EU Policy Updates
ISPA is keeping you updated about EU policy issues.
Update December: European Commission approved & movement on cybersecurity issues
After an unprecedentedly complicated hearing process, the European Parliament finally approved von der Leyen’s European Commission. The new College of Commissioners officially took office on 1 December, for the next five years. Internal Market Commissioner Thierry Breton has had a busy start, already announcing in his hearing that the principle of limited liability would not be altered in the Digital Services Act, mentioning that the AI proposal on the first 100 days of the Commission mandate would take the form of a communication, and proposing in the Council that the Commission would work on a new ePrivacy text. Meanwhile, on cybersecurity, the package on cross-border access to electronic evidence finally saw relevant movement, with the file’s rapporteur in the European Parliament putting forward a draft text that greatly improves the Commission’s proposal from the point of view of EuroISPA. In the meantime, technical discussions on the implementation of the Copyright Directive continue within the so-called Article 17 Stakeholder Dialogues, gathering the European Commission, rightsholders, as well as platforms. November also witnessed the publication of EuroISPA Consensus Position on Principles for the Future of the EU Intermediary Liability Framework, following extensive internal consultations within the association.
Update October: Artificial Intelligence regulation and Digital Services Act
After the Summer recess, the European institutions are now preparing for the new legislature. The European Commission’s President-elect presented her Commissioner-designates. Executive Vice-President-designate Margrethe Vestager will be in charge of the ‘Europe fit for the digital age’ portfolio and will oversee Commissioner-designate Sylvie Goulard’s work on the Digital Single Market. They will both be responsible for the Digital Services Act, as well as for the upcoming AI regulation. Discussions on the Digital Services Act, supposed to ‘upgrade intermediary liability’ are multiplying in Brussels – the European Commission is now expected to publish a proposal by the end of 2020, while the European Parliament envisages to work on a political resolution to influence the debate. As regards ePrivacy, the Finnish Presidency published an updated text of the proposal. However, negotiations are still expected to be slow in the coming months. When it comes to the package on the cross-border exchange of electronic evidence, the Parliament is expected to put forward a draft text in November 2019, while the European Commission has been working with Member States to develop an ‘eEvidence Digital Exchange System’. The European Commission has also been focussing on the implementation of the EU Copyright Directive and has launched a stakeholder dialogue on the application of its article 17.
Update August: The European Parliament established its Committees and respective Chairs
Throughout the month of July, the European institutions continued their renewal process, following the elections in May. The European Parliament established its Committees and respective Chairs, and elected its President, David-Maria Sassoli (S&D, Italian). Furthermore, the legislative body elected Ursula von der Leyen as President of the European Commission. She published her Political Guidelines, calling for AI legislation in her first 100 days of office and for a “Digital Services Act” which will “upgrade” the existing intermediary liability rules. In terms of policy developments, the Finnish Presidency published new amendments to the proposal on ePrivacy, in an effort to resolve the current negotiation deadlock. As regards cybersecurity, the European Data Protection Board and the European Data Protection Supervisor published an opinion on the consistency between GDPR and the US Cloud Act. They noted that currently, unless a US CLOUD Act warrant requesting the transfer of data is recognised or made enforceable on the basis of an international agreement, the lawfulness of such transfers of personal data cannot be ascertained. In terms of outreach, as new MEPs arrived in Brussels, the Officers of EuroISPA held constructive meetings with a number of “digital MEPs” such as Andrus Ansip (Renew Europe, Estonian) and Marina Kaljurand (S&D, Estonian).
Update July: Process of renewal
While the European Parliament is in the process of renewal and the new European Commission’s leadership is yet to be established, the Council has tied up loose ends of several dossiers. On 6 and 7 June, the Justice and Home Affairs Council adopted Conclusions on data retention, asking the European Commission to further look into the possibility of EU-level action, such as a legislative initiative. In the context of the proposal on cross-border access to electronic evidence the Council adopted Production and Preservation Order Certificates, marking the end of the Council’s work on the dossier. Interinstitutional negotiations on this dossier are expected to commence in Q4 2019 or Q1 2020. In addition, the Council adopted negotiating mandates for the EU-US Agreement on the access to electronic evidence and the Second Additional Protocol to the Budapest Convention. This set of documents will allow the negotiations at the international level between the EU and the US to proceed. In terms of public appearances, EuroISPA spoke at the United Nations Office on Drugs and Crime (UNODC) on the issue of cross border data exchange and at the Council of Europe on the issues of content moderation and AI and fundamental rights.
