary duty towards data subjects; (v) adequate security safeguards must be in place; and (vi) service providers, which are not established within EU, must have to appoint a legal representative in one of the Member States.

‘Data altruism’

The Data Governance Act provides a legal framework for voluntary registration of entities that collect, and process data (personal and non-personal data) made available for altruistic purposes. In order to qualify for registration, a data altruism organization must fulfil certain criteria, including being a non-profit organization. Data altruism organizations that are not established in EU must appoint a legal representative in EU. Each Member State must appoint one or more local authorities to keep the register of data altruism organizations and monitor compliance with the requirements applicable to data altruism organizations.

Part Two – the Digital Services Act and the Digital Markets Act

As part of the European Digital Strategy, Shaping Europe’s Digital Future, DSA and DMA will address new challenges that have surfaced with digital developments. At the same time, these Acts will ensure users, consumers and businesses to continue to benefit from digital developments. DSA and DMA have two main goals:

  • To create a safer digital space in which the fundamental rights of all users of digital services are protected (DSA’s goal); and
  • To establish a level playing field to foster innovation, growth, and competitiveness, both in the European Single Market and globally (DMA’s goal).
Digital Services Act (DSA)

DSA establishes a set of new, harmonized EU-wide obligations for digital services that connect consumers to goods, services, or content, ranging from simple websites to internet infrastructure services and online platforms.

The DSA’s rules mainly concern online intermediaries and platforms, such as online marketplaces, social networks, content-sharing platforms, app stores as well as online travel and accommodation platforms.

The new obligations are addressed according to services’ size and impact. Platforms that reach more than 10% of the EU’s population (45 million users) are considered systemic in nature and will be subject to a new control framework and specific obligations to control their own risks.

In a nutshell, DSA includes:

  • Rules for the removal of illegal goods, services or content online and safeguards for users whose content has been erroneously deleted by platforms;
  • New obligations for very large platforms to take risk-based action to prevent abuses;
  • Wide-ranging transparency measures, including on online advertising and on the algorithms used to recommend content to users;
  • New powers to examine how platforms work, including upon facilitating access by researchers to key platform data; and
  • New rules on traceability of business users in online marketplaces, to help track down sellers of illegal goods or services.

This new accountability framework will be followed by an innovative cooperation network of public authorities – board of national ‘Digital Services Coordinators’ – with special powers in supervising very large platforms including the power to sanction them directly.

Digital Markets Act (DMA)

DMA is addressed to gatekeepers of ‘core platform services’, e.g., social networking, video-sharing platforms, communication services, operating systems, clouds, and advertising, with (i) a systemic role in the internal market and that (ii) function as bottlenecks between businesses and consumers. These criteria will be met if a company has:

  • A strong economic position, significant impact on the internal market and is active in multiple EU countries – presumed so if the annual turnover equals or exceeds €6.5 billion or the market capitalization equals or exceeds €65 billion;
  • A strong intermediation position, meaning that it controls an important gateway for business users towards final consumers – presumed so whenever their services count with more than 45 million monthly active users and 10,000 yearly active users in the previous year; and
  • An entrenched and durable position in the market, meaning that it is stable over time – presumed so if the two criteria above have lasted the past three years.

Despite these presumptions are rebuttable, service providers must, in any case, notify the EC if they meet the thresholds above. If defined as a “gatekeeper”, companies will have to comply with a clearly defined set of obligations and prohibitions, including:

  • Prevent to treat services/products offered by the gatekeeper itself more favorably in ranking than similar services/products offered by third parties on the gatekeeper's platform;
  • Ensure interoperability with the gatekeeper’s platform to third parties;
  • Share, in compliance with privacy rules, data that is provided or generated through business users' and their customers' interactions on the gatekeepers' platform;
  • Provide companies advertising on their platform with the tools and information necessary for advertisers/publishers to carry out their own independent verification of their advertisements hosted by the gatekeeper;
  • Allow their business users to promote their offer and conclude contracts with their customers outside the gatekeeper’s platform;
  • Prevent consumers from un-installing any pre-installed software or app if they wish so.

