An Overview of EU Cyberlaw Literature

I often get asked, by students and colleagues alike, what books to get and how to use them. Since Cyberlaw is, in the memorable words of Frank Easterbrook, “the law of the horse” – in other words, a collection of disparate legal disciplines, working with EU Internet Law does, unfortunately, mean working with many different disciplines. The situation is not so dire, however, as decent works exist in all of them and there are also some truly excellent ones. In this post, I will aim to give an overview of the books that I find particularly useful and work with relatively often. It is probably worth saying that, although Internet law changes relatively rapidly, books do not get out of date so easily. This is for a simple reason that EU Directives have a relatively long shelf life (E-Commerce and InfoSoc directives, for example, date to 2001) and the European Court produces a ´small number of judgments in each of the areas listed below.

Policy. No general books exist that cover EU Internet policy (although some references to policy and governance in individual areas are to be found in the works below). The following two books are not specifically EU oriented but they give a good overview of the main issues  involved. Ian Brown (ed.)’s Research Handbook on Governance of the Internet (Elgar 2013) is a good introduction to governance in cyberspace while Reed’s Making Laws for Cyberspace (OUP 2012) throws light on the law making process.

General literature. Few general works exist, although the situation is better now than it used to be. My own EU Internet Law (Edward Elgar 2013) is coming out in the 2nd edition later in 2016. It is complemented by the Research Handbook of EU Internet Law (Savin/Trzaskowski, Edward Elgar 2014). Neither is meant as a textbook and those looking for one should probably look at the Introduction to EU Internet Law (Trzaskowski/Savin/Lundqvist/Lindskug ExTuto 2015). A compendium of texts, cases and materials has been published in 2015 (Koščík et al. eds., available online) and is a useful collection of primary sources.

Those interested in the historical development of the main EU directives have a couple of volumes to consider. Lodder and Kaspersen’s eDirectives: Guide to European Union Law on E-Commerce (Kluwer 2002) remains the only article-by-article comment on the major EU Internet directives including the E-commerce, the Copyright and the Data Protection directives. Similar effect is achieved in Lilian Edwards’ (ed.) The New Legal Framework for E-Commerce in Europe (Hart 2005), which is an indispensable work for understanding policy decisions behind E-Commerce Directive.

Surprisingly, no up-to-date books covering electronic commerce only exist today and by far the best ones are the two volumes quoted above. Elgar’s Research Handbook on Electronic Commerce Law is due in September 2016 and will cover this gap to some extent.

Copyright is one of the areas where there is abundance of excellent books. A general work covering all EU IP Rights is Trevor Cook’s EU Intellectual Property Law (OUP 2010). Although no longer up to date in terms of case law, it gives a good overview of the basic directives. The Stamatoudi/Torremans detailed commentary on EU Copyright Law (Elgar 2014) is the most comprehensive article-by-article reference on all EU copyright-related directives including a section on EU policies. An earlier version with a similar scope (OUP 2010) is the Walter/von Lewinski’s European Copyright Law: A Commentary. An overview of the Member States’ implementation of the Copyright Directive is the Lindner/Shapiro Copyright in the Information Society: A Guide to National Implementation of the European Directive (Elgar 2011). Kur/Dreier European Intellectual Property Law: Texts, Cases & Materials (Elgar 2013) is excellent as a textbook in this area as is Pila/Torremans book with the same title (OUP 2016).

Trademark. Botis/Maniatis/Mühlendahl/Wiseman’s Trademark Law in Europe (3rd edition, OUP 2016) is a comprehensive overview of the area. Kur/Senftleben’s European Trademark Law is out in February 2017.

A review of the new EU patent system can be found in Pila/Wadlos (eds) The Unitary EU Patent System (Bloombsury 2015).

The most recent summary of cybercrime issues is Gillespie’s Cybercrime: Key Issues and Debates (Routledge 2015). A view of the EU cybersecurity policy issues is to be found in Christou’s Cybersecurity in the European Union: Resilience and Adaptability in Governance Policy (AIAA 2016)

Consumer issues are covered relatively comprehensively. Up-to-date general works exist, including Weatherill’s EU Consumer Law and Policy (2nd edition, Elgar 2014) and Micklitz/Reich EU Consumer Law (2nd edition, Intersentia 2014). Policy issues are covered in Leczykiewicz/Weatherill The Images of the Consumer in EU Law: Legislation, Free Movement and Competition Law (Bloomsbury 2016). Djurovic’s European Law on Unfair Commercial Practices and Contract Law (Bloomsbury 2016) covers the UCP directive. Twigg-Flesner’s (ed.) Research Handbook on EU Consumer and Contract Law is due in September 2016.

Private International law, while being subject to a multitude of general titles, has only a few specific ones that apply to the Internet only. An example is Svantesson’s Private International Law and the Internet (3rd edition, Kluwer 2013). Specifically consumer-oriented is Tang’s Electronic Consumer Contracts in the Conflict of Laws (2nd edition, Bloomsbury 2015).

Comparative law: Knowing what is happening in the United States is an important part of understanding where the EU laws come from and why they are written in the way they. A good general overview (including cases and materials) of American Cyberlaw up to 2010 is Bellia/Berman/Frischmann/Post’s Cyberlaw (4th edition, West 2011). Grimmelmann’s Internet Law: Cases & Problems (Semaphore Press, 2015) provides a more up-to-date look.

