Digital Brief: EU/UK data transfers, EU police facial recognition, dark web

The Digital Brief is Euractiv's weekly tech newsletter.

Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here


“While the UK applies EU data protection rules during the transition period, certain aspects of its system may change in the future, such as rules on international transfers. These aspects, therefore, raise questions that need to be addressed”

– Commission Source to EURACTIV. 


Story of the week: The European Commission has concerns that certain aspects of the UK’s data protection regime may change in the future and negatively impact the safety of EU personal data when transferred to the country, Commission sources have informed EURACTIV.


Also this week: Cambridge Analytica boss ban, 5G EU delays, police use of EU facial recognition, No content regulation in DSA?, New EP committees, dark web crackdown


Digital Brief: Will UK be ‘data’ adequate?


The EU executive is conducting an assessment of the UK’s data protection landscape as part of a so-called ‘adequacy-decision,’ in order to determine if EU data can safely be transferred to the UK after Brexit.

“While the UK applies EU data protection rules during the transition period, certain aspects of its system may change in the future, such as rules on international transfers,” a Commission source told EURACTIV on Tuesday (22 September).

“These aspects, therefore, raise questions that need to be addressed,” the source added.

The EU executive seeks to adopt a position before the end of 2020, and before doing so, would also require a positive opinion on the UK’s data protection standards from the European Data Protection Board (EDPB), as well as a green light from EU member states.


Parliament’s ‘secret’ meeting. In the European Parliament on Tuesday, MEPs in the Civil Liberties committee took part in a confidential briefing with Commission representatives on the subject of the UK’s data adequacy assessment.

Two Parliament sources revealed to EURACTIV that the lack of progress on the assessment presented by the Commission was disappointing to MEPs and that the EU executive was unable to give any specific decision for when a decision could be arrived at.

Cambridge Analytica boss ban. The former chief of disgraced data analytics firm Cambridge Analytica, Alexander Nix, has not disputed accusations that he engaged in unethical commercial practices including ‘bribery’ and ‘voter disengagement campaigns,’ in a procedure that will see him banned from heading up companies for seven years.

Irish Privacy Crisis. On Monday, the Irish Council for Civil Liberties submitted huge volumes of evidence to the Irish Data Protection Commissioner, highlighting the failure of the authority to stop real-time bidding privacy breaches at the heart of the online advertising industry.

Real-time bidding refers to the trade of online ads in real-time auctions that take place during the time it takes a webpage to load. Senior Fellow for the ICCL’s Information Rights Programme, Johnny Ryan, first submitted a complaint to the Irish DPC over GDPR violations related to real-time bidding in September 2018.

TikTok’s EU data. TikTok has cast doubt on how it will transfer EU personal data to its new data site in Ireland when the facility is completed next year, which could provoke concern among data protection activists in Europe.


Artificial Intelligence

EU healthcare biometric identity systems. An EU-funded technology, Panacea, has this month been showcasing its innovations in the field of biometric access control software, to potentially be employed across healthcare institutions across the bloc in order to safeguard against vulnerabilities and cyber attacks of heath databases.

Police facial recognition concerns MEPs. MEPs on the European Parliament’s Civil Liberties Committee have questioned EU plans to establish a bloc-wide facial recognition database for use by police authorities, citing the potential abuse of data as well as the likelihood of false positives.

Clearview backlash in US. Vermont Superior Court has rejected Clearview AI’s motion to dismiss a case brought against the company. Claims had been filed that accused Clearview AI of illegally harvesting billions of images from social media without the permission of users, allegedly breaching state law.

Parliament algorithm study. The European Parliament’s Legal Affairs Committee has commissioned a study on automated filtering of online content, outlining the main critical issues under the present legal framework and also examining the space for regulation in the context of a future EU Digital Services Act. Read it here.

Dual-use goods. EU negotiators are closing in on a deal on new rules that would end the sale of cyber-surveillance technologies to autocratic regimes worldwide.

Migrant surveillance. Instead of coming up with a meaningful plan, the EU’s new migration pact explicitly doubles down on containment and border security and opens the door to increasingly more draconian tools of surveillance using new technologies, write Petra Molnar and Kena-Jade Pinto, who recently travelled to the Moria refugee camp in Lesvos.

