Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here.
“This interim regulation ends uncertainty for companies. It does not end the danger to children. This is only a temporary solution to fix an acute emergency. We need a permanent answer to counter a persistent threat against children.”
-Ylva Johansson, European Commissioner for Home Affairs
Story of the week: The European Parliament adopted this week the final version of the ePrivacy derogation. The temporary measure defines the legal basis for providers of electronic communication services to scan private online messages for material that depicts child sex abuse and to deploy technologies designed to detect grooming. Child abuse online has been on the rise in recent years, a situation made worst by the COVID pandemic. To tackle the issues, private companies will be able to put in place on a voluntary basis automated content recognition tools that detect material deemed suspected, which is thereby disclosed to the providers’ staff and in turn to the police authorities. The EU data protection watchdog and the Council of Europe both questioned the proportionality of the measure, considering it too intrusive to scan all online conversations. The European Parliament obtained some concessions, notably in terms of data retention periods and putting limits to the use of the screening technology. Yet privacy advocates are far from satisfied, and fear automated tools might be prone to error, leading to legitimate adult materials (i.e. sexting) to fall in the wrong hands. Read more.
Don’t miss: A report by Mozilla has stated that “the algorithm is the problem” for the spreading harmful content on YouTube, violating the platform’s own policies. The video-sharing giant has an enormous reach, with 2.3 billion users per month and one billion hours of time watch per day. The platform’s growth was mainly driven by its recommendation system, which automatically provides personalised suggestions. Mozilla’s investigation found that 71% of the videos reported as harmful content had been recommended by the platform and that harmful content attracts, on average, 70% more views per day than other material. YouTube, for its part, states it has made significant progress in detecting harmful content and avoiding it is promoted by the algorithm. Yet this improvement might have not affected all countries equally, as non-English speaking countries like France and Germany were found to be particularly affected. Read more.
Also this week:
- The media sector fears banning targeted advertising might undercut their business model.
- French content moderation rules risk fragmenting the digital single market.
- Germany finds itself vulnerable to ransomware threats.
- Publishers might unite to better confront online platforms.
Before we start: Killer acquisitions, what are they? With France, Germany and the Netherlands pressing for tighter merger control measures in the Digital Markets Act, it is surprising how little empirical evidence is available on killer acquisitions, their effect on the market and on consumers. Dr Reinhold Kesler, research associate at the University of Zurich, and Dr Pauline Affeldt, research associate at DIW and technical university of Berlin, conducted one of the first systematic investigations over GAFAM takeovers. Listen to what they had to say in the Digital Brief podcast.
Killer acquisitions in the digital single market
Fragmentation danger. The European Commission has warned that the new French law on content moderation might jeopardise the single market of digital services. The bill was introduced to fight separatism, and contains measures for online platforms similar to the ones being discussed in the context of the Digital Services Act (DSA), such as the provision of a single point of contact for judicial authorities and the obligation to conserve removed content. Although the new law will be superseded once the DSA enters into force, France’s headstart in content moderation might prompt a competition among European countries to shape the proposal. Read more.
To ban or not to ban? Representatives of Europe’s media sector have voiced their concern over the potential inclusion of a ban on targeted advertising in the proposed Digital Services Act, saying it could harm their business model and pose a threat to media pluralism. The group of MEPs backing the ban say that targeted ads harm both journalism and the public and that preventing their use could help to tackle online disinformation. Read more.
Support for a ban gains ground. A group of 14 companies has written to regulators in the EU and US calling for a ban on surveillance-based advertising. The group argues that such ads exploit the privacy of users as well as undermining competition, depriving content creators of revenue and harming democracy. In the EU context, the group says, a ban should be included in the DSA.
Dark patterns defined. The centrist Renew group in the European Parliament introduced in the DSA a definition of “dark patterns” as “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making or choice”. The provisions, presented via amendments, also included an obligation on platforms not to deploy the tool to encourage, for instance, the sharing of data or acceptance of terms and conditions and to ensure the use of fair consent choice screens.
Digital violence vs. freedom of speech. German non-profit HateAid has criticised the DSA for lacking sufficient protections for victims of digital violence, saying that there is a lack of redress for users against defamatory and insulting content on social media platforms. The letter came as a reaction to a non-paper signed by Finland, Ireland and Sweden that warned against over-removal of legitimate content, advocating for the DSA to target only manifestly illegal content. Combatting cyber violence against women was also the topic of a joint session between the LIBE and FEMM committees this week.