Books on privacy have traditionally concentrated on national implementation of EU laws. The current situation is made more complicated by the recent adoption of the General Data Protection Regulation, which fundamentally changes the current EU law and has yet to be subject to a comprehensive coverage in a book format. The best overview of the current law is to be found in EU’s own Handbook on European Data Protection Law (EU 2013). An up-to-date discussion of policy and constitutional issues are discussed in Hijmans’ The European Union as Guardian of Internet Privacy: The Story of Art 16 TFEU (Springer 2016). Further to this, there is Lynskey’s The Foundations of EU Data Protection Law (OUP 2015) which does cover some aspects of the initial GDPR proposal.

In addition to the above, the following three are also of interest.

Telecommunications law (or, as the EU itself puts it – electronic communications) is, strictly speaking, a separate branch of law that applies to carrier only (the wires) and not content on the Internet. Nevertheless, since convergence between content and carrier has been blurring this boundary for a considerable time now, some knowledge of the area is needed. Three comprehensive books exists on the subject. Scherer’s (ed.) Telecommunication Laws in Europe (Bloomsbury 2016) is an overview of national laws but it does begin with an introductory section on EU telecoms laws. The most comment-like treatment of the 2009 telecoms package is Nihoul/Rodford’s EU Electronic Communications Law (OUP 2011). A comprehensive analysis of the ex ante approach to telecommunications is Hou’s Competition law and Regulation of the EU Electronic Communications Sector (Kluwer 2012). Finally, my own EU Telecommunications law is due with Elgar later in 2017.


BEREC Guidelines on Net Neutrality – Part I

On June 6, the Body of European Regulators for Electronic Communication (BEREC) published a draft set of guidelines concerning Net Neutrality. The authority to draft them came from Regulation (EU) 2015/2120  –  the “Connected Continent Regulation” – whose Article 5(3) obliges BEREC to issue guidelines for the implementation of the Regulation by August 30, 2016, in cooperation with the Commission and after consulting the stakeholders. Since it is the national regulatory authorities (NRAs) in each Member State who are in charge of implementation, the guidelines direct NRAs on how to implement the Regualtion.This makes them rather significant in practice.

On its website, BEREC claimed that it received “almost half a million contributions” in response to its call. Considering the fact that net neutrality has been in the public eye for a while now, it is not surprising that BEREC Guidelines should attract attention, but it is curious that the number of responses (most of which were from ordinary citizens) should be demonstrated in this manner. The drafting process itself is not particularly transparent, with concerns that BEREC drafting process happens behind closed doors and under potential influence of lobbying.

The Connected Continent Regulation has as its main purpose the removal of roaming and the introduction of minimum rules on net neutrality and it is not a full revision of the 2009 EU Telecoms regime (which is promissed for December 2016). The Regulation introduces a couple of basic safeguards. First, the Regulation does not define net neutrality. The introduction of a proper definition was a hotly debated point in previous drafts with proponents of net neutrality arguing for a clear definition and the opponents against. The resulting regulation simply says, in Article 3(1) that

End-users shall have the right to access and distribute information and content, use and provide applications and services, and use terminal equipment of their choice, irrespective of the end-user’s or provider’s location or the location, origin or destination of the information, content, application or service, via their internet access service.

This statement, which roughly corresponds to usual definitions of net neutrality, simply means that internet traffic must be provided without discrimination based on origin or content of that traffic. At the same time, this does not affect agreements between providers and users on “price, data volumes or speed”. The main net neutrality point is then repeated in Article 3(3):

Providers of internet access services shall treat all traffic equally, when providing internet access services, without discrimination, restriction or interference, and irrespective of the sender and receiver, the content accessed or distributed, the applications or services used or provided, or the terminal equipment used.

The same paragraph allows “reasonable traffic management”. Reasonable are only those measures which are “transparent, non-discriminatory and proportionate” and which are not based on commercial considerations. Such measures cannot result in monitoring and must be temporary. Providers are in particular not allowed to:

block, slow down, alter, restrict, interfere with, degrade or discriminate between specific content, applications or services, or specific categories thereof

In principle, traffic management is allowed only when EU laws demand it, to preserve the integrity and security of the network or to prevent congestion.

Finally, the Regulation allows the providers to offer specialized services, which are not defined but which are “optimised for specific content, applications or services, or a combination thereof” where such optimization is necessary. Such specialised services must not be offered as a replacement for regular Internet services and must not result in the degraded quality of the former.

The draft guidelines comment on each of the articles. Some of the comments are crucial. Particularly important are those on zero rating, traffic management and specizlied services.

In response to bundling of free applications and services with the Internet access (such as, for example, offering free Spotify or HBO subscriptions), the Guidelines paragraph 33 indicates that these ought to remain legal as long as they are not priced differently than the rest of the traffic. Paragraph 35 specifically emphasizes that ISPs are not allowed to contractually ban specific content (e.g. VoIP). In response to zero-rating practices (where the provider does not count traffic associated with a particular application towards data cap, thus making them essentially free), the Guidelines differentiate between several situations. If all other services are slowed down except the zero rated ones, once the cap is reached, such practices would infringe Article 3(1) (as per paragraph 38). In respect of all other practices, the Guidelines call for a complex assessment exercise (paragraphs 43  – 45) the purpose of which is to determine to what extent the end-users’ choice if actually restricted. At present, there is little evidence that zero-rating is harmful and some evidence that it is beneficial.

In response to traffic management, BEREC simply clarifies the conditions in Article 3(3) without adding anything particularly controversial. It acknowledges, at the same time, the legality of traffic management. The guidelines do not insists on application-neutral technical measures, possibly leaving space for controversy. On the other hand, “permanent or recurring” measures may not be legal (paragraph 70) showing, at least, that traffic management measures cannot be used as a backdoor for openly violating neutrality.