New AI fund. A new AI fund has been launched, supported by the Charles Stewart Mott Foundation, King Baudouin Foundation, Luminate, Mozilla, Oak Foundation, Open Society Foundations and Stiftung Mercator, with the goal of promoting an ecosystem of European public interest and civil society organisations working on policy and technology.

The fund will launch with a 1,000,000€ open call for funding aimed at strengthening the ability of civil society organisations in Europe.

AI discrimination. The EU should not ‘copy and paste‘ everyday racial discrimination and bias into algorithms in artificial intelligence, the EU’s Vice-President for Values and Transparency Věra Jourová has said.


Digital Services Act

No illegal content ban? The European Commission has given its clearest indication yet that obligations on digital platforms to remove content are unlikely to feature in far-reaching EU efforts to regulate the web, due to be presented before the end of the year.

EU member states themselves have been keen to speak out on their positions on the Digital Services Act. EURACTIV recently obtained the response of Poland’s Ministry of Digital Affairs to the Digital Services Act plans, where they called for a “forward-looking, technologically neutral and flexible solution, enough to respond to the rapid pace of changes observed in the digital sector.”

Parliament reports. EPP MEP Kris Peeters’ text was backed by Civil Liberties members on Tuesday (22 September), which included maintaining the fundamentals of the eCommerce directive – including the limited liability provisions and the ban on general monitoring obligations.

The report also rallies the importance of consumer rights and forms of redress for online actions by automated technologies, as well as greater transparency for online political advertising.

The Internal Market committee’s report, led by Maltese socialist MEP Alex Agius Saliba, is set to be voted on Monday 28 September. Ahead of the vote, EURACTIV caught up with Shadow for the Greens, Alexandra Geese, to hear about her thoughts.

Geese said that in an ideal world, she would have liked a stronger approach on transparency obligations, particularly on algorithmic processes, and added that the general focus of the Commission should be more directed on the explainability of ad tech, the transparency of algorithms, as well as access to key data for researchers.

Geese also floated the idea of establishing a European ‘Social Media Council,’ comprised of civil society representatives, which could balance the heavy lobbying in Brussels from industry.



EU 5G delays. The European Commission has admitted that there will be a delay on targets to launch 5G telecommunications networks across all EU member states by the end of 2020, owing to postponements in spectrum frequency auctions that have occurred as a result of the coronavirus crisis.

Illiad probe. EU antitrust regulators will decide by Oct. 26 whether to clear French telecoms operator Iliad’s 3.5-billion-euro ($4.1 billion) bid for Polish mobile group Play, a filing on the European Commission’s website showed on Tuesday (23 September).

Polish 4G probe. The EU executive has opened an in-depth investigation to assess whether the allocation by the Polish authorities of a frequency block for the provision of 4G services to Sferia is in line with EU State aid rules.

3G over in Germany. Deutsche Telekom has become the third major operator in Germany to plan a closure for its 3G services in the country, with the date to shut down the network on 30 June 2021. Bot Telefonica Deutschland and Vodafone Germany had previously made similar announcements.

Huawei attack. Huawei Technologies will do everything it can to strengthen its supply chain which has been “attacked”, its rotating Chairman Guo Ping said on Wednesday (23 September).

UK telecoms taskforce. Former-BT Chief and ex trade minister Lord Ian Livingston will lead a new task force to drive forward ongoing work to diversify the UK’s telecoms supply chain and reduce reliance on high-risk vendors, following the UK’s decision to alienate Huawei from various parts of its future 5G infrastructure.

“Under Lord Livingston’s leadership, this task force will use industry expertise to turbocharge the delivery of our Diversification Strategy. Together we will push ahead with bold ideas to break through the barriers stopping suppliers from entering the UK and put us at the forefront of innovative new mobile technologies,” UK Digital Secretary Oliver Dowden said this week.

MWC Rescheduling. Telecoms group GSMA this week announced a rescheduling of its Mobile World Congress series for 2021. MWC21 Shanghai will now take place from 23 – 25 February 2021, and MWC21 Barcelona will now take place between 28 June – 1 July 2021.



