CJEU Confirms – No General Data Retention Allowed

On 21 December 2016, an important decision came from the Court of Justice of the European Union (CJEU). In joined cases, C-203/15 Tele2 Sverige AB v Post-och telestyrelsen and C-698/15 Secretary of State for the Home Department v Tom Watson and Others, (full case and press release) the court ruled against general data retention while allowing it in specific and controlled conditions. It said:

EU law precludes a general and indiscriminate retention of traffic data and location data, but it is open to Members States to make provision, as a preventive measure, for targeted retention of that data solely for the purpose of fighting serious crime, provided that such retention is, with respect to the categories of data to be retained, the means of communication affected, the persons concerned and the chosen duration of retention, limited to what is strictly necessary. Access of the national authorities to the retained data must be subject to conditions, including prior review by an independent authority and the data being retained within the EU.

The present judgment is a continuation of a saga that goes back to September 11, 2001. In the wake of the attacks on the United States, the governments on both sides of the Atlantic introduced measures to combat the perceived threat of terror. Among these measures were the EU 2006 Data Retention Directive. The directive required storing of telecommunications data for a period between 6 and 24 months. The data stored was ‘metadata’, i.e. information on what was accessed on the Internet or what telephone numbers have been dialled and when, not the actual copies of information.

In joined cases C-293/12 and C-594/12 Press and Information Digital Rights Ireland and Seitlinger and Others (press release available here), the Court declared the Directive to be invalid, saying that it

entails a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary

The main argument for invalidation was that the Directive was not compatible with the European Convention on Human Rights (ECHR). The result was only that the 2006 Directive had been made invalid, but nothing specific was said about whether Member States’ data retention laws are incompatible with other EU laws.

Following the invalidation of the 2006 Directive, a number of Member States retained laws that operated, essentially, on the basis of the Directive. In Sweden, the law required operators of electronic communications services to retain traffic and location data while laws in the UK required data retention for periods up to 12 months. The two joined cases referred to here relate to Swedish and UK laws, respectively.

Since the directive which provided a basis for data retention had been made invalid, the fallback provision is Article 15 of the ePrivacy Directive, which allows for rules of the 1995 Data Protection Directive to be derogated from when required by “national security (i.e. State security), defence, public security, and the prevention, investigation, detection and prosecution of criminal offences”. The question referred to CJEU by the Swedish court asks, essentially, whether general data retention obligation (i.e. an obligation to retain all data, without a specific purpose of threat) is compatible with Article 15 and with Articles 7 and 8 and Article 52(1) of the Charter of Fundamental Rights. If the answer is no, the second question asks whether retention may be, nevertheless, permitted in certain specific cases (“targeted retention”). The UK court’s reference is conceptually slightly different. It is asking if the 2014 Digital Rights Ireland judgment (invalidating the 2006 Directive) also introduces “mandatory requirements of EU law applicable to a Member State’s domestic regime governing access to data retained in accordance with national legislation, in order to comply with Articles 7 and 8 of the Charter.”

The Court ruled that Article 15 of the ePrivacy Directive, read in light of Article 7, 8 and 11 of the Charter, precludes

general and indiscriminate retention of all traffic and location data of all subscribers and registered users relating to all means of electronic communication.

Ruling on where and how such retention may still be legal, it said that this is so

where the objective pursued by that access, in the context of fighting crime, is not restricted solely to fighting serious crime, where access is not subject to prior review by a court or an independent administrative authority, and where there is no requirement that the data concerned should be retained within the European Union.

In other words, general data retention is illegal, specific data retention is allowed in cases where serious crime fighting requires so, where there is judicial oversight and where such data is not transferred out of the EU.

The main position of the Court is that, absent specific legislation on data retention, the provisions of the ePrivacy Directive must be interpreted narrowly. In analysing the case, the Court pointed out that the conditions of Article 15 of the ePrivacy Directive are exhaustive. Any derogations from the rules protecting privacy must apply only in so far as is strictly necessary. Only the objective of fighting serious crime justifies derogations from general data protection requirements and then only with proper court oversight. Since general data retention does not contain a proper link between data retained and a threat to public security, such retention does not satisfy the conditions. The Court does not preclude data retention in general but allows targeted retention under the conditions discussed.