In response to specialized services, BEREC emphasizes the fact that such services need to be carried at a specific level of quality and cannot be assured by standard best effort (paragraph 95). The job of verifying whether optimized delivery is objectively necessary is left to NRAs . If the level of quality can be adequately assured through a regular connection, the specialized service would be illegal. BEREC is careful to emphasize that what constitutes a specialized service today may not be so in the future. Creating black and white lists, therefore, makes little sense. As a way of example, paragraph 109 quotes Voice-over-LTE (VoLTE), linear broadcasting IPTV services and real-time health services, as those which may required specizlized access today.

There are two important points to note from the Draft Guidelines. First, they follow the spirit of the Regulation by prohibiting opportunistic discrimination. This, in itself, is not necessarily a novelty since current laws can be interpreted to give the same effect. Additionally, this intervention may be irrelevant as there is little evidence of actual net neutrality violations in Europe. Second, they are permissive and flexible towards issues that matter to the industry – traffic management and specialized services. This is a positive development, as restrictive rules can and do have a negative impac on investment which, in telecommunications industry, is highly risky.

The comments this author has seen can roughly be divided into three groups. The first are individual citizens who invoke net neutrality as a fundamental right, often with little or no understanding of what it actually implies and how problems that arise from net neutrality issues differ from those happening on the backbone. The second are proponents of net neutrality on both sides of the Atlantic, who argue for stronger rules and criticize both the Regulation and what they perceive as BEREC’s permissive position. The third are industry representative who are against strong regulation. They are against overly prescriptive ex ante regulation, they fear future litigation over ambiguities left in the Regulation and worry about a potential slow-down in investment. A manifesto co-signed by BT Group, Deutsche Telekom, Ericsson, Hutchison Whampoa Europe, Inmarsat, Nokia, Orange, Proximus, Royal KPN, SES, Tele2 AB, TIM – Telecom Italia, Telefonica, Telekom Austria Group, Telenor Group, Telia Company and Vodafone, and claiming support from Ahlers, Airbus Defence & Space, Royal Philips, Siemens and Thales Alenia Space recently warned that no invetsment in 5G networks will be forthcoming unless uncertainties introduced in the Guidelines are removed.

In the view of this author, net neutrality legislation is unnecessary, counterproductive and technically difficult to implement. The final version of Guidelines may, if drafted carefully, eliminate some of the problems. I will comment on these when they are published later this month.





The Commission’s New Proposals on the Digital Single Market, May 2016

In May 2015, the European Commission published its Digital Single Market Strategy. The document outlined a number of targeted actions which the Commission was to undertake in 2015 and 2016. The Strategy consists of three pillars entitled: I) Better access for consumers and businesses to digital goods and services across Europe, II) Creating the right conditions and a level playing field for digital networks and innovative services to flourish and III) Maximising the growth potential of the digital economy. Behind the somewhat non-descript names hides a desire to address a number of relatively serious problems. In the first pillar, this includes simplifying and increasing the volume of e-commerce across EU borders, dealing with the problem of geo-blocking,  reforming copyright rules and reviewing the Satellite and Cable Directive. The second pillar has the task of reforming the telecoms rules, the audiovisual media framework (AVMS Directive) and the role of online platforms. In the third pillar, the Commission looked at free flow of data and standards and interoperability.

At the time of publication the Commission specifically underlined the removal of geo-blocking and the creation of level-playing field as being important. The first was, at that time, understood in its broad sense, as including both geo-blocking in sale of goods and services and geo-blocking that stems from differences of copyright law but very soon the attention concentrated on the former only (considering the difficulties that would arise form attempting to remove the latter). The level-playing field, on the other hand, refers to a complicated issue of the relation of OTT players and the incumbent telecommunications companies.

The first proposals resulting from the 2015 DSM Strategy came already in December 2015. They included a successor to the failed Common European Sales Law (CESL) – in the form of the Proposal for a Directive on certain aspects concerning contracts for the supply of digital content, coupled with a Proposal for a Directive on certain aspects concerning contracts for the online and other distance sales of goods. In addition to this, and delivering partially on the promise to remove geo-blocking, a Proposal on ensuring cross-border portability of online content followed.

Today, partially following on the promises made in the 2015 Strategy, the Commission made five new proposals.

  1. In the area of geoblocking, it proposed a Regulation on addressing geoblocking and other forms of discrimination based on customers’ nationality, place of residence or place of establishment. The gist of this proposal, which does not address copyright or AVMS issues, is found in Articles 3 and 4. Article 3 prohibits  measures which limit access to traders’ online interfaces for reasons related to nationality, place of establishment or place or residence of the customer. Article 4 outlines 3 situation in which geo-blocking is illegal: a) when the goods are not delivered cross-border by the trader or on his or her behalf; b) where the trader provides electronic services (other than matter subject to copyright), c) where the goods are physically supplied on traders’ premises but not in the customers’ place of residence. In any case, the regime does not apply to certain SME enterprises.
  2. In the area of cross-border parcel delivery, it proposed a Regulation on cross-border parcel delivery services. The proposal increases price transparency and regulatory oversight of cross-border parcel delivery.
  3. In the area of consumer protection, a Regulation on cooperation between national authorities responsible for the enforcement of consumer protection laws has been proposed. Among other things, it allows for immediate take-down of websites hosting scams.
  4. In the area of audio-video media services (AVMS Directive), a new Directive is being proposed. The new regime has better rules for protecting minors from harmful content and for protecting all citizens from incitement to hatred. The proposal also aims to improve the definition of the country of origin and introduces a minimum 20% limit on European content in broadcasts.
  5. In the area of online platforms, the Commission will maintain the existing intermediary liability regime, found in Article 12-15 of the E-Commerce Directive. Instead, in a Communication, it proposes to address the issues of intermediary liability through the updated AVMS Directive, in the coming copyright reform package and through  encouraging self-regulatory efforts by online platforms.