In case of infringement of the DMA’s rules, gatekeepers may be subject to fines up to 10% of the company’s total worldwide annual turnover, and periodic penalty payments up to 5% of the average daily turnover. In case of systematic infringements, additional remedies may be imposed, including, non-financial remedies, e.g., the divestiture of (parts of) a business.

Next steps

The Data Governance Act, DSA and DMA will be discussed and passed by the European Parliament and the Council of Ministers in the ordinary legislative procedure. Once approved, which should occur until at least the third quarter of 2021, they will be directly applicable across the EU.

The far-reaching nature and characteristics of DSA and DMA suggest that these statutes may set the benchmark for digital services globally, similarly to what GDPR meant to privacy laws worldwide.


Macedo Vitorino launched a new edition of its 2020 edition of its «Why Portugal Report» today.

2020 has been a year of difficult challenges, lock downs and remote working. Families and businesses had to adapt to live in the midst of a prolonged pandemic. Covid-19 was responsible for the loss of many lives, jobs, the collapse of businesses and many changes the way we work and interact. This is also a reason to ask the question: Why invest in Portugal?

«Why Portugal 2020 – Doing Business in Portugal» answers this question by providing key information for business people who consider investing in Portugal: how to start and organize a company, what are the rules of employment, the tax system, intellectual property, real estate and solving legal disputes.

"We are pleased to present a new release of our investor guide. The 2020 edition of the WhyPortugal report marks Macedo Vitorino’s capability, like so many other law firms and businesses, of working in adverse conditions," said António Vitorino, the partner in charge of the WhyPortugal project since its start in 2013.

"Despite the pandemic or because of it we must double our efforts in promoting investment " added António Vitorino. "These are difficult times for all, but we know that in exceptional circumstances people with long term views can thrive. We must look ahead and do our business."

This guide reviews the main aspects to be considered by foreign investors looking at Portugal as a place to invest, such as how to set up  a business,government incentives,employment,tax system,intellectual property protection andjudicial system.

Visit us at«Why Portugal 2020 – Doing Business in Portugal»

The Portuguese Competition Authority (Autoridade da Concorrência – ‘AdC’) issued a statement of objection against three major supermarket chains, Modelo Continente, Pingo Doce and Auchan, and the supplier of cosmetics and personal care products, Beiersdorf, for a potential ‘hub-and-spoke’ arrangement.

‘Hub-and-spoke’ arrangements are horizontal restrictions on the supplier or retailer level (the ‘spokes’), which are carried out through vertically related players that serve as a common ‘hub’ (e.g., a common retailer or service provider). The hub enables the coordination of competition between the spokes without direct contacts between the spokes.

In this case, AdC considered that Modelo Continente, Pingo Doce and Auchan (the spokes) used the commercial relationship with the supplier (the hub) Beiersdorf – which markets, among others, the Nivea, Harmony, Hansaplast and Labello brands – to align the retail prices of most cosmetics and personal care products, to the detriment of consumers.

‘Hub-and-spoke’ arrangements differ from traditional horizontal cartels in the lack of direct communication between the horizontal competitors, even though the adverse market effects may be similar – both may result in a hard-core price-fixing cartel to detriment of consumers. Unlike in horizontal cartels, the strategic nature of information exchanged between suppliers and retailers (which could be a necessary pro-competitive practice) cannot be the ultimate criterion for an unlawful ‘hub-and-spoke’ arrangement.

In fact, it can be challenging to set boundaries between legitimate exchanges and indirect horizontal collusion and be required to go as far as exchanges about forward-looking pricing information and find evidence of the players’ purpose of undertaking an indirect horizontal collusion. The following potential issues could arise: (i) the ‘hub-and-spoke’ evidence (e.g., retail price setting/alignment, control and monitoring of retail prices, retail price deviation corrections); (ii) the legal framework of the arrangement, depending on either it is an horizontal or vertical arrangement; (iii) the means used to carry out the anticompetitive practice, e.g. Resale Price Maintenance agreements (RPM); and (iv) the purpose and awareness of the involved players.

