Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here.
“We are looking into legal options to resolve this issue.”
– ECR MEP Angel Dzhambazki, who this week found himself at the centre of an Indian disinformation scandal in Brussels.
Story of the week: Researchers have unearthed a widespread, coordinated, and manipulative 15-year-long Indian disinformation operation in Brussels, with the creation of fake media, the revival of defunct think-tanks, and even the fraudulent impersonation of dead people.
Also this week: The latest on the Digital Services Act, MEPs concerned about copyright, auditors probe EU’s 5G goals, France DPA Vs Google, Schrems on US privacy hearing, Scholz on Facebook’s cryptocurrency, Frontex’s biometric tech, Vienna: EU’s spy capital, Romania to host EU cyber centre, EU Algorithm ranking guidelines, Zuboff on Google-Fitbit, German competition crackdown on Facebook, Amazon in the Nordics, and much, much more…
Our podcast this week features an interview with Ben Rapp, an expert on EU-UK data flows who heads the UK’s largest data privacy consultancy, Securys. We talk about the potentially perilous future for EU-UK data flow after Brexit.
Actors behind a vast fake news campaign dubbed the ‘Indian Chronicles’ by investigators, directly targeted MEPs, bankrolling trips to Kashmir, Bangladesh, and the Maldives, creating informal working groups inside the Parliament, establishing a fake newsgroup, as well as influencing parliamentary questions to the European Commission.
All such efforts were made, according to EU Disinfo Lab – the team behind the investigation – in order to spread anti-Pakistan propaganda and to bolster Indian interests within the EU institutions. Read more.
EU StratCom force for Middle East Disinformation. Meanwhile, following a recent Parliamentary resolution, EPP MEP David Lega wants to know what the Commission is doing in terms of considering the notion to establish a unit within the EU’s external Action Service to strengthen its capabilities to counter Iranian and Middle Eastern interference and disinformation.
A message from FACEBOOK
Facebook partnerships to fight against COVID-19
Working together is more important than ever in the fight against COVID-19. In Spain, the World Bank is using Facebook’s Disease Prevention Maps to forecast needs for COVID-19 testing and hospital beds. Learn more about how we’re collaborating to keep communities safe and informed at about.fb.com/europe.
Digital Services Act / Digital Markets Act
Gatekeeper scope. The scope of online platforms that will come under new regulatory prohibitions as part of the European Commission’s forthcoming Digital Markets Act (DMA) will be narrowly targeted to a set of ‘big operators,’ the EU executive has revealed.
Elsewhere, the FT has more information on the sanctions regime in the Digital Services Act that EURACTIV reported on in November, revealing that large gatekeepers that violate Digital Service Act rules will lead to fines up to 6% of their total turnover in the previous financial year.
Regulatory Scrutiny Board. The Commission’s internal panel, the regulatory scrutiny board, finally passed the DMA on Thursday, following two previous ‘failures.’ This gives effectively gives the go-ahead for political approval in Monday’s meeting between heads of cabinet.
Czechs on DSA. The Czechs have laid out their general position on the Digital Services Act ahead of its unveiling next week. During an online event this week, Deputy Permanent Representative Jaroslav Zajíček said that the eCommerce’s country of origin principle should be maintained at all costs. However, ‘clarifications’ should be considered in the liability regime.
Eastern states against DSA. The Digital Coalition of companies from the countries from Central Eastern Europe and the Baltic region (Bulgaria, the Czech Republic, Hungary, Lithuania, Poland, Romania, Slovakia, and Slovenia), have raised concerns with regards to the Digital Services Act, noting that the new rules could hamper innovation, particularly in the scope of content to fall under the regulation as well as in the definition of gatekeepers.
Disinformation transparency obligations. Earlier this week, the Commission published its fourth set of reports from the signatories of the code of practice against disinformation. The EU executive revealed that the lessons learnt from the latest round of reports will feed into further overarching transparency obligations for platforms for disinformation, to be outlined in the forthcoming Digital Services Act.
EPRS on the Digital Markets Act. A briefing from the European Parliament Research Service published this week explains the rationale for regulating digital gatekeepers in the EU and provides an overview of the key policy questions currently under discussion.
S&D MEPs ‘diplomatic’ answer on lead committee. During a briefing with journalists this week on the Digital Services Act, S&D MEPs Alex Agius Saliba and Tiemo Wölken, who both led reports on the DSA for the Internal Market Committee and the Legal Affairs committee respectively, said that it shouldn’t be important which committee takes the lead for Parliament’s response to the Commission’s upcoming DSA proposal, but that it is important for committees to adopt similar stances. Watch the briefing here.