There is no doubt that at at least the geo-blocking and AVMS proposals bring significant changes to the present picture. I will address these proposals in more detail in the weeks to come.

Interconnecting content on the Internet lawfully – CJEU and hyperlinking of copyrighted material

On April 9, an important CJEU case reached the Advocate General Opinion stage. The case involves Sanoma, publishers of the Playboy magazine, who have commissioned nude photographs of a certain Ms Dekker. GS Media is the publisher of a blog which carried a link to a file containing the photos hosted on the Australian file depository system Filefactory removed the photos on demand from Sonoma but GS Media refused to remove the link on their website.

The plaintiffs brought an action, claiming that the publication of the links constituted copyright infringement. The Supreme Court of the Netherlands referred several questions to the Court of Justice.

‘1      (a)            If anyone other than the copyright holder refers by means of a hyperlink on a website controlled by him to a website which is managed by a third party and is accessible to the general internet public, on which the work has been made available without the consent of the right holder, does that constitute a “communication to the public” within the meaning of Article 3(1) of Directive 2001/29?

(b)      Does it make any difference if the work has also not previously been communicated, with the rightholder’s consent, to the public in some other way?

(c)      Is it important whether the “hyperlinker” is or ought to be aware of the lack of consent by the rightholder for the placement of the work on the third party’s website mentioned in 1(a) above and, as the case may be, of the fact that the work has also not previously been communicated, with the rightholder’s consent, to the public in some other way?

2      (a)   If the answer to question 1(a) is in the negative: in that case, is there, or could there be deemed to be, a communication to the public if the website to which the hyperlink refers, and thus the work, is indeed findable for the general internet public, but not easily so, with the result that the publication of the hyperlink greatly facilitates the finding of the work?

(b)      In answering question 2(a), is it important whether the “hyperlinker” is or ought to be aware of the fact that the website to which the hyperlink refers is not easily findable by the general internet public?

These, essentially, boil down to a question of whether posting a link to a website amounts to a communication to the public in terms of Article 3(1) of the Copyright Directive.

These questions have already been addressed in two previous CJEU cases, decided in 2014.

In Svensson and Others (C‑466/12, EU:C:2014:76) the Court ruled that “the provision on a website of clickable links to works freely available on another website does not constitute an ‘act of communication to the public’, as referred to in that provision.” This was because the work had not been communicated to a new public nor had technical means that differ from the original ones been employed. Importantly, the Court  concluded that Member States are not at a discretion to give Article 3(1) a wider interpretation than it already has.

Likewise, in BestWater International (C‑348/13, EU:C:2014:2315), the Court said that “framing” of one website (YouTube) inside of another does not constitute communication to the public in terms of Article 3(1). In this case, the initial communication had not been authorized but the Court did not give further clarification as to how that fact might change the decision.  Like in Svensson, the Court concluded that no new public had been granted access to the work and no new technical means had been used.

Neither case had really clarified the situation concerning linking to a potentially unlawful source nor whether the hyperlinker’s awareness of the illegality played a role. The AG is acutely aware of this in paragraph 43.

The present case thus gives the Court an opportunity to determine whether the authorisation by the copyright holder of the making available of the protected work on the other website (‘initial’ communication) is essential to a finding that there is no communication to the public within the meaning of Article 3(1) of Directive 2001/29.

In the view of the AG, in order to be considered a “communication to the public” as per Article 3(1), the intervention of the hyperlinker must be “vital or indispensable”. In comparison to Premier League case, where no football matches would have been shown had the public house proprietors not taken the steps they took, the hyperlinkers here merely facilitate access to what is, essentially, already there. In the view of the Advocate General, the intervention of GS Media is not indispensable for getting hold of the photographs which are already stored, legally or not, on Filefactory’s servers. For that reason, no “act of communication” had taken place, as required by Article 3(1).

The second part of Advocate General’s analysis concerns the analysis of the “public” to which the work had been communicated. Following the “new public” line of reasoning, the AG concludes that, since no initial authorisation happened here, the “new public” criterion is of no relevance. Although the website’s audience is wide, the photographs have already been made available on other websites. The importance of that becomes apparent in paragraphs 73 and 74:

  1. In any event, it is clear from the judgment in Svensson and Others(C‑466/12, EU:C:2014:76, paragraph 31) that if a hyperlink makes it possible for users of the site on which it appears to ‘circumvent restrictions’ (43) put in place on third-party websites to limit access to protected works, (44) the hyperlink in question constitutes an indispensable intervention without which those users could not enjoy the works. Accordingly, that intervention makes the works in question available to visitors to the website in question, in this case visitors to the GeenStijl website, and therefore constitutes an act of communication to a public which must be authorised by the copyright holder pursuant to Article 3(1) of Directive 2001/29.

  2. On the other hand, it is clear from paragraph 31 of the judgment in Svensson and Others(C‑466/12, EU:C:2014:76) that it is not sufficient that the hyperlink facilitates or simplifies users’ access to the work in question. […]

In analysing other circumstances which may be relevant, the AG  says that “[…]as a general rule, internet users are not aware and do not have the means to check whether the initial communication to the public of a protected work freely accessible on the internet was effected with or without the copyright holder’s consent.”

