Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here.
“The challenge is making our rules something that can be enforced seriously, and cannot be challenged in court all the time.”
-Andreas Schwab, rapporteur for the Digital Markets Act (DMA)
Story of the week: The EU co-legislators are officially ready to engage in trilogue negotiations next year, as the European Parliament adopted its position on the DMA with an almost unanimous vote. The vote was not without last-minute surprises, though, as an ECON amendment on default settings was approved in the plenary vote. The new article would require device manufacturers to request users t change the default settings the first time they use the device from a list of “main third-party services available”. Users would be able to change the default setting at all times and to remove uninstalled apps.
The amendment did not get through IMCO because, from a consumer’s point of view, it is not great to choose from a long list of services. “If you buy a phone, you want this as a user to work immediately,” MEP Andreas Schwab told EURACTIV. Still, smaller tech companies such as the search engines that compete with Google have been calling for this as a crucial way to challenge the dominant position of the gatekeeper. However, critics of the provisions say that the wording of the article is too general as it would also include the operating system for smartphones, for instance.
The Parliament’s text also includes other significant additions, notably in terms of scope, killer acquisitions, interoperability and targeted ads. As none of these is in the Council’s mandate, it is doubtful that they will all survive the trilogue. Asked by EURACTIV which of these points will be the priority in the negotiations, Schwab refused to show his hand and made clear that he would be serious about defending the narrower scope. On this point, he might find support from Germany and the Netherlands, home to Zalando and Booking, respectively.
The killer acquisition and default settings bits come from ECON rapporteur Stéphanie Yon-Courtin, a liberal lawmaker close to the Élisée, and Paris is well-known for coordinating its national priorities with French MEPs. Finally, for left-leaning lawmakers, the priority is interoperability, as it would force social media and messaging services to open up and lose their network effect. The same MEPs have been pushing for a ban on targeted ads for minors, but it seems unlikely they will be able to keep both, and similar measures have been included in the DSA mandate. Read more.
Don’t miss: The DSA is set to follow suit; following the IMCO adoption on Tuesday, the proposal will be voted in the plenary session in January. The text results from rather tough negotiations in which the rapporteur Christel Schaldemose had to concede on most of her initial points and at several times only had a majority thanks to the support of the extreme right.
The difference in style with Schwab could hardly be starker. While Schwab made everything to bulletproof the deal, even voting against amendments he might have felt close to, Schaldemose did not exclude support for alternative amendments during the plenary. Asked by EURACTIV whether she would vote in favour of amendments on a total ban for targeted advertising and a media exemption, she replied that it was a matter of ‘wording’. These amendments are likely to be tabled by LIBE’s Patrick Breyer and JURI’s Geoffroy Didier respectively.
Schaldemose would be “doing the math” on where the majority of S&D stands to push for these amendments, according to a source close to the DSA negotiations. Consequent comments to the media that she would also like to go back to the issue of liability of online marketplaces in the plenary add to this perception. The Green group is also determined to present more amendments, but the vote in IMCO has shown that without the support of centrist MEPs, their chances of getting through are extremely low. Read more.
Also this week:
- Digital ranks very high in the policy agenda of the French Presidency
- Porn sites might be geo-blocked in France if they don’t figure out a way to identify minors
- UK lawmakers call for a stronger Online Safety Bill
- The European Commission launched its data and cloud alliance
*** Service announcement: The Digital Brief goes on holiday; we will be back in your mailbox on 7 January. ***
Before we start. Access to data is increasingly recognized as an area of focus for competition policy in the digital space. As the DMA approached the finishing line, we were joined by Bojana Bellamy, President of the Centre for Information Policy Leadership (CIPL), to discuss how the law targeting gatekeepers is expected to interlink with the EU privacy framework.
A message by Google
Future economic growth must be inclusive, as well as digital
Small businesses are the key to growth, and the right tools and policies can help them through uncertainty to support new jobs, expansion and exports. Continue Reading >>
AIDA report 2.0. Axel Voss’ (EPP) first draft of the AIDA report received an almost unanimous dislike from the other political groups, as several European Parliament officials told EURACTIV the text was poorly written. The overall narrative is seen as problematic, as it represents AI at the centre of a free-for-all international race for survival and advances the risk of Europe becoming an economic colony of China. Some note that the focus seems to be military applications, mingled with economic considerations. Other groups also accuse Voss of linkinig the AIDA report with the AI Act, which they are trying to shut the door on. Privacy advocates also note that the report is another attack on the GDPR. At the same time, business-minded MEPs acknowledge the need to look at AI not as a threat but as an opportunity. In other words, expect challenging discussions before the mandate of the AIDA committee expires in June 2022.
