Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here.
“We are firmly believing that innovation is hampered. Competition is not as good as it could be. Therefore, not only the European public, the global public that is using the gatekeepers has disadvantages that we want to fix.”
-Andreas Schwab, MEP (EPP, Germany), Rapporteur for the Digital Markets Act (DMA)
Story of the week: the debated on the Digital Markets Act (DMA) is heating up outside the institutional settings like the Competitiveness Council that took place this week. As recognised in the EU Council’s latest progress report, the main political difference remains over who will get to enforce it, with a majority of member states calling for further involvement. In the current proposal, the European Commission is responsible for the enforcement, but several EU capitals do not want to be left out. Ahead of this week’s meeting, France, Germany, and the Netherlands issued a joint statement asking for a larger involvement of the national authorities in the implementation of the DMA, considering that “the importance of digital markets […] is too high to rely on one single pillar of enforcement only.” The non-paper called for including provisions for merger control, as the current version of Article 12 requires the gatekeeping platform to inform the Commission about mergers, but does not provide the legal basis for blocking these ‘killer acquisitions’. Read more.
Don’t miss: This week marked the third year since the entry into force of the General Data Protection Regulation (GDPR). While often presented as a golden standard for data protection, enforcement of the flagship privacy framework remains highly problematic. In its annual report, the NGO Access Now looks at the main flaws of the enforcement system. The report has interviewed the Data Protection Authorities (DPAs), responsible for the GDPR implementation. While privacy watchdogs have seen their financial resources steadily growing in recent years, they continue to be underbudgeted for their tasks. The one-stop-shop, the transnational cooperation mechanism for cases that concern more than one member state, also seems seriously flawed. Listen to the podcast for more.
Also this week: e-Evidence ongoing controversy, anti-disinformation Code revamped, surveillance rulings, antitrust offensive, and much more.
GDPR turns 3
Digital Brief powered by the coalition to Stop Stalker Ads.
MEPs Must Stand Up For ePrivacy to #StopStalkerAds
Everyday, online ads steal users’ intimate personal data, violating GDPR.
MEPs must demand that the ePrivacy Regulation defends our privacy by:
– Making Consent Mandatory & User Friendly
– Banning Cookie Walls & Deceptive Pop-Ups
Gatekeeper who? Another key point of contention is the scope of the DMA proposal, in terms of determining which companies should be labelled as gatekeepers. The three countries argued for keeping the legal framework flexible enough to consider the digital ecosystem. At the same time, the regulation needs to define the gatekeepers through clear, objective criteria that can be compatible with the very different nature of online platforms (i.e. search engine, e-commerce, social network, streaming services, etc.).
No pre-installed apps. Andy Yen, founder and CEO of Swiss company Proton, told EURACTIV that the DMA should remove pre-installed apps from new smartphones. The argument considers that the current situation allows the gatekeepers to maintain an oligopoly on the app market, as they are able to self-promote their own apps as default apps. The Body of European Regulators for Electronic Communications (BEREC) already expressed a similar opinion on the DMA, arguing that pre-installed apps affect the user’s choice. Read more.
Data & privacy
Show me evidence. The e-Evidence regulation is still going through trilogue negotiations, as the positions of the EU Parliament and Council remain distant on the notification system. The provision would allow judicial authorities to directly request access to electronic evidence to providers based in another member state. Several NGOs criticised the proposal for not ensuring sufficient safeguards for categories that need confidentiality to exercise their profession, notably journalists. MEPs have also highlighted the potential for abuse from countries where the rule of law is not strong. Read more.
Practice what you preach. The European Data Protection Supervisory (EDPS) opened two investigations on Thursday (27 May) on possible GDPR breaches from the EU institutions. In particular, the EU privacy watchdog will scrutinise the usage of Amazon Web Services from EU institutions and bodies under the Cloud II contract, as well as the employment of Microsoft Office 365 by the European Commission. Both investigations steam from the Schrems II, and are based on the EDPS’s strategy to make the EU institutions compliant with it.
Not exempted. Only last week, MEPs voiced their concerns over the UK Data Protection Act, which includes an exemption for data protection rules in migration cases. The provision was legally challenged by the NGOs Open Rights Group and the3million, and after an initial dismissal, it was ruled unlawful by a Court of Appeal for illegally restricting the rights of immigrants. The ruling casts another shadow on the UK adequacy decision of the European Commission.
Code of Practice 2.0. On Wednesday (26 May) the European Commission launched a revamped version of the Code of Practice, aimed at strengthening the measures against disinformation. The current version of the Code has as signatories major online platforms like Facebook, Google, Microsoft, TikTok, and Twitter. The most unprecedented measure introduced with this revamped code consists of requesting online platforms to change their algorithm to better counter fake and harmful content, and to show how they have done it. Read more.
In case you didn’t know. Facebook published a report summing up its efforts in countering disinformation. The report points to Russia as the main source of disinformation, followed by Iran. The social network recorded shutting down 150 networks of fake accounts between 2017 and 2020, and points to the US public as the main target of this propaganda offensive. At the same time, Russian authorities are raising the pressure on online platforms to control online content, while also requesting Russian data to be kept on its territory.
Fine with me. The European Commission has approved the German scheme to fill in the blanks of its mobile infrastructure. The scheme will financially support the development of high-performance mobile services, including 5G, in underserved areas. The decision is important to ensure digital connectivity in the so-called white spots, rural regions or less populated areas where private providers do not have a business case for developing their networks. With no public investments, these areas risk being left behind in the digital transition, widening the (geographical) digital divide.