The final conclusion is mostly in agreement with the Svensson line of cases. The conclusion is that posting a link to unauthorized content is not communication to the public, that it is irrelevant whether posters were aware that authorization had not been given and that hyperlinking which “simplifies” access rather than find new audience is not communication to the public.

In our own opinion, this approach leaves some important questions unanswered. The AG indicated that the link poster’s awareness of the illegality of the content linked does not play a role since either the conditions in Article 3(1) are fulfilled or they are not, in which case awareness cannot play a role (paragraph 63). This may be so but such an interpretation does not distinguish between two types of situations in which hyperlinking can be damaging. The first is the situation in this case where the primary infringement is taking place on a server not connected with the hyperlinker and where the hyperlinker is referring to something that is very likely already in distribution in some form or another. The hyperlinker here is, if not entirely neutral, certainly not primarily a promoter of the infringement.

The second type of situation is entirely different and refers to websites the sole purpose of which is to distribute illegal copies of audio-video files otherwise in some form of commercial distribution. In this scenario, an operator of a forum or blog is posting links to file deposit sites, such as the one in question here with full knowledge and awareness that these files are distributed in violation of copyright law. Most of these files may, indeed, also be linked from other forums. Applying the Svensson line of cases, a conclusion could be reached that a) since there is (largely) no new audience and no new technical means and, since this is just a simplification of (an illegal) distribution already happening, there is no making available; b) the complete lack of good faith on the hyperlinker’s part is not relevant and c) if the right holder desires to commence legal action for infringement or obtain an injunction, they may do so against the primary infringer which is, presumably, the person or persons posting on the file depository which, in its turn, is subject to general ISP liability protection.

It appears that the suggestion in paragraph 73 quoted above, which refers to Svensson paragraph 31, does not resolve the tensions here. The Svensson paragroah 31 says:

‘where a clickable link makes it possible for users of the site on which that link appears to circumvent restrictions put in place by the site on which the protected work appears in order to restrict public access to that work to the latter site’s subscribers only, and the link accordingly constitutes an intervention without which those users would not be able to access the works transmitted, all those users must be deemed to be a new public, which was not taken into account by the copyright holders when they authorised the initial communication, and accordingly the holders’ authorisation is required for such a communication to the public’. (emphasis added)

What is promoted here is “indispensable” hyperlinking as opposed to “facilitating” hyperlinking. The former is an act of communication to the public, the latter is not. The problem arises from the insisting on the existence of copy restrictions. If such restrictions (as per Article 6 of the Copyrigth Directive) had been put in place, the hyperlinking is a communication to the public. If not, it will fall under the non-essential “facilitating” kind.

Such a conclusion cannot possibly be right for at least two reasons.

First, why would the right holder only be granted protection where they have availed themselves of the possibilities Article 6 offers? In that scenario, a right holder who distributed through, say, iTunes, would be protected, whereas the one who broadcasted on TV or streamed very likely would not.

Second, copyright violations on the Internet are usually facilitated through multiple fora which all link to the same files on the same depository sites (often multiple ones). No distribution would here be possible at all, if it was not for these hyperlinks since depository files do not themselves offer search facilities. In the same manner, the reason why PirateBay and similar sites are the usual targets of copyright infringement lawsuits is precisely because the essential element of illegal file distribution is their facilitator function.  In other words, the facilitator function is often the essential element in the copyright violation chain irrespective of whether there is a “circumvention restriction” or not.

All the previous cases are essentially about the extent to which content on the Internet can be interconnected. The AG’s conclusion in this case preservers the functionality and importance of hyperlinking as an important tool through which modern Internet functions but it fails to address a host of other cases where hyperlinking has no other purpose than to distribute illegal files. It remains to be seen to what extent the Court accepts his opnion.

Do network-wide ad-blocks really violate Net Neutrality? – An EU perspective

Ad blocking has been on the rise for a number of years. The 2015 Ad Blocking Report claims that ad blocking is estimated to cost publishers $22 billion in 2015, the year in which it has grown 41% compared to the previous year. At the same time, ad blocking penetration stood at 15% in the USA and 25% in Germany. And it keeps growing.

While ad blocking as a problem has so far concentrated on the users and their deployment of blocking software on the perriphery, several sources (see e.g. FT article) have recently reported that EU mobile operators intend to introduce network-wide advertisement blocking. One of the first credible threats came in February 2016 from the mobile operator Three. They rely on a technology produced by an Israeli company called Shine.

Blocking ads on mobile networks seems to be a result of increasing frustration of mobile operators who see ad networks enjoy increasing profits without the need to invest in the infrastructure. Mobile internet ad spending is set to stand at about $100 billion in 2016 with a projected increase in the years to come and network operators seem to want a share of that cake. Platforms which rely on ads, such as Google, on the other hand, argue that blocking makes no sense since content production which they engage in also requires investment and relies heavily on income generated by advertising.

Do network-wide ad-blocks violate the principle of net neutrality?

First, net neutrality is a complex set of problems that tends to get oversimplified and politicized. In reality, few understand it properly and even fewer have a grasp of the relationship that law has to technology. To put it in very simple terms, net neutrality is a principle which commands Internet Service Providers to treat all traffic equally, irrespective of the type, content, platform, application, etc. It can be understood as a principle that describes how Internet operates at present (it possesesnon-discriminatory properties) but it can also be understood as a regulatory principle (legislation is needed to protect net neutrality). Often the two come together in a (rather political) claim that, since the Internet is “neutral”, legislation is needed to addressed real or perceived threats to that neutrality. Importantly, the regulation of interconnection and peering is, by definition, not covered by net neutrality. In other words, net neutrality only controls what is happening on the “last mile“, between an ISP and the user. It says nothing about how ISPs regulate their own interconnection to other providers. Such relationships are only subject to contract law and competition law.