Europe vs Clearview. The latest problem for Clearview AI in Europe comes from the French privacy watchdog (CNIL), which urged the AI system provider to stop collecting face pictures in France. The investigation by the CNIL follows several complaints from individuals about Clearview AI’s facial recognition software. The investigation revealed two breaches of the GDPR: unlawful processing of personal data due to the collection of biometric data without a legal basis and failure to take account of individuals seeking access to this data. The CNIL thus required the American company to stop collecting and using personal data on French territory and to facilitate the exercise of their rights in this regard. Clearview AI has two months to comply, failing which it will face sanctions, including financial penalties.
EPP is gearing up. MEP Eva Maydell has been selected as the ITRE committee’s rapporteur for the AI Act. In announcing it, Maydell felt the need to say that “the EPP will be heard,” which should be almost granted for the most prominent political group in the European Parliament.
Mobile grip. Apple and Google have a “vice-like grip” over how people use mobile phones, the UK’s Competition and Markets Authority (CMA) said in the publication of its provisional findings on the power of the two tech giants across mobile operating systems. Among other things, the CMA says their behaviour is preventing people from seeing the full benefit of products and services and the lack of competition it causes could result in increased prices for users.
Acquisition green light. According to Reuters, the EU will approve Facebook’s acquisition of customer service software provider Kustomer after the tech giant proposed measures to allow rival products to function with the company’s software. The deal, announced in November 2020, had been investigated by the Commission at the behest of the Austrian competition agency, despite the deal’s worth falling below the standard EU threshold for such a probe.
Tech divisions. Comments made by the US Secretary of Commerce Gina Raimondo on the DMA have drawn criticism from progressive Senator Elizabeth Warren, who in her bid for the presidency last year pledged to break up tech giants such as Facebook and Amazon. Breaking from the previous Biden administration line on competition, Raimondo voiced concern that the DMA would disproportionately hurt US companies. The clash shows how the interest of US tech companies can be divisive in Washington, even inside the Biden administration that has appointed vocal competition and privacy advocates in key positions.
New French competition chief. French President Emmanuel Macron pre-appointed prominent economist Benoît Coeuré to the position of Competition Authority President, it was announced this week. If approved, Coeuré, who currently heads the Bank for International Settlements, will replace Isabelle de Silva. De Silva’s mandate was not renewed in October, a decision she said came as a surprise. The nomination now needs to be confirmed by the French Parliament.
Data & privacy
New deal, similar stuff. After nine months of negotiations, several digital policies were included in the Dutch coalition deal agreed upon this week. Among them, facial recognition will be banned in the absence of “strict legal demarcation and control”, an algorithm supervisor will be introduced, an emphasis is to be placed on online identity, and the protection of children’s data and privacy rights will be strengthened. Similar commitments were included in the coalition agreement that underpins the recently-installed German government.
Stronger in diversity. The European Data Protection Board (EDPB) adopted a statement this week clarifying that the divergent views of its members when it comes to guidelines on GDPR enforcement are evidence of the landmark data protection law’s proper functioning. Members “work together in a respectful manner to reconcile and reach common meaningful decisions”, it said. “That the starting point is not a unified view is not a failure of data protection authorities or a lack of integrity on the part of any of the authorities that hold one position or another – it is simply the GDPR working as intended.” In the past weeks, the NGO NOYB published EDPB internal documents based on which it accused the Irish Data Protection Commissioner to be lobbying in the interest of Big Tech.
Grindr pays the bill. The Norwegian Data Protection Authority has issued its highest ever penalty, totalling NOK 65 million (€6.4 mln), on Grindr after it found that the dating app had shared the users’ personal information with marketing partners, violating Norwegian privacy rules. The watchdog has argued that the app’s mechanism for obtaining consent was invalid, meaning data had been disclosed without any legal basis, an allegation that Grindr refutes.
Enforcement done better. The European Data Protection Supervisor (EDPS) is set to organise a conference next year to discuss regulation on data protection, competition, AI and digital markets and services. The event will gather figures from the global digital regulatory world and focus on enforcement and best practices. On Monday, EDPS Wojtek Wiewiorowski said there had been improvements in the cooperation between competition and data protection authorities in the last years but regretted that some significant problems in terms of procedural aspects remained unaddressed.
RT is back. Russia Today (RT) has launched a 24-hour German-language TV channel, two years after the project was announced. RT’s German YouTube channel was removed from the platform earlier this year, having been found to be spreading COVID-19 disinformation. However, RT’s legal entity has now obtained a broadcasting license in Serbia, paving the way for RT Deutsch to begin transmitting in Germany, Austria and Switzerland from studios based in Moscow and Berlin. For the disinformation community, the move is yet another reason not to introduce a media exemption in the DSA.