There is no doubt that the most important point that the CJEU is making is that proper judicial oversight is needed in all cases where government proposes to undermine basic constitutional rights and EU-based privacy rules. As such, the decision is not surprising and is a continuation of the arguments put forward in the Digital Rights case. The decision will have significant impact on the just-adopted UK 2016 Investigatory Powers Bill, which has been heavily criticised.

Advertisements

EU Consumer Summit 2016 – to What Extent is EU Consumer Law in Need of Reform?

The EU prides itself on having robust consumer laws. This is a result of decades-long development and a intelligent but gradual changes in policy direction. The legislation is comprehensive, covering a range of consumer situations and is slowly drifting towards full harmonisation. The key laws in this area are the 2011 EU Consumer Rights Directive, the 2005 Unfair Commercial Practices Directive and the 1993 Directive on Unfair Terms in Consumer Contracts. Both the 2011 CRD and the 2005 UCP directives are full harmonisation instruments.

Contrary to many other areas of EU, cyberlaw which are currently subject to comprehensive reviews (in particular privacy, copyright and telecommunications), consumer law is not in need of fundamental reform, a sentiment which the EU officials repeat often. The 2016 EU Consumer summit takes place in the sign of the EU’s REFIT program, which is an initiative to make EU laws simpler and less costly. As part of the REFIT, the Commission is conducting a “Fitness check”, which is a comprehensive policy evaluation aimed at making sure that legislation is fit for purpose. The result will not be the scrapping of present laws but their gradual adjustment. The 2016 Fitness check of EU consumer laws will be complete by May 2017.

The Fitness check covers the following directives:

• Directive 2005/29/EC, Unfair Commercial Practices Directive

• Directive 1999/44/EC, Sales and Guarantees Directive

• Directive 93/13/EEC, Unfair Contract Terms Directive

• Directive 98/6/EC, Price Indication Directive

• Directive 2006/114/EC, Misleading and Comparative Advertising Directive

• Directive 2009/22/EC, Injunctions Directive

During the summit’s opening session, some key points have been put forward:

  • First, three areas which the Commission itself believes action ought to be taken in are: the 1) simplification of consumer requirements, 2) commercial practices and contract terms and3) effectiveness of the injunctions procedure.
  • Second, consumer protection as a policy goal ought to be at least as important as increased growth or competitiveness (Evelyne Gebhardt, MEP).
  • Third, there is a belief that, because consumers are usually not familiar with their rights, these may as well be scrapped. Instead, better education and increased enforcement ought to lead to better understanding among consumers and more trust (Evelyne Gebhardt, MEP).
  • Fourth, the biggest weakness in the present framework are problems with enforcement and compliance. Improving EU laws, therefore, does not mean more laws but better enforcement of present laws (Monique Goyens, BEUC).
  • Fifth, small and medium enterprises have not influenced the creation of the EU consumer acquis in the 90s and ought to play a more prominent role (Luc Hendrickx, UEAPME).

The workshops on the three issues presented reported as follows:

  • The first workshop concluded that 2011 Consumer Rights Directive is adequate and full harmonisation of information requirements should be maintained. Improvements can be made by avoiding duplication of information, better enforcement of existing rules, and better presentation of information. Transparency of information requirement for platforms should be improved, plain language used and less technical info provided. Price indication also needs to be improved.
  • The second workshop looked at UCP Unfair Contract Terms directives and concluded that there is support for an EU-wide black-list backed by principles, as is presently the case, but also indicated a need for improvement in a number of areas. Among others, this included a need for harmonised civil remedies, better enforcement, and streamlined information requirements. The workshop also recommended extension of UCP Directive to B2B transactions, which would particularly benefit SME enterprises.
  • The third group looked at the effectiveness of the injunctions procedure. It concluded that national varieties of the injunction procedure are working well. On the other hand, improvements could be made in reducing costs and clearer minimum standards.

Overall, someone following the debate would conclude not only that EU consumer acquis is not in need of a thorough reform but could also hear very specific suggestions about how it could be fine-tuned. This author agrees but cannot escape the impression that some of the important dilemmas have not been addressed.

First, to what extent is data protection legislation not just a complement to consumer laws but their replacement? The significantly stricter data protection rules might achieve what poorly enforced consumer protection rules do not. Second, little was said about alternatives and soft law. While enforcement of consumer law is a long-term problem, the issue is also about alternatives to solutions which do not work. Since we know that legally mandating the display to consumers of the endless terms-of-use which they do not read does not work, what alternative solutions might we find? We need to learn from the industry examples that work and this requires field research and cooperation. Finally, the EU paradigm of “weaker consumer” has put the EU at the forefront of consumer protection in the 80s and the 90s but that paradigm may no longer be adequate for the Internet-of-Things data-driven economy of this decade and the next. What is, therefore, needed is not fine-tuning but a complete rethinking of both that paradigm and how consumers are treated in non-consumer branches of EU law.