There are, at present, two opposing camps in relation to how net neutrality ought to be regulated. One is claiming that net neutrality is necessary to preserve the free and open Internet such as we know it while the other is saying that introducing legislation to protect net neutrality hampers investment and is a solution in search of a problem. This author tends to agree with the latter view.

The US and the EU have different views on net neutrality. While the US introduced a relatively strong form of net neutraluty in 2014, the EU opted for the weak one in its 2015 telecoms reform (effective from 30 April 2016). The EU version allows for fast lanes, as long as there is no discrimination in the main internet pipe.

How would EU rules react to the ad blocking problem? The key provision is Article 3(3) in the new Regulation:

Providers of internet access services shall treat all traffic equally, when providing internet access services, without discrimination, restriction or interference, and irrespective of the sender and receiver, the content accessed or distributed, the applications or services used or provided, or the terminal equipment used.

The first subparagraph shall not prevent providers of internet access services from implementing reasonable traffic management measures. In order to be deemed to be reasonable, such measures shall be transparent, non-discriminatory and proportionate, and shall not be based on commercial considerations but on objectively different technical quality of service requirements of specific categories of traffic. Such measures shall not monitor the specific content and shall not be maintained for longer than necessary.

Providers of internet access services shall not engage in traffic management measures going beyond those set out in the second subparagraph, and in particular shall not block, slow down, alter, restrict, interfere with, degrade or discriminate between specific content, applications or services, or specific categories thereof, except as necessary, and only for as long as necessary, in order to:

  1. comply with Union legislative acts, or national legislation that complies with Union law, to which the provider of internet access services is subject, or with measures that comply with Union law giving effect to such Union legislative acts or national legislation, including with orders by courts or public authorities vested with relevant powers;

  2. preserve the integrity and security of the network, of services provided via that network, and of the terminal equipment of end-users;

  3. prevent impending network congestion and mitigate the effects of exceptional or temporary network congestion, provided that equivalent categories of traffic are treated equally.

This provision makes it obvious that “discrimination, restriction or interference” is not allowed but also that “reasonable traffic management rules” is. Such traffic management must be “transparent, non-discriminatory and proportionate” and cannot be based on “commercial considerations”.

There is mounting evidence that mobile ads do gobble data and slow traffic (see here and here). Ender Analysis released a report in March 2016, claiming that between 18% and 79% of traffic is attributed to mobile ads. All that is required, in other words, is for the operator to show that ad traffic is causing disturbances in network traffic. This would almost certainly be allowed to stand even if the ultimate motive is commercial, i.e. if the real drive is an increase share of mobile ad revenues.

The key to understanding this problem is in the nature of the ads in question. Mobile ads are demanding on traffic and integrated with the content. They bring data congestion, security and privacy risks. As such, they would fit perfectly within letter b) (integrity and security of network). The Ender report further says “On the basis of this investigation, an estimate that says advertising accounts for half of all data used by publisher pages on iPhones does not look unreasonable. Publisher mobile pages are bloated, and advertising is an enormous part of that.”

It is entirely possible that network-wide ad blocking may have implications that arise out of contract law, advertising law or unfair competition law.  In the view of this author (although there are also opposing views) blocking ads on a network basis is not a net neutrality issue and is easily justified by reasons of traffic management.  A preliminary answer will be provided by Body of European Regulators for Electronic Communications (BEREC), who is supposed to published their draft net neutrality guidelines at some point in June 2016. The final answer will almost certainly have to wait for a Court of Justice reference.

Are providers of free Wi-Fi liable for copyright infringement?

An interesting new CJEU case has recently (March 16) reached the Advocate General opinion stage. The case, C-484/14 McFadden, is a reference for a preliminary ruling asking, essentially, whether providers of free Wi-Fi are liable for their users’ infringements. The question is important not only because of the prevalence of arrangements involving a guest user and a host provider (cafes, hotels, municipalities, schools…) but also because it touches upon important questions of what constitutes intermediaries for purposes of ISP liability and what remedies are appropriate for such intermediaries.


The facts of the case are straightforward. The applicant operates a business selling and renting sound and lightning equipment for public events. He offers a Wi-Fi connection as part of that business, undoubtedly to increase the popularity of his services. A work over which Sony Music holds rights had been offered for downloading via that network and Sony sought an injunction and damages.


Nine questions in total had been referred to CJEU but they can, essentially, be grouped into two.


In the first cluster of questions, the referring court is asking whether the provision of free Wi-Fi constitutes a service falling under Article 12 of the E-Commerce Directive (ECD). The Directive applies to services ‘normally provided for remuneration’ but does not define them nor does it provide any guidelines for their definition. Since ECD excludes liability of intermediaries who are “mere conduits” but not initiators of the transmission, taking a free service out of its scope would also expose the provider to liability.

Article 12″Mere conduit”1. Where an information society service is provided that consists of the transmission in a communication network of information provided by a recipient of the service, or the provision of access to a communication network, Member States shall ensure that the service provider is not liable for the information transmitted, on condition that the provider:(a) does not initiate the transmission;(b) does not select the receiver of the transmission; and(c) does not select or modify the information contained in the transmission.2. The acts of transmission and of provision of access referred to in paragraph 1 include the automatic, intermediate and transient storage of the information transmitted in so far as this takes place for the sole purpose of carrying out the transmission in the communication network, and provided that the information is not stored for any period longer than is reasonably necessary for the transmission.3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States’ legal systems, of requiring the service provider to terminate or prevent an infringement.