Update June: EU Elections, ePrivacy & E-Commerce
Following the EU elections held in May, The Christian Democrats (EPP) and Socialists and Democrats (S&D) remained the two main political groups of the House, but they lost their absolute majority, making the Liberals an indispensable group to form any stable majority. In Council, the Romanian Presidency prepared a Progress Report on the ePrivacy proposal. It indicates that divergences (on the potential impact of the proposal on new technologies, on the fight against CSAM, or on the possibility of introducing new data retention legislation) between Member States are still significant. Discussions on data retention continued in the Council, as in June ministers will adopt a set of Conclusions asking the European Commission to produce a study examining the possibility of a legislative initiative, as well as to continue exchanges with stakeholders on the topic. Finally, the European Commission has also produced an internal concept note on the future potential revision of the E-Commerce Directive. The document, which proposes a wide range of potential regulatory actions, notes that the new law will have to cover all digital services in the Digital Single Market, with an emphasis on online platforms.
Update May: Terrorist Content Online Proposal & Copyright Directive
The current European Parliament gathered in April 2019 for the last time, as the EU elections in May 2019 will renew it and mark the beginning of the 9th legislature (2019-2024). During these last plenary meetings, MEPs adopted the European Parliament’s position on the proposal for a Regulation on the prevention of terrorist content online. The final text generally improves the European Commission’s proposal, as it narrows down the scope and aligns the text with the current EU intermediary liability regime. The European Parliament has also published additional non-legislative “Working Documents” on its proposal for a Regulation on cross-border access to electronic evidence. However, trilogues between the three main EU institutions are not expected to commence before 2020. In other developments, also the Council adopted the extremely controversial Copyright Directive reform, bringing the legislative process to an end. Member States will now have 2 years to implement the new rules nationally, providing EuroISPA members with a window of opportunity to work towards a national implementation which would improve the text from the point of view of the industry.
Update April: Copyright Directive reform & ePrivacy Regulation
March was marked by the adoption of the Copyright Directive reform by the European Parliament, which imposes a much stricter liability regime on certain platforms. Such a new regime could potentially encourage platforms to over-block lawful content as a consequence, and would be particularly burdensome for SMEs. Discussions on the proposal for a Regulation on the prevention of terrorist content online continued, with several European Parliament Committees publishing their Opinions. The amendments are generally positive, as they aim to narrow down the scope and align the text with the current EU intermediary liability regime. In other developments, discussions on data retention are back on the agenda – EuroISPA participated to a dedicated European Commission stakeholder roundtable and Member States are discussing this topic in the Council. When it comes to the Directive on cross-border access to electronic evidence, which sets out obligations for service providers on the nomination of legal representatives in the EU, the Council adopted its position. Finally, the Council continues its work on the ePrivacy Regulation, with the aim to reach a position by the end of the current Romanian Presidency. In parallel, we understand that the Parliament will not attempt to reach a first reading position on the ePrivacy dossier in this legislature.
Update March: Copyright Directive reform & Terrorist Content Online Proposal
In February, the European Institutions made progress in almost all of the policy initiatives EuroISPA follows. In a major breakthrough, the three Institutions reached a provisional agreement on the Copyright Directive reform, which will need to be endorsed by the European Parliament as a whole in March or April. The European Parliament was also particularly active on the proposal for a Regulation on the prevention of terrorist content online, with amendments being tabled and debated throughout the month. Most of the amendments are positive, as they attempt to target the scope and align the text with the current EU intermediary liability regime. When it comes to the Directive on cross-border access to electronic evidence, which sets out obligations for service providers on the nomination of legal representatives, the Council is close to a position. We also understand that the Council aims to reach a position on the proposal for an ePrivacy Regulation by March 2019.
Update February: Negotiations on the Copyright Directive reform & Terrorist Content Online Proposal
As 2019 begins, the European Parliament intensified its efforts on the proposal on preventing the dissemination of terrorist content online. While the leading Committee did not substantially alter the text, the opinion-giving Committees improved it significantly, deleting references to proactive measures and upload filters. The negotiations on the Copyright Directive reform are frantically continuing – however, the Romanian Presidency of the Council was unable to agree on a renewed position, because of existing disagreements on a potential exception for SMEs between Member States. As regards the proposal for ePrivacy, the European Commission published several documents exploring the interaction between the proposal and existing regulatory frameworks on CSAM and M2M and IoT technologies. The Romanian Presidency aims to achieve a compromise text by the end of the legislature.
Update January: Terrorist Content Online Proposal & E-Evidence Proposal
Negotiations proceeded at a swift pace on a series of EU digital policy files. Surprisingly, the EU Member States adopted their position on the terrorist content online proposal (see also Maximilian Schubert's presentation at the Council of Europe) and the cross-border provision of electronic evidence proposals (see also Maximilian Schuberts presentation at the European Parliament) respectively on 6th and 7th December. Similarly, the European Parliament and the Council are prioritising the Copyright Directive reform, with a view to finalise the interinstitutional negotiations by the beginning of 2019 - the political will is there; however, compromises have not been found yet on the most controversial provisions of the text. By contrast, as regards the proposal for a Regulation on Privacy and Electronic Communications, the Council only published a progress report - the new Romanian Presidency of the Council hopes to achieve a common position of the Member States by June 2019.