The 2016 EU Copyright Reform – A Summary

The Commission published today (14 September 2016) its long-awaited copyright reform. The proposal, which is followed by a communication, consists in a:

  • proposed Directive on Copyright in the Digital Single Market,
  • proposed Regulation on copyright in online broadcasting,
  • two proposals (a directive and a regulation) affecting disabled users

The reform also contains an impact assessment documentand a document on the evaluation of the 1993 Satellite and Cable Directive.

The proposals, some of which have been leaked, have already been widely criticised (see our own post, also see here, here and here). The essence can be summarised as follows:

A new neighbouring right for news publishers has been created. In essence, any use of news produced by news sites that is not otherwise covered by exceptions would need to be cleared. Although the preamble 33 does say that the new right “does not extend to acts of hyperlinking which do not constitute communication to the public” the Proposal does not define when a hyperlink (and the potential accompanying snippet of news) is a communication to the public. The present case law (see my post on the new GS Media case here) is not sufficiently clear on that point either. At present it is possible to interpret it to mean that linking to a legally available copyrighted news article is not a new communication to the public. On the other hand, the language used in the GS Media case, as well as the fact that GS Media has been decided before the Proposal was made public, lead us to believe that hyperlinking og a Google News or Twitter-type site, with the news snippet being displayed, will be an act of communication to the public. This is hugely detrimental to the development of a free, democratic and efficient Internet. In addition to that, disastrous experience from Spain and Germany, prove without doubt, that such ideas are counterproductive.

Content-filtering of user-generated content has also been proposed in Article 13. The proposal applies to “information society service providers storing and giving access to large amounts of works and other subject-matter uploaded by their users ”. The proposal here demands that information society service providers enter into licensing agreements with rightholders and introduce adequate content recognition technologies. The idea is that licensing agreements and filtering need to be introduced where information society service providers do not benefit from the hosting exception from Article 14 of the E-Commerce Directive (Recital 38 of the Proposal). This might signify that the intention is not to force licensing and filtering in all cases where material is hosted but only where ISSs are performing an act of “communication to the public” or, in other words, where they are not playing an “active role” and, at the same time, do not qualify for the safe harbor of Article 14. It is not explained in the Proposal what these situations might comprise since typical user-generated sites do qualify for Article 14 safe-harbor. Moreover, Article 15 of the E-Commerce Directive says that Internet Service Providers are under no obligation to actively monitor content on the Internet. In addition to that, the CJEU SABAM case (interpreting the E-Commerce, the Copyright and the Copyright Enforcement Directives) says that filtering cannot be indiscriminatory. Contrary to both of these, the proposal demands that ISP

prevent the availability on their services of works or other subject-matter identified by rightholders through the cooperation with the service providers. Those measures, such as the use of effective content recognition technologies, shall be appropriate and proportionate.  

The proposed Article, in its present form, is both incoherent and contrary to the existing EU law (on why it may have serious consequences for the “communication to the public” see here). There is no reason whatsoever why the Commission should set out to change the regime which has functioned relatively well. Copyright violations which are properly notified to the user-generated sites in the present regime are already covered in the E-Commerce Directive. In addition to that, EU directives as well as CJEU cases accept the ability to use national restraining injunctions. It makes no sense to demand the introduction of expensive content recognition technologies which only large companies can properly pay for and implement.

The third part of the proposal relates to cross-border online broadcasting. The general idea here is to establish a regime where broadcasters (in ancillary online services which are broadcast simultaneously with terrestrial transmissions) only need to clear the rights in the state where the broadcaster is established. This does not apply to video-on-demand, though, which is still under the general system of clearances.