In dealing with the first group of questions, the AG emphasizes that “only services of an economic nature are covered by the provisions of the FEU Treaty” but also that “the concepts of economic activity and of the provision of services in the context of the internal market must be given a broad interpretation.” The AG’s idea is that provision of Internet access is normally an economic activity even when it is ancillary to the provider’s principal activity. The key is found in paragraph 42:

The very operation of a Wi-Fi network that is accessible to the public, in connection with another economic activity, necessarily takes place in an economic context.

This means that what gives an otherwise non-economic ancillary activity an economic context is the economic nature of the primary activity. Thus a hotel can offer free IT services as a way of promoting its primary activity which is economic in nature. Further to that, it is not necessary for the provider to hold itself out as a provider to the public in order to be given the status necessary under Article 12.


In the second cluster the Court is asked to determine the extent of liability of intermediaries in cases such as the present one (damages, costs) and the potential remedies including injunctions that can be applied for against them. Regarding the claim for damages or any other pecuniary claims, the AG’s response is clear: Article 12 does not allow any such claim provided that the conditions listed in it are fulfilled. In this case, the cumulative conditions have been fulfilled and, since no further condition can be imposed, the only right conclusion is that Sony’s claim is not justified.


The situation is different in respect of injunctions. Preliminary measures are allowed under Article 8(3) Copyright Directive (Dir. 2001/29) and under Article 11 of Copyright Enforcement Directive (Dir. 2004/48). Furthermore, the Court’s case law, in interpreting the aforementioned provisions, clearly allows injunctions “against an intermediary who provides Internet access and whose services are used by a third party to infringe a copyright or a related right” (See SABAM and UPC cases). Article 12 of the E-Commerce Directive, while bringing insulation against liability, is without prejudice to injunctions otherwise available under the Copyright Directive.

Of some interest are Advocate General’s observations concerning general limitations that any such injunctions might have. In answering the question of whether such limitations are possible, the AG draws upon freedom of expression and information and the freedom to conduct business (Article 11 and 16 of the EU Charter of Fundamental Rights, respectively) which, in his mind, must be balanced against the right to the protection of IP rights (Article 17(2) of the Charter). In particular, it should be taken care:

–        that the measures in question comply with Article 3 of Directive 2004/48 and, in particular, are effective, proportionate and dissuasive,

–        that, in accordance with Articles 12(3) and 15(1) of Directive 2000/31, they are aimed at bringing a specific infringement to an end or preventing a specific infringement and do not entail a general obligation to monitor,

–        that the application of the provisions mentioned, and of other detailed procedures laid down in national law, achieves a fair balance between the relevant fundamental rights, in particular, those protected by Articles 11 and 16 and by Article 17(2) of the Charter.

The AG then discusses whether injunctions phrased in general terms, which leave specific measures to the addressee are allowed. The UPC Telekabel case permits, in principle, such injunctions and the AG refers to this case but he further adds that it is for the national courts to determine not only that proper measures exist but also that they are compatible with the EU requirements listed above.

Finally, the AG discusses hypothetical interim measures proposed by the referring court. These are: 1) termination of the Internet connection, 2) the password-protection of the Internet connection and 3) the examination of all communications passing through that connection. The AG dismisses the first and the third immediately. In his mind, the first is incompatible with the fundamental rights while the third is incompatible with the general prohibition to monitor (Article 15 of the ECD). In regard to the second question (making the network secure), the AG points out the negative sides that such a requirement would bring. Not only would it change the business model of some of them significantly, but it would also increase the burden to store data in compliance with privacy laws.

Looking at the Advocate General’s analysis of the case, one finds little that is truly surprising. The fact that the provision of free Wi-Fi falls under the E-Commerce Directive is not unusual since the term “normally provided for remuneration” never has been restrictively interpreted in Internet-related cases. In Papasavvas, for example, the Court ruled that ECD “covers the provision of online information services for which the service provider is remunerated, not by the recipient, but by income generated by advertisements posted on a website.” Equally unsurprising is the extension of Article 12 ECD to such cases since the provision in question falls squarely within that article.

On the other hand, Advocate General’s ideas concerning the legal limitations to interim measures are of note since he effectively manages to steer clear of some of UPC‘s more problematic aspects. Whereas UPC demands only that the measures should not “unnecessarily” deprive of lawful uses and that they at least have the effect of making it difficult to access illegal services, the AG demands very specifically that they be balanced against fundamental rights in each individual case. This immediately disqualifies connection termination and monitoring but also, and not entirely without surprise, a demand that networks be made secure.

It remains to be seen whether the Court follows the Advocate General.

Geoblocking in the EU: why it is not going away any time soon

In its 2015 Digital Single Market Strategy, the European Commission emphasized, among other aims it sought to achieve on its path to a more integrated EU Single Market for digital services, a desire to prevent “unjustified geo-blocking”. Geoblocking generally refers to technical measures which are introduced to prevent the access to consumers from one state to digital content or services in another. The Commission ambitiously announced that it would present proposals to end geo-blocking in the first half of 2016. This, it said, could be done either through a “targeted” change to the E-Commerce Directive, or through Article 20 of the Services Directive. The Commission then conducted a public consultation, which ran from 24 September 2015 till 28 December 2015, the first results of which have been published on 27 January 2016. These confirm that consumers believe that “consumers and businesses should be able to purchase and access services everywhere in the EU” and emphasized that the majority of them had experienced geo-blocking in one form or another. Businesses agreed, in principle, that consumers in one Member State should not be denied services offered to consumers in another. On the other hand, they also pointed out that it would be a mistake to force traders to do business in areas in which they do not normally desire to do so.