Jourova-Pichai talks. Commission Vice President for Values Vera Jourova and Google’s CEO Sundar Pichai held a video conference earlier this week discussing disinformation, online advertising and the state of the media sector. After the meeting, Jourova was keen to highlight how the EU’ Democracy Action Plan has featured prominently in their talks. “The European Democracy Action Plan sets out our agenda towards the online platforms when it comes to countering disinformation,” she said.
“I have urged Mr. Pichai to work with us and other actors on the upgrade of the Code of Practice on Disinformation. I appreciate Google’s commitment to work with us even more closely in the fight against disinformation,” Jourova added.
Readers may recall that the Democracy Action Plan outlined plans to introduce a co-regulatory framework for moderating online disinformation, to be outlined in the upcoming Digital Services Act.
Twitter, Mozilla, WordPress and Vimeo on DSA. Too harsh an approach on content removals could threaten rights and inhibit smaller company’s ability to compete in the market, a joint letter published this week by Twitter, Automattic (WordPress and Tumblr), Mozilla and Vimeo states.
BEUC on DSA & DMA. The EU consumer organisation BEUC have published two briefing documents outlining what consumer detriment the DMA and the DSA should address and what actions the group expects from the EU. Read BEUC’s text on the DSA here and the DMA here.
France DPA Vs Google. France’s data privacy watchdog has handed out its biggest ever fine of 100 million euros ($121 million) to Alphabet’s Google for breaching the country’s rules on online advertising trackers (cookies).
EPP amendments for Parliament’s GDPR resolution. EPP’s Axel Voss has tabled a series of amendments to the Civil Liberties committee’s draft resolution on the GDPR. The revisions, seen by EURACTIV, state that the GDPR restricts businesses’ ability to “make full use of available data,” and calls for a complete withdrawal of the e-privacy file from current negotiations due to its failure to obtain consensus between member states.
EURACTIV caught up with Voss earlier this week to hear about his views on the GDPR resolution. “It’s time to update the GDPR in line with the current context,” he said. “We need more creative and innovative solutions to deal with personal data at a time in which the value of access to health data has never been more important.”
Wheely Vs Russian Authorities. Ride-hailing app Wheely has received the backing of a Russian Federal court after the app refused to hand over personal data to the Moscow transport authority (MDOT), citing data protection concerns. Earlier this week, the courts said that a suspension on Wheely’s service that was imposed in Moscow following the company’s refusal to hand over data was ‘unlawful.’
SCCs and access to EU data for third countries. “It is critical that the Commission creates consistent and clear rules regarding third-countries’ government access to European data for law enforcement or national security purposes.” This was the main message from John Miller, senior vice president of policy, trust, data and technology at global tech trade association ITI, in response to the European Commission’s recently updated Standard Contract Clauses (SCCs), used for transferring personal data to non-EU countries.
Privacy Shield. $7 trillion in transatlantic trade could be at risk should the EU and US fail to agree on a new Privacy Shield agreement, a study produced published this week by the Information Technology and Innovation Foundation says.
EU counter-terrorism strategy. As part of the Commission’s counter-terrorism strategy unveiled this week, the EU executive wants to work with governments to improve access to digital evidence and encrypted information used by criminals.
As part of its EU Presidency mandate, German Interior Minister Horst Seehofer insisted in November on enabling access to encrypted communication to prevent terrorist attacks. However, privacy advocates and civil society organizations condemned the step as a breach of privacy regulations. Read more.
Schrems on US privacy hearing. Earlier this week, the US Committee for Commerce, Science and Transportation held a hearing on the EU-US data transfers after the Schrems II decision by the European Court of Justice earlier this year.
For his part, Max Schrems lamented the lack of representation from the European data protection space. “Transatlantic data flows are very complex and require experts from both sides to work on a solution. It is especially surprising to see that the experts of the parties that have lost the case, like Facebook’s Peter Swire, is heard. His positions were shattered in the European Courts before and not even Facebook relied on his witness statements anymore in the Irish Courts. I wonder to what extent his testimony will be of use for a stable solution.”
ePrivacy. As the Council seems to have (yet again) failed to adopt a general approach for the ePrivacy regulation, one question that bears asking is: would more exceptions for online tracking support online publishers or the advertising industry? Karolina Iwańska argues that here is a way to sustain online publishing and uphold privacy
UK-EU data flows extension. The Commission is charting a potential six-month extension in their adequacy assessment of the UK’s data adequacy to avoid the cliff-edge solution on December 31, reports Politico Europe.
TERREG agreement. EU lawmakers from the European Parliament and the Council signed off on new rules to police online terrorist content Thursday (10 December), in a move that will see pan-European removal orders issued from competent authorities of any EU member state.
Algorithm ranking guidelines. Earlier this week, the Commission published guidelines to help platforms follow rules set out in the platform-to-business regulation, which oblige them to improve the transparency of their algorithmic ranking parameters. Read the guidelines here.