Overall, the proposed changes seem mostly incoherent and do not address the reforms which are really needed (copyright exceptions, technical measures of protection, collective rights management…)

The 2016 EU Telecommunications Reform – A Summary

On September 14, the EU unveiled proposals for its new telecommunications reform. In the coming weeks we will provide a more detailed comment on some aspects of these proposals but here is a quick summary of what it contains and what it does:

  1. The last big telecoms reform took place in 2009 (the consolidated version can be found here). The latest attempt to make changes to this took place in 2015 with the so-called “Connected Continent” regulation which really only did two things: clarified the rules on net neutrality and introduced a system for gradually getting rid of the roaming charges.
  2. The Commission is dealing with relatively serious problems: lack of investment, fierce competition between the incumbents and the disruptive OTTs, large discrepancies in Internet (both broadband and mobile) availability, penetration and use between the poorer and more developed parts of the EU, convergence between content and carrier…
  3. The new plan sets as its goals the access to extremely high gigabit connectivity to all socio-economic drivers, download speeds of at least 100Mbit for households and uninterrupted 5G coverage for all urban areas.
  4. The first link in enabling the huge investments which are needed for this is the proposed European Electronic Communications Code (EECC Directive). The Directive is horizontal recasting of the already existing Framework, Access, Authorisation and Universal Services directives (their 2009 versions). This means that these four directives will, from the date of adoption, cease to exists and be subsumed under one unified Directive. After the 2002 and 2009 reforms, this would create the third big EU telecoms reform. In order to understand the changes in the proposal, one needs to be somewhat familiar with the operation of the previous regime. Overall, the rules are simplified:

The Code will apply market regulation only where end-user interest requires it and where commercial arrangements between operators do not deliver competitive outcomes. The new Code substantially reduces regulation where rival operators co-invest in very high-capacity networks and makes it easier for smaller players to be part of investment projects, thanks to the pooling of costs, the overcoming of scale barriers, etc. New rules make the investment case more predictable for “first movers” who take the risk to invest in those networks in less profitable areas, such as rural areas.

Additionally, the proposal increases consumer protection and makes better use of radio frequencies.

  1. The Commission also presented an action plan for 5G deployment. The plan presents a calendar for coordinated EU 5G launch in 2020.
  2. The WiFi4EU initiative aims at helping European communities offer free Wi-Fi access points to all.
  3. The role of both national agencies and BEREC had been reinforced in the EECC proposal and a new proposed BEREC regulation.

It is, at present, difficult to say how deep the reform goes or what its impact might be. Keep an eye on this space.

Hyperlinking and CJEU: a comment on the GS Media decision

The Copyright Directive, which in Article 3 protects the rightholder’s right of communication to the public, is silent on whether hyperlinking constitutes such a right. This has given the Court of Justice ample opportunity to clarify the situation.

In Svensson, the Court dealt with an aggregator website providing links to newspaper articles located on another site. The articles were provided free of charge on the original site but the rightholders argued that the aggregating site profited from them in their own right without paying proper compensation. The Court took the position that

the provision on a website of clickable links to works freely available on another website does not constitute an ‘act of communication to the public’

It did emphasise, however, that hyperlinking to works protected by paywalls and similar restrictions would constitute communication to the public since a ‘new public’ to which the work is communicated would exist in this case. The case, although bringing clarity to the issue of linking to an already published and available copyrighted work, left open the question of very prevalent hyperlinking to works that are both protected and published without the author’s consent.

The Court had an opportunity to decide this issue in BestWater, which was about linking through a frame on a website to some illegally posted YouTube videos. The Court concluded that

The mere fact that a protected work, freely available on an internet site, is inserted into another internet site by means of a link using the ‘framing’ technique cannot be classified as ‘communication to the public’ since the work at issue is not transmitted to a new public or communicated a specific technical method different from that of the original communication.

Here, just like in Svensson, the Court did not address the issue of whether the poster’s good faith or financial gain played any role.

This changed in GS Media case, which was decided on September 8, 2016. The case involved the GeenStijl website, which is relatively widely read in the Netherlands. An article had been posted on the site which contained a hyperlink to photos hosted on the third party website (Filefactory). The photographer granted exclusive authorisation to use the photos to Sanoma company and they took action against both Filefactory (which removed them) and Geenstijl. The case, thus, involved hyperlinking to material under protection to which the right holder did not grant authorisation. The photos under consideration were, at the point when the case commenced, not available otherwise.

The Court recognises in paragraph 45 the freedom of information role which the hyperlinks play:

      In that regard, it should be noted that the internet is in fact of particular importance to freedom of expression and of information, safeguarded by Article 11 of the Charter, and that hyperlinks contribute to its sound operation as well as to the exchange of opinions and information in that network characterised by the availability of immense amounts of information.