The Commission’s DG Connect Inception Impact Assessment from December 2015 is a preliminary working document exploring policy choices for future action in the field. It lists a number of options through which the problem could potentially be addressed, including improving existing laws or taking no action at all. Its preference, however, seems to lie in the form of five mutually compatible courses of action. These include improved transparency, better enforcement but also variations on a theme of prohibition of Geoblocking. At present, it remains unclear which combination of options the Commission would go after. In addition to this, the audio-visual business model is also being scrutinized by the competition authorities, which may result in an entirely different course of action.

Separately, but as part of the general drive to reform copyright, the Commission proposed in December 2015 a Regulation on cross-border portability of online content services.  While the title may suggest that the overall aim is permanent removal of geo-blocking, the Regulation (impact assessment available here) only ensures that those who have access to services in their own Member State can temporarily access them when travelling to another Member State. As such, it does little to address the main problem at issue here.

Few in EU the would disagree with the notion that geo-blocking is annoying. There is less agreement, however, about what prompts it and how it could be eliminated. Comparisons are usually made with the United States, where a resident of, say, California, can access the same streaming service as a resident of New York or purchase goods freely online. Not so in the EU where websites typically have their national versions and catalogues. It is important to emphasize that geo-blocking essentially has two sources. One of them are of commercial nature: websites wishing to operate only in some states and taking steps to limit custom coming from other states. Thus an e-commerce web page may only ship to customers in the country where it has its commercial basis. It could ship elsewhere, but it desires not to. The second obstacle results from copyright and licensing regulation in the EU. This is the case when a streaming company clears rights for one package of movies in state A but a different package in state B. Arguably, it is this second obstacle that is more prominent in the EU. This is for a simple reason: customers in the EU rarely buy across borders (and that is usually not because they are blocked) but are ready to enjoy streaming services based in the USA or in another Member State (mostly the UK). It is the latter that is both generating most debate in the EU and that is more problematic of the two.

What is happening when a streaming company (irrespective of whether it is based in the EU or the USA) decides to operate in more than one EU state? Typically, it has to clear rights for the content that it intends to offer in each state. This can be a complicated process because, unlike the United States, there are 28 separate Member States with 28 separate copyright regimes. There is no EU-wide system of licensing for audio-visual works. Some steps have been made in the music world, where multi-territorial licensing has been impossible until 2005 but where the new EU regime made it significantly more convenient. No similar directive exists for audio-visual works and a package of rights that a company gets in France may significantly differ to those it gets in Germany. Geoblocking is then an annoying but necessary consequence of this reality. On top of that, the audio-visual sector, which is always high risk, does not see licensing as an obstacle – it depends on copyright whose exploitation monopoly helps them survive financially. “The pre-financing of audio-visual works requires significant involvement from stakeholders from the territory they are designed for ” (see a detailed study on Multi-Territory Licensing of Audio-Visual Works in the European Union dating from 2010). In other words, obstacles which prompt geo-blocking are not necessarily copyright in nature but come from the way the audio-visual industry functions in the EU. The resulting fragmentation is a consequence of cultural differences but also financial arrangements where local content is heavily subsidised. Copyright is not its cause but its manifestation.

Gisueppe Mazzioti (@gmazziotti), who has done extensive research on EU licensing regimes, convincingly argues that both copyright and non-copyright factors severely limit the Commission’s options but also put it in an awkward position since it already announced the removal of geo-blocking as one of its high priorities. Although creating a “digital single area for pan-European exploitations of audio-visual works ” is the most effective solution, it is also the most politically demanding. In his view, other options, such as the European Court’s activism, the creation of EU-wide soft-law standards for the implementation of existing laws or the creation of lists of allowed restrictions are more realistic.

The present EU copyright reform will almost certainly not result in a full harmonization of copyright law, which is a prerequisite for a fully-functional EU-wide area for digital works licensing. This is not surprising, since that has not been the present Commission’s ambition. However, this also implies that the use of a blunt instrument in the form of a prohibition of geo-blocking is impossible. Prioritizing the removal of geo-blocking so highly in the Digital Single Market strategy seems to have had an odd effect. The Commission has “painted itself into a corner”. Not acting risks the intervention of the European Court (which has already caused a stir in its Premier League judgment in 2011) while acting more vigorously will meet an instant opposition from all those whose financing models depend on strong copyright. The resulting proposal, if it arrives in 2016, will almost certainly be milder than it initially seemed and would avoid outright bans and probably move in the direction of lists and soft-law.

In an odd way, this is indirectly confirmed elsewhere. Those reading the geo-blocking documents (the Inception Impact Assessment, for example) would only find few references to copyright. In its essence, it is not a copyright instrument at all and the measures discussed in it have only indirect impact on rights licensing. At the same time, the Digital Single Market Strategy is clearly mentioning the E-Commerce and the Services Directives. All of this means that the Commission will, for now, leave copyright largely intact (except for the portability Regulation) and will act on the E-Commerce and service side, eliminating geo-blocking restrictions which are not primarily caused by licensing regimes. It remains to be seen whether even this can be achieved.

If you are interesting in the finer legal aspects of this issue, I encourage you to read Giuseppe’s excellent article referred to above.