Partnering up. Swedish telecom giant Ericsson announced a partnership on 5G with Leonardo, a leading Italian security firm. The international partnership will develop security solutions for 5G industrial applications and critical infrastructures. The agreement is intended to mitigate the high cybersecurity risks associated with the new generation of telecommunication technologies.
Eco rate me. Five European telecom companies have launched a new eco-rating scheme for mobile phones. The joint initiative will make the environmental impact of these devices readily visible for consumer, thereby encouraging producers to become more sustainable. Twelve mobile phone brands have already adhered to the initiative, including Huawei, Nokia, and Samsung.
Free market(place). The European Commission is set to open an antitrust investigation against Facebook, FT reported. Following several rounds of clarifications, the EU executive considers that the social media network has been unduly promoting its Marketplace, a free service for users to sell or buy goods. Facebook does not receive a fee from the sales, users can promote their posts (but not many do). Facebook is the last of the GAFAM company to be officially investigated by the European Commission.
Two more, please. The German Federal Cartel Office opened two official investigations against Google on Tuesday (25 May). The proceedings concern Google’s cross-brand power and its ‘strategic advantage’ in handling user data. In both cases the German authority hinted at the Digital Markets Act, notably stressing how Google is a gatekeeper platform that can gather user data from a variety of sources. In fact, Germany has recently updated its competition law, and Berlin is now presenting it as the model for the DMA. Read more.
US on the offensive. Amazon is being sued by the Attorney General of the District of Columbia for antitrust allegations. The e-commerce giant is accused of having used its monopoly power to raise the prices of third-party sellers. The initiative can be seen as part of a broader antitrust offensive in the United States, which has seen federal and several state authorities launching separate lawsuits against Facebook and Google.
Surveillance with safeguards. The European Court of Human Rights (ECHR), the judicial authority responsible for upholding the European Convention of Human Rights, issued two important rulings concerning mass surveillance on Tuesday (25 May). In two separate proceedings, the ECHR ruled against the UK and Swedish laws for intercepting private communications for not containing “sufficient “end-to-end” safeguards to provide adequate and effective guarantees against arbitrariness and the risk of abuse.” As a preventive measure, the Court ruling prescribed all countries signatory of the convention to conduct independent reviews of their surveillance regimes.
Disposable printers. The Right to Repair campaign organised a protest at the Schuman roundabout in Brussels on Wednesday (26 May). The initiative aims to raise awareness about the premature obsolescence of printers, urging the European Commission to include measures for printers’ durability and repairability in the upcoming Circular Electronics Initiative. According to the organisers, printers generally have a short lifespan (i.e. less than three years) and printer cartridges count for 100,000 tonnes of e-waste each year.
Super computers. The draft report on the European High Performance Computing Joint Undertaking was adopted in the EU Parliament’s Committee on Industry, Research and Energy (ITRE) on Wednesday (26 May). The public-private partnership with an €8 bn budget aims to build Europe’s capacities in the most advanced computing technologies. The file is expected to be voted in the July plenary session. Meanwhile, the European Space Agency (ESA) is also looking into boosting its supercomputing power, as it has announced a partnership to develop quantum computers.
Start-up Union. Digital Future for Europe, a group formed by 100+ start-ups and tech businesses, published its annual internal survey. The group found that more than half of its members struggle with new EU regulation, and roughly one third lamented obstacles in the digital single market. While the EU is on the whole considered as having a positive impact on the tech sector and being an attractive destination for investments, 55% of the respondents do not consider Europe a serious technological competitor to the USA and China.
Human AI. The Committee of Ministers of the Council of Europe has agreed to work on a ‘transversal instrument’ to discipline AI applications in May 2022. The point to be decided is whether the agreement will be binding or not for the 47 member countries. The provision will focus on human rights safeguards for AI applications (i.e. facial recognition), potentially complementing the EU proposal for the Artificial Intelligence Act (AIA) that is more focused on restricting AI usages following a risk-based approach.
Abuses exist already. In case you’ve wondered how AI could be used to breach human rights, China has reportedly been experimenting with facial recognition technology on its Uyghur minority. The human experiments would concern an emotion recognition system. The Xinjiang is already under strict surveillance, allegedly to ensure security from a separatist movement. China has recently come at odds with the European Union for its mistreatment of the Uyghurs, with a mutual exchange of sanctions.
Media innovators. #Stars4Media Lab, the innovation exchange programme for media professionals, organised an event on Tuesday (25 May) to identify the future opportunities for the European media sector. The initiative included a pitching session where participants from all ranges of news media could present best practices in innovating their business model. The second part of the event focused on the management skills required to develop and adopt news outlets in the current digital environment.
Streaming contest. As anticipated, the competition among streaming services is heating up. Amazon has announced the acquisition of Metro-Goldwyn-Mayer (MGM) Studio in a $8.45 billion deal. Amazon will now be able to beef up its Prime Video service with the franchises of movie icons such as 007 and Rocky.
Belgium hacked. The Belgian interior ministry announced on Tuesday (25 May) that it had been the target of a complex and sophisticated cyberattack. The country had suffered another large scale attack earlier this month. Many hints point to the Chinese hacker group “Hafnium”, which would have allegedly found the weakness in Microsoft Exchange. According to experts, the hackers gained access to the internal computer system, most likely for espionage purposes. Read more.
What else I’m reading this week: