EU Tech Policy Brief: March 2019 Recap
Written by Jens-Henrik Jeppesen
This is the March 2019 recap issue of CDT’s monthly EU Tech Policy Brief. It highlights some of the most pressing technology and internet policy issues under debate in Europe, the U.S., and internationally, and gives CDT’s perspective on them.
Terrorist Content Online Regulation: LIBE Committee looking at core problems
The European Parliament’s Civil Liberties Committee postponed its vote on the proposed Terrorist Content Online Regulation. MEPs are taking more time to debate several important issues that Member States and the Commission did not give sufficient attention. These include: definition of terrorist content, scope of providers and services covered by the Regulation, deadline for compliance with removal orders, conditions for appointing Competent Authorities, and whether the Regulation should empower them to impose mandatory proactive measures. These are concerns CDT raised in a letter to MEPs, co-signed with several NGOs and industry groups. They were also raised by UN Special Rapporteur on Counter Terrorism and Fundamental Rights Fionnuala Ní Aoláin at a debate CDT co-hosted, and we highlighted them at a Parliament debate hosted by MEP Daniel Dalton and the European cloud infrastructure provider association CISPE.
DSM Copyright Directive: Directive adopted, including Articles 11 and 13
On 26 March, the European Parliament adopted the controversial DSM Copyright Directive. The close vote (348 for, 274 against) reflected the controversy on Articles 11 and 13. However, had MEPs been able to vote on each of the two Articles before voting on the Directive as a whole, the outcome might have been different. Council looks set to approve the Directive shortly, and despite Parliamentary debates in Germany and Sweden, it is unlikely that final adoption will be delayed. Member States have two years to transpose the Directive. Implementations will inevitably differ significantly from Member State to Member State. The French Government has already announced that it aims to implement pervasive deployment of content recognition technology as a matter of priority. Comments by Commissioner Güenther Oettinger (responsible for the DSM Copyright Directive when it was proposed) also indicated that platforms will likely have to deploy filtering technology in order to comply with the requirements of the Directive.
In short, much uncertainty lies ahead with regard to the impact of the controversial articles on upload filtering and publishers’ rights. CDT and other groups working to preserve the internet as an open space for innovation and expression will need to engage actively in the implementation process.
Intermediary Liability: UK to enact an online ‘duty of care’ for content hosts?
The UK government is set to publish a White Paper on ‘online harms’ in the coming weeks. The House of Lords recently concluded that new regulation on internet services is necessary, and should be overseen and enforced by a new internet regulatory body. The report echoed the position taken by the House of Commons in their Final Report on Disinformation and Fake News’. A series of blog posts, issued by UK academics, spell out how duty of care concepts known from the offline world might be applied to online services. CDT will engage actively in this discussion. It is crucial to ensure that policy initiatives aimed at ‘reducing online harms’ are very carefully and narrowly targeted to very specific types of behaviours, and that they are based on solid evidence of actual harm. Vigilance is essential to ensure new approaches to online content do not lead to the censorship of lawful speech.
CDT Joins Transatlantic Working Group on Free Expression and Online Content Moderation
CDT has joined a transatlantic working group of academics, experts, policy makers, industry and NGO representatives to work towards policy solutions that maintain and protect free expression while tackling challenges posed by various types of illegal or potentially harmful content. The Group is led and funded by the Annenberg Public Policy Center and the Amsterdam University Institute of Information Law. This multi-stakeholder project will examine legislative and policy approaches taken in different countries, and assess their impact on free expression and access to information. CDT believes it is essential to think carefully about the impact on free expression of the proliferation of initiatives to curb the spread of objectionable content.
Disinformation, Election Integrity, EU ‘Code of Practice’
There is ongoing debate on the EU’s strategy on disinformation in the run-up to the European Parliament elections, in particular on the implementation of the disinformation Code of Practice. The principal social media platforms signed on to the code of practice, and reported on progress at the end of January for the first time. On 20 March, the Commission received new progress reports from the signatories. One of the core commitments in the code is to provide maximum transparency about political advertising on internet-based services. CDT co-signed an open letter with the Mozilla Foundation requesting that Facebook increase efforts in this regards, something Facebook subsequently committed to doing.
GDPR Implementation Update
Almost a year since the GDPR entered into force and with the ePrivacy Regulation approaching, data protection authorities (DPAs) and courts are enforcing and interpreting key provisions. One is the meaning of “valid consent” when service providers use pre-ticked boxes in cookie banners. The CJEU Advocate General concluded in the Planet49 case published on 21 March that consent is not valid “where the storage of information, or access to information already stored in the user’s terminal equipment, is permitted by way of a pre-ticked checkbox which the user must deselect to refuse his consent and where consent is given not separately but at the same time as confirmation in the participation in an online lottery.” In another case, the Dutch DPA ruled that cookie walls are not allowed. That is to say, websites cannot impede access when users refuse to accept tracking cookies.