Security needed. Germany is underprepared to handle ransomware attacks, which have accelerated during the pandemic and reached unprecedented levels globally. The upswing in digitalisation during the pandemic has increased the vulnerability of many companies and institutions to these attacks, but in Germany, a lack of awareness around the issue remains and the target base has now expanded from large businesses and public institutions to include small medium-sized enterprises. Read more.
Breaking records. A ransomware attack last weekend targeted US-based IT company Kaseya, leading to hundreds of companies globally being hit with demands totalling $70 million for the restoration of the data accessed by the hackers. The attack, which experts say is the largest in history and which is believed to have been carried out by the Russian-linked REvil cybercrime gang, was felt around the world by many different institutions including Sweden’s Coop chain, which had to close hundreds of its shops. Cyber experts estimate that it could take weeks for all those affected to recover, and the attack has increased pressure on the Biden administration to take further action in confronting the threat of cybercrime.
US companies to be investigated. Chinese regulators have launched a cybersecurity review of three US-listed tech companies in the midst of a broader regulatory tightening in the tech sector. Recruitment platform Boss Zhipin and two subsidiaries of Full Truck Alliance are the Cyberspace Administration of China’s (CAC) targets. The move comes just days after the CAC launched an investigation into ride-hailing app Didi Global.
France’s 5G aspirations. France has announced it will invest almost €1.7 billion in its 5G market, which it hopes will be worth €15 billion by 2025. Secretary of State for Digital, Cédric O, also revealed plans to launch a mission on 5G to strengthen the synergies between various actors in the industry. In France, and the EU more widely, 5G and telecoms development is seen as a key way to increase the competitiveness of various sectors and as having positive effects on the economy as a whole. By its 2025 end date, France’s strategy is expected to have created 20,000 new jobs. Read more.
Greenlight for cross-border projects. A programme adopted by the Parliament this week will direct new funds towards transport, digital, and energy projects. The upgraded Connecting Europe Facility programme, worth €30 billion between 2021 and 2027 will fund cross-border projects such as networks and 5G coverage. 60% of funds will go to projects designed to help achieve the EU’s climate targets and 15% of the funds earmarked for the energy pillar will go to renewable energy projects.
State aid review. The Commission has published the results of an evaluation of State aid rules for the deployment of broadband networks concluding that, while they are generally fit for purpose, some changes may be needed to ensure their compatibility with various EU policy goals.
Danish collective takes on tech. Denmark’s media sector has formed a collective bargaining assembly to take on tech platforms under the EU’s 2019 Copyright Directive. The move is the first of its kind in Europe, though similar shifts are being seen elsewhere in the EU and beyond. At a time when the platform-publisher balance is under scrutiny, collective action appears to be gathering pace. Read more.
Critical conditions. International condemnation has followed the shooting of well-known Dutch journalist Peter R. de Vries in Amsterdam. The veteran crime reporter, who was seriously injured in the attack on Tuesday, had received police protection in the past after threats were made to his life. Multiple people have been arrested in connection with the shooting and, internationally, leaders and organisations have expressed horror at the attack, which comes just months after the killing of a crime journalist in Greece, and the 2017 murder of investigative journalist Daphne Caruana Galizia.
Press freedom predator. Hungarian Prime Minister Viktor Orbán has been included in the Reporters Without Borders (RSF) 2021 Press Freedom Predators list. Describing his official discourse as “belligerent”, RSF cites political control of media companies and the denigration and self-censorship of journalists as some of the reasons for his addition to the list. Concerns have been growing over the deterioration of media freedom in Hungary, which was ranked 92nd out of 180 in RSF’s 2021 World Press Freedom Index.
Treason charges. Six months after he was detained on allegations of violating public order, Belarusian journalist Andrei Aliaksandrau has been charged with treason and now faces up to 15 years in prison. Numerous organisations have called for the immediate release of the former deputy director of Belarusian news agency BelaPAN, and recent Index on Censorship staffer, describing his arrest as “arbitrary” and the accusations against him as “baseless”. The media freedom situation in Belarus is increasingly dire, having worsened since last summer’s presidential election and protests.
Plea for territorial exclusivity. 54 MEPs from across the political spectrum have emphasised the importance of territorial licensing in the audio-visual sector when it comes to protecting cultural diversity. The group have called on the Parliament not to weaken territorial exclusivity and to ensure that media plurality and variety are maintained while also ensuring the sustainability of the audio-visual sector.