Digital Markets Act
Mind the shadow. René Repasi will take over the MEP position of Evelyne Gebhardt as she retires after nearly 28 years of honourable service. Incidentally, Repasi will also inherit Gebhardt’s role as shadow rapporteur for the DMA, as the German social-democrats did not want to lose control over the file. A professor of EU law, Repasi does not have previous experience as an EU lawmaker but has been following the file for the SPD. Schwab told EURACTIV he previously met Repasi when the professor gave a presentation about Brexit, which Schwab defined as ‘brilliant’.
Digital Services Act
Waiving the waiver. Who likes the waiver system? None, but the EPP seems to be the answer. This solution, defined by Schaldemose as “not very elegant” during a press conference, originally came from Renew, and it was meant for digital libraries and the likes of Wikipedia, services that would fall under the scope of the DSA, with all the legal requirements and reporting obligations that entails. The idea to use a waiver system is that all sorts of organisations are formally non-profit for the tax advantages (see IKEA, for example). The Christian democrats turned that to say that every SME can now request the Commission for exemption. It’s almost redundant to say the EU executive hates the idea, as it would mean getting overflown with requests. As it is now, the measure is unlikely to survive the trilogue, whereas digital libraries and encyclopaedias have been left in the cold.
Presidency’s priorities. France is set to put digital regulation and tech sovereignty at the top of its list of priorities when it assumes the rotating EU Council presidency on 1 January. President Emmanuel Macron has stressed his desire to finalise both the DSA and DMA during the country’s six-month term. It will also push for implementing the 15% international cooperation tax agreed by G20 countries in October. Despite these goals, however, some scepticism remains in terms of the plans, particularly when it comes to Paris’ approach to bolstering tech sovereignty. Read more.
Cloud alliance launched. This week, the Commission officially launched its Alliance for Industrial Data, Edge and Cloud to foster synergies between computing tech companies and advise the Commission on its industrial strategy and investment plans. The initiative brings together 39 members of Europe’s top tech companies and will participate in formulating the regulatory cloud rulebook set for next year. Read more.
Digital in the skill gap. Industry figures have urged more significant investment in digital skills and heightened attention to cultivating tech talent to better prepare Europe for the digital future amid a global skills shortage. The Commission has set several targets for bolstering general and specialist skills, but room for improvement remains in terms of progress. A vital part of this skills promotion, industry representatives say, will be ensuring greater participation of women and girls in STEM subjects and the ICT field. Efforts to encourage and provide access to this should begin at a young age. Read more.
Untapped potential. Women participation in both STEM and social sciences backgrounds would also help tackle issues such as the embedding of gender bias into technologies, a hazardous possibility when they have wide-reaching societal implications. However, this involvement of women must be extensive and present at all stages of product and policy development in tech, leaders in the sector have said. Read more.
Not a good year for journalism. There was a 20% increase in the number of detained journalists in the last year, according to an annual report released by Reporters Without Borders (RSF) this week. 488 journalists were recorded as having been detained this year, in addition to 46 killed and 65 held hostage. Burma, Belarus and Hong Kong were singled out as three dictatorial regimes mainly responsible for the increase this year. The report also notes that the proportion of female jailed journalists has almost doubled since 2017, reaching an unprecedented 12.3%. Read more.
Geo-blocking porn? Pornhub has taken issue with France’s broadcast regulator over the 15-day compliance notice handed out to it, along with a series of other porn-hosting sites, for failing to take strong enough measures to confirm users’ ages. The Superior Audiovisual Council ruled that the sites were not complying with a 2020 law that deems asking for age confirmation with one click ineffective when restricting minors’ access to porn sites. Pornhub said the ruling “encroaches on the privacy of adults” and overlooks the fact that the industry remains unregulated mainly as a whole. If the porn sites do not find a viable solution to identify minors, France might go as far as geo-blocking them from its national territory. Read more.
Inputs for Online Safety. After five months of review, a joint parliamentary committee issued its report on the UK’s draft Online Safety Bill this week. The proposed legislation sets standards for online service providers to follow and implement greater transparency and accountability measures. Among the recommendations made by the committee is the introduction of binding codes of practice, the creation of new criminal offences for online misconduct and greater liability for platform executives. The bill also focuses on child safety online, with the committee recommending heightened efforts, for instance, to prevent children from accessing pornography. Read more.
Connecting Europe kicks off. The Commission adopted the first work programme of the Connecting Europe Facility (CEF) this week. The €1 billion programme will focus on the digital component of the CEF, defining the scope and objectives of EU initiatives to bolster digital infrastructure through to 2023.
What else we’re reading this week:
Which platforms will be caught by the Digital Markets Act? The ‘gatekeeper’ dilemma (Bruegel)
Facebook bans seven ‘cyber mercenary’ companies from its platforms (The Guardian)
The metaverse has a groping problem already (MIT Technology Review)