It further remarks that it may be difficult for a user to ascertain whether the material hosted elsewhere, to which they linked, is illegally posted or not. On the other hand, when hyperlinking is not carried out for profit, it is essential that the poster does not know and cannot reasonably know, that that work had been published on the internet without the consent of the copyright holder. A communication to the public will, therefore, always exist where the poster has been notified (presumably by the rightholder) of the protected nature of the work but they decide to link to it anyway (paragraph 49) as well as where the link allows protective restrictions to be circumvented (paragraph 50).

Paragraph 51 introduces a rebuttable presumption that the person who acts for profit and who hyperlink with the full knowledge of the protected nature of the work. Such persons are allowed to challenge that presumption but, obviously, cannot do so where the illegal nature of the links was precisely the biggest marketing point (as it was in case of GS Media company).

Paragraph 53 states that

Such an interpretation of Article 3(1) of Directive 2001/29 provides the high level of protection for authors sought by that directive. Indeed, under that directive and within the limits set by Article 5(3) thereof, copyright holders may act not only against the initial publication of their work on a website, but also against any person posting for profit a hyperlink to the work illegally published on that website and, under the conditions set out in paragraphs 49 and 50 of the present judgment, against persons having posted such links without pursuing financial gain. In that regard, it should in particular be noted that those rightholders, in all cases, have the possibility of informing such persons of the illegal nature of the publication of their work on the internet and of taking action against them if they refuse to remove that link, and those persons may not rely upon one of the exceptions listed in Article 5(3).

This means that copyright holders are allowed to go after the primary infringer as well as the link poster who knows or ought to have known or who circumvents protective measures. The exceptions of Article 5(3) do not have the capacity to excuse such an infringer. Effectively, this means that a notification triggers a take-down procedure whereby a hitherto bona fide linker loses the good faith.the moment the notification is received.

The final decision is stated thus:

in order to establish whether the fact of posting, on a website, hyperlinks to protected works, which are freely available on another website without the consent of the copyright holder, constitutes a ‘communication to the public’ within the meaning of that provision, it is to be determined whether those links are provided without the pursuit of financial gain by a person who did not know or could not reasonably have known the illegal nature of the publication of those works on that other website or whether, on the contrary, those links are provided for such a purpose, a situation in which that knowledge must be presumed.

What can be inferred from this judgment?

  • first, hyperlinking to a work with the full knowledge of the lack of a rightholder’s consent, or by circumventing any protective mesures, constitutes communication to the public, irrespective of whether hyperlinking is carried out for profit or not.
  • second, knowledge is presumed in cases of those who link for profit but they can rebut this presumption.

So, the two elements, financial gain and knowledge, are combined in such a manner than financial gain increases the burden of proof for the for-profit linker. The not-for-profit linker must still be unaware of the illegal nature and the mere fact that they did not profit financially from hyperlinking does not, in the presence of bad faith, change the situation.

There are two problems with the Court’s approach and both of them have to do with the financial nature of the activity in question.

First, the financial nature of the “for profit” hyperlinking is neither defined nor properly discussed. The term used is not the more common “commercial gain” – which would mean an operation on a larger scale. A private person operating a website which uses some form of advertising could, according to the GS Media court, be judged to be acting “for profit”.

Second, it is not clear why a financial element ought to be part of the decision concerning whether something constitutes communication to the public or not. Whereas it is true that the Court made good faith a central criterion and the pursuit of financial gain is just a clarifying one, it is still true that persons acting without financial gain are in a better position. This is puzzling for works have either been communicated to the public – i.e. new public had been found and this public gained access to the works – or they have not. The financial nature of the poster’s work has nothing to do with the number of people who have gained extra access to the work (although it very well may have to do with the amount of damages which will be awarded in the ensuing tort case).

It seems that potentially problematic hyperlinking covered in EU case law now falls into three categories:

  • the first are hyperlinks to protected material legally available elsewhere (e.g. links to news articles). These links, as per Svensson, are not communication to the public since no new public is gained
  • the second are hyperlinks to material behind protective walls (e.g. paywalls). Linking to these would, as in Svensson, constitute communication to the public.
  • the third, covered in GS Media, are hyperlinks to any other material not available elsewhere (e.g. movies, photos or music) but not involving the act of cracking a protective measure. In this case, the decisive element is the linker’s good faith combined with the financial nature of the case.