Hungary crackdown. In a letter dated 2 June, József Magyar, deputy secretary of state for development of European affairs at the ministry of foreign affairs and trade, asked Hungarian embassies in the European Union to provide information about the professional visits of Hungarian journalists to the respective EU countries, Telex reported. Read more.

UK blacklisting.  The UK Ministry of Defence has apologised to the investigative outlet ‘Declassified UK’ for having blacklisted the media by mistake.



Foreign Interference rapporteur. EPP’s Sandra Kalniete has been named rapporteur of the INGE committee report on foreign interference in the EU.

International string against dark web criminals. An international coalition of law enforcement agencies, including the EU’s Europol, has announced the results of a coordinated operation known as DisrupTor, which targeted trade on the dark web. The string resulted in 179 global arrests.

Commission has no means to review terrorist content. “The Commission does not have a comprehensive overview of companies’ policies and tools to counter terrorist activity on their platforms,Home Affairs Commissioner Ylva Johansson said earlier this week.



Big tech spends big. A recent investigation by the Corporate Europe Observatory has found that Big Tech giants such as Google, Amazon, Microsoft, Facebook, and Apple are among the biggest individual corporate lobby spenders in Brussels, with recent declarations showing a combined €21 million spent.


New Committees

Parliament’s new special committees have this week held their constitutive meetings and elected their chairs and vice-chairs. In tech, here’s who you need to keep an eye on:

Special Committee on Foreign Interference in all Democratic Processes in the EU (INGE)

Chair: Raphaël GLUCKSMANN (S&D, FR)

1st Vice-Chair: Javier ZARZALEJOS (EPP, ES)

The other three vice-chairs will be elected at a later meeting.

Special Committees on Artificial Intelligence in a Digital Age (AIDA)

Chair: Dragoş TUDORACHE (Renew/RO)

1st Vice-Chair: Miapetra KUMPULA-NATRI (S&D/FI)

2nd Vice-Chair: Geoffroy DIDIER (EPP/FR)

3rd Vice-Chair: Edina TÓTH (EPP/HU)

4th Vice-Chair : Birgit SIPPEL (S&D/DE)



Crypto-assets. The European Commission on Thursday (24 September) set out plans to create what its officials described as the world’s most comprehensive set of rules for crypto-assets and their underlying blockchain technology.



Google/Fitbit. EU antitrust regulators have extended their investigation into Alphabet unit Google’s fitness tracker maker Fitbit to Dec. 23, the European Commission said on Wednesday (23 September).

EU investigates Chinese fibre optics. The European Commission launched an investigation on Thursday (24 September) into imports of optical fibre cable from China, which EU manufacturers believe are being sold in Europe at artificially low prices.

Blix complaint. US app maker Blix took its fight against Apple to Europe on Monday (21 September) as it laid out its grievances against the iPhone maker to EU antitrust chief Margrethe Vestager, saying that Apple is not playing fair.



UK app. England and Wales launched a COVID-19 smartphone app on Thursday, allowing users to trace contacts, check the local level of risk and record visits to venues such as pubs, four months after the technology was promised to the public.

Slow uptake of French app. France is struggling to get off the ground with its StopCovid centralised tracing app. While it has been downloaded 2.4 million times, reportedly 700,000 users have uninstalled it and only 200 notifications have been sent out so far, according to VentureBeat.

New regulations for foreigners working online. Laws related to the employment of foreign nationals will be amended so as to ensure more revenue is generated from an increasing number of foreigners who work remotely from Serbia for companies located in other countries, Serbian Labour and Employment Minister Zoran Đorđević announced on Wednesday (23 September). Read more.


On my radar

The 6th edition of the EUROPEAN CYBERSECURITY FORUM will be held on 28–30 September online. This year’s CYBERSEC leitmotif – “Together Against Adversarial Internet” and the mission of the forum enhance cooperation of like-minded countries to secure digital transformation.



What else I’m reading this week:

  • What Even Is ‘Coordinated Inauthentic Behavior’ on Platforms? (Wired)
  • Companies’ New Back-to-Work Dilemma: Who Comes First? (WSJ)
  • How Quickly Can a Girl Go Viral on TikTok? (The Atlantic)

Subscribe to our newsletters