Digital Single Market
Broader definition called for. The EU Monopolies Commission is calling for improvements to and greater clarity in the proposed Digital Markets Act, according to a report seen by FAZ. Where the current DMA proposal is directed towards gatekeeper companies defined as controlling at least one platform, the Monopolies Commission is seeking to alter this so that it applies to those that control entire online ecosystems. This could occur, for instance when one company both operates and provides goods or services in the same marketplace. As it currently stands, the DMA is seeking to prevent abuses of power in situations such as this by, for instance by preventing gatekeepers from privileged their own services in the rankings or marketplaces they run.
Competition policy reviewed. The European Commission’s annual report on competition policy was released this week, the first since the start of the von der Leyen presidency. The report covers 2020 and examines the effects of the COVID-19 pandemic on EU competition policy, as well as the December proposal of the Digital Markets Act, designed to regulate the largest “gatekeeper” online platforms.
British plan to cut tech regulation. The UK government has released its Plan for Digital Regulation, covering its vision for the future governance of digital technologies. The post-Brexit plan describes itself as “unashamedly pro-tech” and emphasises plans to “reduce red tape” as part of efforts to promote innovation.
The Donald calls on lawyers. Former US President Donald Trump has filed class-action lawsuits against Facebook, Twitter and Google, as well as each of their CEOs, over alleged “censorship”. Trump was banned by these online platforms following his incitement of the mob that stormed the US Congress last 6 January. A number of European leaders voiced their concerns over the bans and the power of tech giants to decide who is able to speak on their platforms.
Victory for activists. Twitter will have to provide clarity on the measures it is taking to confront hate speech, a French court has ruled after a case was brought against the tech company by a group of six anti-discrimination organisations. The platform now has two months to provide activists with full access to information about what it has done to combat hate speech since May 2020, not just in France but globally. Twitter is reportedly considering appealing the judgement.
Repercussions for Glovo. Food delivery firm Foodinho’s parent company Glovo has been ordered to change the algorithms it uses in the management of its staff after Italy’s data protection authority found that it had breached a number of privacy and labour laws. The company has also been fined €2.6 million and has 150 days to make the necessary changes. The gig economy and the often-insecure working conditions of those in it have come under particular scrutiny during the pandemic. The EU Commission and Parliament are currently working on an initiative to regulate the conditions of platform workers.
SMBs’ 2020 success. More than 1.8 billion products were sold on Amazon by European small and medium businesses (SMBs) in 2020, according to a report by the company. The export sales of European SMBs, the report notes, reached €12.5 billion across a variety of categories.
Data & privacy
Not here to guide you. Portugal’s minister of state modernisation has said that the government cannot give guidance to local authorities over the application of the General Data Protection Regulation (GDPR). The statement follows news last month that Lisbon City Council provided Moscow with the names and personal details of three Russian activists who protested the imprisonment of opposition leader Alexei Navalny outside the country’s embassy.
Look for guidance here. The European Data Protection Board adopted on Thursday a set of guidelines to clarify the application of data protection rules following a number of public consultations. The guidelines on Codes of Conduct (CoCs) indicated that approved codes can be used also outside of the EU to provide appropriate safeguards for international data transfers. The guidelines on Virtual Voice Assistants (VVA) indicate how to address the most challenging privacy aspects of this technology. The guidelines on Controller and Processor clarify these two fundamental concepts for GDPR.
You can go now. The EDPB also decided to disband the TikTok task force, a working group set up to monitor the social media data processing practices in the EU. The task force was initiated following a letter from the Italian privacy watchdog, Garante, who raised concern around the privacy of the many minors that use the platform. At the time. TikTok missed a legal representative in an EU country. Since the Chinese company recently established itself in Ireland, the Irish Data Protection Commissioner is now the leading authority.
Confronting disinformation. The majority of MEPs argued at a plenary debate this week that the EU needs to do, and invest, more to counter disinformation campaigns and hybrid warfare. Earlier this year, High Representative for Foreign Affairs and Security, Josep Borrell, told MEPs that the EU lacks the necessary resources to counter campaigns by Russia and China, particularly in the context of recent anti-vaccine misinformation efforts.
Campaign laws criticised. A report by a government ethics watchdog in the UK points to a number of flaws in the country’s current electoral finance rules and says they need to be strengthened to prevent the foreign funding of campaigns. Last year, a Parliamentary report on Russian election interference found that the government failed to investigate evidence of attempts to influence democratic processes, and called for new legislation to address outdated laws.