It is to be noted, however, that the recent leaked proposal for a Copyright Directive in the Digital Single Market, attempts to create a neighbouring right for news publishers. This grants the right of communication to the public to the news outlets and would potentially severely limit the scope of the first of the three situations outlined above.

Finally, the Court’s insistence on the subjective element as well as its clear warning from paragraph 53 may, in fact, have created a new form of notice-and-takedown procedure for hyperlinks.

How to Write Bad Copyright Laws – Leaked Proposal for a New EU Copyright Directive

The EU Copyright regime has been subject to calls for reform for at least since 2008 (Green Paper). The reform process began in earnest in 2014 with the publication of thepublic consultation. The 2015 Digital Single Market Strategy put copyright high on the list of future interventions, promising a draft proposal by the end of 2016. The 2015 Copyright White Paper outlined the pursued aims in more detail, quoting wider access to content, more adapted exceptions, a well-functioning marketplace and an effective enforcement system. Few things in either the Strategy or the White Paper indicated a very radical approach except, perhaps, calls for a ‘follow-the-money’ mechanisms, which was neither defined nor properly explained.

A draft of the promised new Copyright Directive had been leaked a couple of days ago and so has the impact assessment that led to it. The final text of the proposal (which may be different from documents produced here) will be subject to co-decision procedure and intense lobbying both in the Parliament and the Council and is likely to get changed. Nevertheless, assuming that this is the starting position, what do these documents show about the proposed vision?

The proposed directive is meant to complement the Database Directive, Copyright Directive, Rental and Lending Rights Directive, Software Directive, Orphan Works Directive and the Collective Management Directive and not replace them.

It contains five titles, three of which bring new concepts in. Title II, adapting some exceptions and limitations to the digital cross-border environment, introduces new exceptions for text and data mining, use of works for teaching activities and preservation of cultural heritage. Proposed Article 3 allows text and data mining by research organisations of works to which there already is lawful access. Any contractual provision that says otherwise shall be ineffective. Text and data mining are defined as automated activities that generate patterns, trends and correlations. A typical text and data mining context is copying small amounts of material from journals and reports and assembling them for further use. A similar exception had already been introduced into UK law in 2014, although that one applies to non-commercial uses only whereas the Draft is silent on the commercial side of mining. Article 4 allows use of digital works for non-commercial teaching purposes only. Member States are allowed flexibility in implementing this provision. Finally, Article 5 allows cultural heritage institutions to make copies of works in their permanent collections for purposes of preservation only. Overall, the exceptions offered are welcome but exceptionally modest. Even a very cursory look at the literature will reveal a need for a far wider reform of the exceptions regime which needs to be reformed not only in terms of its largely voluntary nature but also its scope and depth.

Title III deals with licensing practices and wider access to content. It contains three relevant provisions. Articles 7 – 9 deal with uses of out-of-commerce works by cultural heritage institutions, specifically with licenses for non-commercial purposes that collective rights management organisations give to cultural heritage institutions for out-of-commerce works. These are relatively uncontroversial measures but are also relevant in a relatively narrow context. Article 10 attempts to cover agreements for making audiovisual works available to on-demand platforms (only partially covered by the above-mentioned Collective Rights Management Directive), but only says that such parties “may rely on the assistance of an impartial body”. This is a bizarre addition. Nothing prevents the parties from relying on such assistance at present and it is not clear how such a reminder is supposed to help anyone.

Title IV relates to well-functioning copyright marketplace. Article 11 introduces what the media (justifiably) calls the “link tax”. The article obliges Member States to provide publishers of news publications (defined very broadly in the Draft) with the rights contained in Articles 2 (reproduction right) and 3(2) (right of communication of the public) of the Copyright Directive for the duration of 20 years. This is essentially the creation of a completely new, previously non-existent neighbouring right. This measure is aimed at 3rd party aggregators (mainly but not exclusively Google) who show snippets of news and/or link to them. The heavily criticised idea would crete strains between USA-based aggregators and the EU and has potential negative freedom-of-speech implications. It seems to protect, for no apparent economic reason, the diminishing revenues at news companies at the expense of arguably more innovative models and is almost certainly going to be difficult if not entirely impossible to implement.