CSAM Online. The Civil Liberties Committee has said that measures to detect online and remove online child sexual abuse should also respect people’s fundamental rights to privacy. The European Electronic Communications code extends the scope of the e-privacy directive to include ‘over the top’ inter-personal communication services.
However, the Commission has proposed to temporarily amend the e-privacy directive to allow the voluntary detection of child sex abuse online to continue, which would otherwise no longer be possible under the new code. MEPs want this derogation to last no longer than 2022.
However, not all MEPs welcomed the adoption from the civil liberties committee. “Generally and indiscriminately analyzing the content of all private correspondence of unsuspected citizens by private companies, as if the post office opened all letters in search of illegal content, is not only unacceptable with regard to the right to privacy, including of children and victims themselves, but also specifically threatens human rights of minorities,” Pirate MEP Patrick Breyer said.
Facebook faces US breakup? Facebook could be forced to sell its prized assets WhatsApp and Instagram after the US Federal Trade Commission and nearly every US state filed lawsuits against the social media company.
Zuboff on Google-Fitbit. Shoshana Zuboff, Professor Emerita of Business Administration at Harvard Business School and award-winning author of ‘The Age of Surveillance Capitalism’, delivered a keynote at this week’s annual STOA lecture at the European Parliament, and she had some strong words to say against Big Tech.
This was no more pronounced than on the subject of Google’s foreseen merger with Fitbit. “Google’s assurances cannot be trusted. Any notion of approving the Fitbit acquisition based on Google’s promises not to do something that is anyway irrelevant is a serious mistake. Such a decision should be reconsidered immediately and never repeated”.
UK tech regulator moots company-specific rules. The UK plans to issue tech giants customised regulatory rules, as part of a plan to overhaul competition rules for the tech sector. Read more.
Vivendi Vs Paramount. Vivendi’s pay-TV arm Canal+ won on Wednesday (9 December) its court fight against a deal between EU competition regulators and Paramount Pictures in which the U.S. studio agreed to scrap movie-licensing deals with British pay-TV group Sky UK.
German competition crackdown on Facebook. The Federal Cartel Office opened another case against Facebook. This time it’s about linking the platform with the virtual reality glasses from the Oculus brand. It is planned that in the future only Facebook users will be able to use these glasses.
“This link between virtual reality products and the group’s social network could represent a prohibited abuse of a dominant position by Facebook,” says Andrea Mundt, President of the Federal Cartel Office. EURACTIV Germany reports.
‘To Amazon or not to Amazon’: what’s in store for future of Nordic e-commerce? Nordic companies face a strategic dilemma and a big decision: join forces with the tech giant and the world’s largest retailer Amazon or fight back with everything they can. Read more.
Auditors probe EU’s 5G plans. The EU’s 5G strategy is to come under the scrutiny of European auditors, as the clock ticks down on end-of-the-year deadlines for member states to tie up frequency allocations for next-generation telecommunications networks. The European Court of Auditors (ECA) announced on Tuesday (8 December) that they will probe a series of areas related to the bloc’s 5G deployment plans, including the Commission’s support for EU nations and the consideration of member states of security concerns.
Huawei in Sweden. Huawei is willing to meet any requirement the Swedish government may set on 5G network equipment and take other measures to mitigate concerns, a senior executive said, after a ban in the country delayed spectrum auctions.
5G and health. The economic cost of making sure 5G poses no health and environmental risks shouldn’t provide an excuse for any shortcuts in introducing the new technology, various scientist warned during an online event co-hosted by MEPs on Monday (7 December).
Orange prepares for 5G uptake. Between 60% and 80% of Orange’s data traffic should be running over 5G networks within the next six years, according to Orange CTIO Michael Trabbia. More from Mobile World Live.
Commission appoints Nokia for 6G task force. The Commission has tasked Finland’s Nokia with managing Hexa-X, a flagship 6G research project.
ENISA 5G guidance. With the transposition of the European Electronic Communications Code approaching, the EU Agency for Cybersecurity ENISA has published new guidelines for national telecom security authorities in their 5G deployment strategies. The Guidelines on Security Measures Under the EECC report contains 29 high-level security objectives listed under eight security domains (governance and risk management; human resources security; security of systems and facilities; operations management; incident management; business continuity management; monitoring, auditing and testing; threat awareness).
Audio surveillance. A recent Parliamentary question from Renew MEP Moritz Körner presses the Commission on what forms of audio surveillance for law enforcement purposes in public areas the EU executive deems acceptable.
Frontex’s biometric tech. EU experts last week shared a range of ‘key biometric and digital ID technologies, guidelines and best practices, and baseline minimum requirements for the Entry Exit Systems (EES) being implemented at EU external borders’ during a Frontex virtual conference last week, reports BiometricUpdate.com.