Online networks target refugees. A report by the Institute for Strategic Dialogue has mapped online networks and examined the narratives they used to spread anti-refugee disinformation and hatred in a number of different languages throughout 2020. The report also explores how these transnational networks connect far-right extremists and actors from the political right and identifies where the audiences and tactics of these groups overlap.
Chip producer changes hands. Nexperia, a Chinese-owned Dutch firm, is set to acquire the UK’s largest chip producer, Newport Wafer Fab for approximately £63 million. The purchase comes amidst a global chip shortage which has seen the price of products such as laptops rise and which some worry could continue for years to come. Wingtech Technology, the company that owns Nexperia is heavily backed by the Chinese government, according to investment screening specialists Datenna, which traced nearly 30% of the company’s shares back to China’s authorities.
Cyber investigation launched. Ride-hailing app Didi Global’s shares were hit after the Cyberspace Administration of China (CAC) ordered it off of Chinese app stores just days after its launch. The CAC has launched an investigation into allegations that it illegally collected the personal data of users, saying that the review was in national security and public interest. Shares in the company fell more than 10% on Friday as a result. The initiative is part of a crackdown campaign of the Chinese government to contain the power of big tech.
Warning over biometric surveillance. The European Digital Rights network has released a report on the use of biometric mass surveillance in the EU just over a year after calling for the technology to be banned. Focusing in particular on Germany, the Netherlands and Poland, the report argues that abusive and unlawful practices in the realm of biometric mass surveillance in the EU are much wider than reported and that existing laws on the matter are failing to the extent that they de facto permit such practices. Campaigners have criticised the recently proposed Artificial Intelligence Act for opening the door to biometric mass surveillance.
AI at the border. Europe’s borders are getting ‘smarter’ through a number of EU projects on biometric identification, emotion detection, automated risk assessment and migration monitoring and forecasting. According to a study from the European Parliament, “there are clear benefits to be reaped from a careful adoption of AI technologies in the context of border control.” The research however warns against the risks of unlawful profiling and discrimination.
Surveillance state. A new book by author Geoffrey Cain documents the rolling out of surveillance technology and the development of a security state in China’s northwest Xinjiang region. The Perfect Police State explores how AI has been deployed to create an environment of all-encompassing technological control, and the dangers of this kind of power in the hands of authoritarian governments. In Xinjiang, home to the Uyghurs, whose treatment at the hands of the Chinese government has drawn international denunciation, AI and facial recognition have been installed to reinforce a CCTV network of constant observation.
State-of-the-art CV. Google researchers have announced the development of a new deep-learning computer vision (CV) model which they say has beaten existing records when it comes to image recognition. The state-of-the-art model, which has two billion parametres and was trained using three billion pictures, achieved a 90.45% accuracy rate and it ranked #1 on the ImageNet leaderboard.
Levy vs tax. Hundreds of companies, the majority of them European, will be subject to a new digital levy, to be imposed by the EU in upcoming weeks in order to fund COVID-19 recovery. A week after the OECD announced the support of 130 countries for a minimum corporate tax rate of 15%, Margrethe Vestager, European Commission’s executive vice president, sought to clarify that the levy was not the same as a tax.
Satellite funding to go ahead. EUMETSAT, Europe’s meteorological satellite agency, has unveiled plans to invest over €58 million between 2022 and 2027 in continuing and expanding the activities of eight Satellite Application Facilities (SAFs). The SAFs provide services such as weather forecasting, air traffic control and firefighting, and are run by a group of member state national meteorological services.
eMAG expansion on the horizon. The European Bank for Reconstruction and Development, along with Raiffeisen Bank, is establishing a debt financing package of €37.55 million for Romanian online retailer eMAG. The company is the largest online retailer in Romania and also serves customers and suppliers in Bulgaria and Hungary. The investment is expected to facilitate the technological expansion of eMAG’s logistics and commercial capacity.
The Euro’s digital development. A paper by the European Savings Bank Group has set out recommendations for the development of a retail digital euro. The paper advises that, should the European Central Bank decide to pursue such development, it will need to ensure both that it respects existing banking systems, is secure and easy to use and respects the data privacy of its users.
What else I’m reading this week:
Demand for AI-powered interview software surged during the pandemic, but just how reliable is it? (MIT Technology Review)
5 possible scenarios of what would happen if Apple opened its app store (Wired Italia)