Most surprising, and most damaging, is Article 13 which covers uses of protected content by information society services (ISSs). It demands ISSs which store large amounts of works uploaded by users (i.e. user-generated sites) to take “appropriate and proportionate measures” to ensure that agreements with the rightholders are functioning, and to prevent the availability of works not covered by these agreements – including through use of “effective content identification technologies”. ISSs must provide rightholders information on such technologies. The provision, which in its present form is nothing other than a demand for monitoring, is in direct contravention of Article 15 of the E-Commerce Directive which explicitly prohibits monitoring. The drafters of this proposal are either not familiar with the 15-year-old largely uncontroversial article (nor, for that matter, with the content of the CJEU Sabam case) or are chosing to deliberately ignore it. Either is very alarming. The mechanism proposed here, even if the discrepancy is completely ignored, is unjustifiably tilted in favour of the rightholders. Further to that, only very large operators (such as YouTube) would have the financial and organisational power to install “effective content identification technologies”.

The proposed text has already been subject to heavy criticism (see here and here). In my own opinion, such criticism is entirely justified. The produced text is badly written, is ill-conceived and based on poorly tested ideas. Moreover, it contradicts the already established and well-functioning EU law (Copyright Directive, E-Commerce Directive, CJEU case law). The sooner it is changed (or abandoned altogether), the better.

BEREC Guidelines on Net Neutrality – Part II (Final Version)

On August 30, the Body of European Regulators for Electronic Communications (BEREC) published their final Guidelines on net neutrality, as mandated by the Connected Continent Regulation (Reg. 2015/2120). The Guidelines do not crate new rules but interpret the ones contained in the Regulation. Their importance lies in the fact that national regulatory authorities (NRAs) have been left in charge of the implementation and monitoring and this is intended to help them apply the Regulation and ensure a degree of uniformity.

A draft version had been made available on April 6 (I commented on it in a previous post) and the final text is a result of an extensive public consultation. I emphasised earlier that, although the Draft supports net neutrality in principle, it also allows zero rating, traffic management and specialised services under controlled conditions, which is a good starting point. The final version remains on the same position.

Public debate so far has been roughly divided into two camps: Internet Service Providers (ISPs) have argued for weak regulation while general public has been leaning towards a strong one. Although the final version does reinforce the open nature of the Internet, it does leave a lot of manoeuvring space for ISPs, essentially crating a relatively weak and rather bureaucratised set of rules that depends on NRA scrutiny.

Although, some comments seem to be claiming that “loopholes” left in the Regulation have been tightened, this is, in fact, not the case. The Guidelines allow for flexibility: zero rating, traffic management and specialised services, all remain allowed. The ISPs rely on all three as zero rating and specialised services are increasingly seen as lifelines in an industry where investing in new technology is prohibitively expensive but very risky and subject to competition from unregulated over-the-top (OTT) providers.

In respect of zero rating, which is not specifically mentioned in the Regulation, BEREC recognises that end users’ choice may be materially restricted. Commenting on Article 3(2) of the Regulation, however, the Guidelines do not call for their outright prohibition. Recitals 44 and 45 simply say that providers’ respective market positions are to be taken into account as well as the extent to which the users’ choice is actually been restricted. This is a regime which leaves balancing to the NRAs. The only situation in which zero rating is prohibited (Recital 55) is where, having reached the data cap, all applications but the zero rated ones are throttled.

The BEREC position on traffic management is dependent on the rather specific and relatively clearly worded limitations already imposed in the Regulation. The basic position here is that traffic management is allowed under controlled conditions. The main impression gained is that the Guidelines are descriptive, giving examples of what might constitute typical attacks or allowed measures.

Finally, specialised services are also allowed in Regulation Article 3(5) under NRA-controlled conditions and the Guidelines do not change the position in that article dramatically. Paragraph 111 comments that it is necessary for a specialised service to actually require a “level of quality that cannot be assured over a IAS”, that is to say, specialised service must be the only option for delivering the electronic product adequately. Paragraph 112 emphasises that defining a fixed list of specialised services is not necessary considering the fast pace at which technology develops.

In summary, the present Guidelines offer a basic net neutrality protection, preventing the ISPs from discriminating between apps and services flowing through the basic pipe. At the same time, they allow reasonable traffic management and specialised services, which is a positive development. More worrying is the fact that both are subject to far too many administrative hurdles and the uncertainty of regional NRA scrutiny. In my own view, net neutrality regulation was not necessary as potential problems could easily be addressed through the existing laws and adequate application of competition rules. At best, the present rules provide only a basic shield against (at present still largely hypothetical) violations. In the worst case, their overzealous application by NRAs would act as a burden to developement of new services.