This is the July 2020 recap issue of CDT’s monthly EU Tech Policy Brief. It highlights some of the most pressing technology and internet policy matters under debate in Europe, the U.S., and internationally, and gives CDT’s perspective on them.
European Court of Justice Invalidates EU-U.S. “Privacy Shield,” Necessitating Reform of U.S. Surveillance Law
On July 16, the Court of Justice of the European Union invalidated the legal underpinnings of the EU-U.S. Privacy Shield in the Schrems II case, holding that U.S. intelligence surveillance law does not provide safeguards sufficient under EU law to permit the transfer of EU users’ data to the U.S. “People outside the U.S. have rights that U.S. surveillance law and practice must honor. Surveillance reform has long been a human rights imperative; now, it is an economic imperative as well,” said Alexandra Givens, CDT’s President and CEO. Renewing its 2015 surveillance reform recommendations, CDT is now calling on Congress to adopt crucial reforms. Among them: prohibiting “upstream” surveillance, through which the U.S. government temporarily seizes virtually all internet-based communications flowing into or out of the U.S., and ensuring that anyone whose rights may have been violated in the intelligence surveillance context can obtain effective redress. You can find more on the ruling in our press release.
European Democracy Action Plan’s Public Consultation
The European Commission launched a public consultation on its Democracy Action Plan, open from July 15 until September 15. The purpose of the consultation is to gather input on several policy areas, including the transparency of political ads online, disinformation, and protecting media independence and pluralism. Commission Vice President for Values and Transparency, Věra Jourová, described the new plan as necessary because democracies are threatened by the quick evolution of disinformation, online manipulation, and external interference, and stressed the need for a serious European response. “Disinformation and foreign interference are a soft underbelly of our democracy, because they attack one of our dearest values – freedom of speech and the right to information,” she said. As highlighted in the Von der Leyen Work Programme 2020, the European Democracy Action Plan will be a crucial part of the “new push for European democracy” political priority, and the Commission intends to present it towards the end of 2020.
CDT Publishes New Legal White Paper: “Incorporating a Good Samaritan Principle in the EU Digital Services Act”
CDT has partnered with Joan Barata, an international expert in freedom of expression, freedom of information, and media regulation, to put forward a white paper discussing the role a Good Samaritan principle might play in the EU Digital Services Act (DSA). The principle, embodied in Section 230(c) of the Communications Act of 1934 (as amended by the Telecommunications Act of 1996), ensures that online intermediaries are not penalized for taking good-faith measures against illegal or harmful content. Contrary to the U.S. legal framework, the EU e-Commerce Directive does not adequately promote the adoption of voluntary and proactive content moderation policies by private intermediaries, but rather the opposite. The more intermediaries play an active role in monitoring the content they host, the more likely they are to find a potentially illegal piece of content. In this context, the chances of overlooking particular illegality, and therefore the risk of liability, grow significantly. In order to incentivize content moderation under the Good Samaritan principle, and thereby enable intermediaries to address problematic but lawful content on their services, the paper sets a number of recommendations for the DSA.
General Court of the European Union Annuls Commission’s Irish Tax Decision, in Favour of Apple
On July 15, the EU General Court annulled the European Commission’s 2016 decision that required Ireland to recover €13 billion received by Apple in tax benefits between 2003 and 2014 in violation of state aid rules. According to the court, the Commission did not succeed in showing that the U.S. tech giant Apple broke EU competition rules by unlawfully benefiting from state aid as part of corporate tax rulings in Ireland. European Commission Executive Vice President Margrethe Vestager commented on the matter as follows: “In previous judgments (…) the General Court confirmed that, while Member States have exclusive competence in determining their laws concerning direct taxation, they must do so in respect of EU State aid rules. The Commission will continue to look at aggressive tax planning measures under EU State aid rules to assess whether they result in illegal State aid”. The Commission can still appeal the case on legal questions vis-à-vis the European Court of Justice.
U.S. EARN IT Act Remains a Threat to Fundamental Rights and Privacy
After a Senate Judiciary Committee markup in the U.S. Congress on July 2, the EARN IT Act remains a threat to fundamental rights and the ability of all internet users to enjoy the crucial protections of strong encryption. The bill revokes Section 230 protection for internet intermediaries for a broadly defined set of state criminal and civil claims around child sexual abuse material. This change would dramatically expand the risk of lawsuits that online intermediaries will face over user-generated content, and likely hinder or eliminate their ability to provide end-to-end encryption on their services. Prior to the markup, a broad coalition of digital rights organizations published an open letter opposing the bill, calling for the Committee to postpone the markup so that interested parties can examine the proposed amendments in more detail, and work with the Committee to address potential concerns. CDT joined the initiative and will continue to address the risks of the EARN IT Act.
CDT, Other Human Rights Advocates Organize Online Workshop on Notice and Action and Systemic Oversight Frameworks in the DSA
Together with the Global Network Initiative, Article 19, and Daphne Keller from the Stanford Cyber Policy Center, CDT organized an online workshop addressing key questions around the notice and action and systemic oversight frameworks in the Digital Services Act (DSA). The event involved policymakers from the European Commission and European Parliament deeply engaged in the DSA dossier. In the first section, the speakers presented an overview of the existing different notice and action models across Europe, summarizing key issues relating to automation and monitoring. They outlined the main systemic oversight approaches and potential consequences for notice and action, content moderation practices, fundamental rights, and competition. The second part involved an in-depth discussion with the policymakers addressing the tensions arising among those different approaches, as well as the necessity to establish efficient safeguards for protecting freedom of expression and other fundamental human rights.