Industry and Union AI declaration. UNI Europa ICTS and telecoms lobby ETNO have penned a joint declaration on the benefits of Artificial Intelligence (AI) for innovation across medicine, mobility, and communication. Read it here.
Spy Capital. Vienna has long been a smuggling hub for the heavily sanctioned North Korean regime and a gateway to Europe for the small number of spies it has based on the continent. But the city could grow in importance if Joe Biden convinces Kim Jong Un to consider rolling back his weapons program, with the UN’s top nuclear watchdog based there.
Trustworthy AI must protect rights. Access Now’s latest report, Europe’s approach to artificial intelligence: how AI strategy is evolving, explores the actions EU governments are taking to promote what the EU calls Trustworthy AI, what this approach means for human rights, and how European AI strategy is changing, both for EU institutions and national governments.
Romania to host EU cyber centre. Bucharest has been selected by the member states to host the new cyber centre of the European Union, among seven candidates. It will be the first EU institution based in Romania.
The European Cybersecurity Industrial, Technology and Research Competence Centre (ECCC) will be based in the capital city of Romania, according to a decision taken by COREPER late Wednesday (9 December).
Marian Murguleț, secretary of state and chief information officer of the Romanian government, told EURACTIV.ro that the decision “represents both a question of fairness but also a recognition of Romania’s European course in the field.”
“Romania really wanted to bring the centre to Bucharest and it filed an extremely solid candidacy,” Murgulet said.
European Medicines Agency attack. Two pharmaceutical companies in line for first conditional approval for their Covid-19 vaccine by the EU’s medicine regulator said Wednesday (9 December) their documents were “unlawfully accessed” during a cyberattack on a European Medicines Agency server.
State actors hack US. FireEye, one of the largest cybersecurity companies in the United States, said that it had been hacked, likely by a government, and that an arsenal of hacking tools used to test the defences of its clients had been stolen.
MEP worries on copyright transposition. European Parliament co-legislators are concerned about the European Commission’s guidelines on the implementation of the Copyright Directive. A cross-party group of 18 members penned a letter to Internal Market Commissioner Thierry Breton earlier this week, raising their concerns. Read more.
Scholz on Facebook’s cryptocurrency. It will take more than renaming Facebook’s cryptocurrency to address the concerns regulators have about authorizing its launch in Germany and Europe, German Finance Minister Olaf Scholz said on Monday.
Another insult against a Bulgarian journalist. Bulgarian MEP Alexander Yordanov (EPP) insulted well-known radio journalist Silvia Velikova, calling her a “neighbourhood gossip girl” for having asked “dumb questions” during Sunday’s interview on the programme “Politically Incorrect”. Read more.
Slovenian parliament urges government to reintroduce funding for national press agency STA. The government must immediately pay the overdue liabilities to the state-owned national press agency STA and stop smearing the agency, the parliamentary culture committee concluded during a seven-hour debate on the matter on Saturday, following the suggestion of opposition MPs. Read more.
The digitalisation of justice. The COVID-19 crisis has brought the need for digitalisation of justice to the forefront, Salla Saastamoinen, acting director-general for the Commission’s DG for Justice and Consumers told EURACTIV earlier this week, stressing that “concerted effort is urgently needed, both at the national and EU level, to accelerate the digital transformation process of the justice sector”.
MEPs on e-Evidence. MEPs backed proposals to simplify the procedures for obtaining electronic evidence across EU borders for law enforcement and judicial authorities in criminal investigations.
MEPs support the establishment of a European Production Order or Preservation Order to be used by judges and prosecutors to obtain electronic information from service providers in cross-border criminal investigations when searching for subscriber data and IP addresses or traffic and content data.
EU nations make Semiconductor commitments. Earlier this week, EU nations adopted a joint declaration to strengthen leading-edge manufacturing capacities in semiconductor technologies. Read the declaration here.
Berlin Declaration. Earlier his week, EU ministers responsible for digital transformation in the public administration adopted the “Berlin Declaration on Digital Society and Value-Based Digital Government” backing a series of principles, including promoting fundamental rights and democratic values in the digital sphere and enhancing social participation and inclusion. Read the declaration here.
Women in Digital. Earlier this week, the Commission published its 2020 Women in Digital Scoreboard, showing gender disparities still at play in the digital world, and with more barriers to accessing key digital skills needed for the modern jobs market.
On my radar
Next week, of course, on December 15, the Commission is presenting the Digital Services Act and the Digital Markets Act. Stay tuned for all the news.
What else I’m reading this week:
- Amazon Works to Avoid Google’s Fate With EU Antitrust Regulators (Bloomberg)
- The man who overruled Vestager (Politico Europe)
- Huawei tested AI software that could recognize Uighur minorities and alert police, report says (Washington Post)