The current case is not the first ‘hub-and-spoke’ case investigated by AdC. In the large retail chains sector, this recent case adds up to six other cases in place and for which statements of objection were also issued in March 2019, and June and July 2020. In the large retail chains sector, which is a key-sector, AdC is pursuing above ten investigations, some of which are still under legal secrecy and that should see further developments next year.

In addition, considering an increased use of pricing related tools, e.g. online platforms, third-party algorithms, online price monitoring and adjustment tools, which can enable ‘hub-and-spoke’ arrangements, it is likely that the current legal framework and enforcement means will need improvement to address these risks in a near future.

The Portuguese Competition Authority (AdC) imposed their highest sanction ever applied on a single company for violation of competition rules. MEO, the Altice group incumbent telecom company in Portugal, was sentenced to pay a €84 million fine for engaging in pricing strategies and market sharing with Nowo regarding mobile and fixed communication services. In addition to the fine, and as an ancillary penalty, AdC also publish an excerpt from the condemnatory decision.

AdC reported that MEO and Nowo made an anti-competitive arrangement after entering into a MVNO (Mobile Virtual Network Operator) contract. Through this arrangement, Nowo “committed itself not to launch mobile services outside the geographical areas where it provided fixed services, in order to not compete with MEO in Lisbon and Oporto", causing an increase in prices and a decrease in the service quality provided, as well as restrictions on the geographical availability of services, which affected Portuguese consumers negatively.

Nowo also agreed not to provide mobile services at €5 or less or at prices lower than the ones charged for similar market offers. In return, MEO would provide better conditions in the MVNO contract with Nowo, especially in regard to its prices, infrastructure use and solving of operational problems.

This agreement prevailed at least from the beginning of January until the end of November 2018, when Nowo reported the situation and AdC carried out a search and seizure procedure at both companies’ facilities. As a consequence, Nowo was waived from the payment of any fine thanks to the leniency application it filed. Portuguese leniency rules allow a waiver or reduction of fines in cartel cases, with the first company to report a cartel in which it has participated becomes eligible for a waiver, and the next reporting ones may benefit from a reduction of the fine.

It is likely that MEO will appeal from this decision. AdC's decisions are appealable to the Competition, Regulation and Supervision Court.

The Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados – “CNPD”) has recently issued guidelines on the processing of health data following the new (partial) lockdown. CNPD identifies some potential inconsistencies on Decree 8/2020, 8 November 2020, ruling the new lockdown, with the General Data Protection Regulation (GDPR), regarding body temperature control, SARS-CoV-2 diagnosis tests and other measures to strengthen the disease tracing.

Currently, to access workplaces, public transports, public institutions, prisons, etc., body temperature control is allowed only if non-invasive means are used. CNPD clarifies that digital devices controlling the body temperature carry out electronic processing of personal data – body temperature – are subject to GDPR. Although it is forbidden to record body temperature by identifying the person involved, the fact is that such person may be identifiable and hence this processing is not excluded from the application of GDPR.

Health data is a special category of personal data. To be lawful, the processing of health data must be used in preventive or occupational medicine, to access the working capacity of employees, medical diagnosis by a professional under professional secrecy duty or another person subject to a confidentiality duty.

When stating that the temperature control may be carried out by an employee, the lockdown regulation does not safeguard individuals’ rights, since the employee involved is not subject to a confidentiality duty, says CNPD.

As to the diagnosis tests, CNPD says the test must be carried out by a health professional under professional secrecy. Regarding test results, the privacy of the individuals must also be shielded to avoid stigma and discrimination against  who tested positive. It will be crucial to define the procedures following a positive test.

Regarding disease tracing measures, which are reinforced, if the tracing is not carried out by a health professional, CNPD points out the need to bind this person to a specific duty of confidentiality. Otherwise, individuals from whom health data is collected will be treated in a different way, depending on whether the person collecting their data is under a secrecy duty.

The above measures must be implemented in compliance with GDPR, which continues to apply, even if the current situation is exceptional. Otherwise, heavy fines may be applied by the supervisory authority. The only exceptions allowed should be those set out in GDPR.

ANACOM, the Portuguese telecoms regulator, released yesterday the rules of the auction procedure for 5G spectrum and other relevant bands (700 MHz, 900 MHz, 1800 MHz, 2.1 GHz, 2.6 GHz and 3.6 GHz) (5G Regulation). It also announced that the auction will be launched this month of November.

The 5G Regulation lays down the conditions for access to the spectrum that will be made available to the market, the procedural rules for the auction and the conditions that will be associated with the use of the spectrum that will be awarded to operators.

Although there are some differences, these conditions do not differ substantially from those in the draft regulation released in March this year that raised strong negative reactions from three mobile operators in Portugal. NOS has already announced that they will take the case to court and to the European Commission to stop the 5G Regulation from becoming effective.

Yesterday, the 5G Regulation was published in the official gazette. The Portuguese Government approved the 5G Regulation as released by ANACOM, which means that if NOS does not succeed in their intentions, the auction will be closed in January and the first commercial 5G offers may be in the market in the beginning of 2021.

We will publish in the coming days an in-depth analysis on the 5G Regulation. In the meantime you can read here our review of the ANACOM draft regulation published in February.

Following the declaration of public calamity in Portugal due to Covid-19 pandemic, he Portuguese Government adopted new measures, including the return of mandatory telework, along with  new rules regarding the organization of working time.

The new rules are the following:

Municipalities with great epidemiological focus
  • Obligation to adopt remote work, whenever the job in question allows it.
Other municipalities
  • Possibility of adopting remote work, under the Terms of the Portuguese Labor Code, by agreement between the parties;
  • Obligation to adopt remote work if the employee requests it, in the following scenarios:

a) If the employee is immunosuppressed and chronically ill, provided that such condition is proven by a doctor;

b) If the employee is a disabled person or has a debilitated in 60%, or more, of their capacity;

c) If the employee is a parent of children or other dependents under 12 years old, or, regardless of age, with a disability or chronic illness, who are unable to attend classes and other educational activities in person;

d) If the employer does not comply with the guidelines of the Portuguese Health Agency (“Direção Geral de Saúde”) and the Portuguese Labor Agency (“Autoridade para as Condições do Trabalho”) in the workplace (e.g. physical distance between workers).

If it is not possible to adopt remote work under the terms of the Portuguese labor law, specific work organization measures may be implemented, among them:

  • Staff rotation between remote work and workplace attendance, which may be daily or weekly;
  • Different working schedules regarding employees ‘entry and exit, breaks and meals.

The new rules come into force on November 4th and last until the November 19th.

Following the set of measures enacted under the COVID-19 pandemic, a proposal to amend the Extraordinary Support for Progressive Resumption was approved by the Council of Ministers, aiming at reinforcing the aid to the companies affected by the pandemic crisis.

The main changes proposed to improve the measures already adopted through the Decree-Law nº. 46-A/2020 of 30 July are the following:

(i) New percentages of reduction of the normal working period

Different from the regime currently in force that only allows a maximum reduction of the normal working (NWP) period up to 60% for companies with a break in invoicing equal or superior to 60%, the new proposal establishes the possibility for companies with a break in invoicing equal or superior to 75% to reduce the NWP up to 100%. The worker is always guaranteed the minimum of 88% of the retribution, assuring the Social Security the payment of 100% of the compensation. For companies that record a drop in invoicing equal to or greater than 75%, a partial exemption of 50% of the employer's contribution to Social Security is also provided.

(ii) New concept of “business crisis”

The regime now includes companies with the following breaks in invoicing in relation to the same month of the previous year or in relation to the monthly average of the two previous months:

  • Break in invoicing ≥ to 25%: reduction of NWP up to 33%;
  • Break in invoicing ≥ to 40%: reduction of NWP up to 40%;
  • Break in invoicing ≥ to 60%: reduction of NWP up to 60%;
  • Break in invoicing ≥ to 75%: reduction of NWP up to 100%;

(iii) Increased support for training

The proposed amendment to the law also establishes an increase in the value of the training program. On the one hand, the amount currently foreseen for the employer is increased from €66.00 to €132.00. On the other hand, as far as the employee is concerned, the amount is increased from €66.00 to €176.00.

In short: the new proposal of law is aimed at increasing support to sectors in greatest difficulty, expanding access to more employers, reinforcing incentives for training, and providing complementary support for employers.