Tech Brief: to be or not to be a platform worker, digital portfolio, CSAM

Welcome to EURACTIV’s Tech Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here


“In the adtech space, there is a false binary that’s being created around competition and privacy”

Udbhav Tiwari, senior manager of global public policy at Mozilla


Story of the week: The Council does not seem to have much to say, for now, about the draft directive on platform workers presented by the European Commission last December.

According to a first compromise text obtained by EURACTIV and discussed this week, the French Presidency wants to keep the list of criteria determining the employment relationship between workers and platforms in the body of the text, unlike the European Parliament’s draft report, which was much more disruptive.

Although the presidency has made clarifications here and there, notably on the notion of “rebuttable presumption”, its proposal remains, for the most part, similar to what the EU executive has put on the table.

Among the few additions, however, the French presidency highlighted that, while national, competent authorities may rely on the presumption when assessing the contractual relationship, they can choose not to if it is “evident that the presumption would be rebutted” based on “previous assessments of competent national authorities and relevant court decisions”.

After all, the legal issues are of most concern to the Member States. While some countries, such as France, have already incorporated some of the proposed criteria into their national legislation, others are concerned that the proposal will completely change their labour market and fear establishing a third status.

Although adopting different approaches, the French presidency also offered to make the framing of algorithmic management “for every person performing platform work” equally important as the correct determination of their employment status, similar to what the European parliament will be trying to push for. Read the full story.


Don’t miss: There is a new kid on the block! As a result of reshuffling in the Austrian government, Florian Tursky was welcomed as the new State Secretary for Digitalisation and Broadband in the Ministry of Finance. Previously, digital issues in Austria were divided between the Ministry of Economy and the Ministry of Agriculture. The Federal Ministries Act is now expected to be pushed through in the coming weeks, which will define its exact areas of activity. Tursky’s press spokesperson told EURACTIV that the focus would be on further broadband expansion, digital driving licences and digital education. 

On the other hand, French tech companies will have to do without any direct contact point in the new government as the list unveiled last week does not make room for any Secretary of State for the digital issues. However, they take comfort in the fact that Economic Minister Bruno Le Maire’s portfolio has now been expanded to include “digital sovereignty”. Read the full story.


Also this week:

  • Austria’s plan to fight deep fakes
  • The role of tech-regulator cooperation in tackling adtech challenges
  • Europe’s first real cyberwar brings only minor impact


Before we start: This week, Dan Sexton, the chief technical officer at the Internet Watch Foundation, a British child safety nonprofit, and Ella Jakubowska, a policy advisor at the European Digitals Rights network, joined the podcast to discuss the proposal aiming at tackling child sexual abuse imagery online.

CSAM proposal: children first, privacy second?

The European commission has unveiled on 11 May its long-awaited proposal to fight against child sexual abuse material online, or CSAM in short.

While children’s organisations have been receiving this regulation very well, it also sparked a lot on concerns for …

Today’s edition is powered by GSMA.

The Internet Value Chain 2022

This report assesses the value of the internet ecosystem and its constituent parts — content rights, online services, enabling technology, internet access connectivity and user interface — and describes the trends and dynamics playing out across it.


Artificial Intelligence

Deep fake focus. The Austrian government has released its strategy for tackling deep fakes, which it hopes will help combat disinformation and hate speech. The rapid digitalisation brought about by the pandemic has led to a rise in AI-based content, which has been deemed a key security policy risk by Austrian officials. The government’s action plan, published this week, sets out four focus areas and aims to increase awareness amongst the population. The EU has also addressed the issue of deep fakes through several files, including the AI Act and the DSA. Read more.

Clearview fined again. Controversial facial recognition company Clearview AI has been fined over £7.5m by the UK’s Information Commissioner’s Office (ICO) over what the authority says is its illegal collection of the images of British people’s faces. According to the ICO, the American company has scraped more than 20 billion facial images from the internet, including social media, to build a global online database for its facial recognition software. In November, the ICO warned that Clearview was facing a fine of up to £17 million, significantly higher than the one that has now been levied. As part of the penalty, it has been ordered to stop the practice and delete whatever personal data it already holds on UK residents. This is far from the first time the company has come under regulatory scrutiny, having faced similar investigations and fines in various countries, including Australia, France and Italy.


Large-scale impacts? Although the war in Ukraine is the first real cyberwar in Europe, no major impacts have been signalled yet – neither in Ukraine nor in other parts of the region. However, the number of attacks has increased, and countries that have imposed sanctions on Russia are experiencing an increased wave of DDoS (Distributed Denial of Service). In Poland, for example, experts recommend that citizens get prepared that short-time disruptions of key services might be consequences of such low-risk attacks. Read more. 

Brexit breach. A newly established website featuring leaked emails from a number of high profile Brexit advocates has been traced back to Russian hackers, a Google cybersecurity expert said this week. The site, named “Very English Coop d’Etat”, published messages from leading supporters of the UK’s exit from the EU, who it says are part of a group of hardline Brexiteers holding covert power in London. The director of Google’s Threat Analysis group this week said the site had been linked to Russia-based hacking group “Cold River” and, according to a Johns Hopkins cybersecurity researcher, bears resemblances to previous leaks, such as that which saw the dissemination of emails from Democratic politicians in the build-up to the 2016 US election. Read more.

Taking a posture. Amidst rising awareness of threats in cyberspace, the Council of the EU approved conclusions on developing the Union’s cyber posture on Monday (23 May). This posture intends to show that the EU is dedicated to offering both immediate and long-term responses to threats. It highlights five functions of the EU in cyberspace, including strengthening resilience and enhancing solidarity and cooperation with partner countries and organisations. More practically, the posture stresses the need to establish regular cyber exercises to test and develop the response.

Data & privacy

A new approach to adtech. If solutions to issues in adtech are to be successful, tech companies and regulators will have to work together, and the false binary between competition and privacy will need to be broken down, Udbhav Tiwari, Mozilla’s senior manager of global public policy, told EURACTIV this week. Also important, moving forwards, he said, will be ensuring that the development of these responses does not just occur within siloes but with the involvement of standards bodies and regulators, “essentially to make sure that they’re part of the web rather than a proprietary solution that is developed within a technology company.” Read more.

Porn sites block loading. The possible blocking of five pornographic websites by the French justice system will have to wait a little longer. The sites concerned, accused of not having put in place sufficient controls to prevent minors from accessing their content, could have had their fate decided on Tuesday, but the French audiovisual and digital regulator (Arcom) made a mistake in the procedure, postponing the hearing by several weeks. Arcom’s complaint brings back to the forefront a very thorny debate on the technically and legally complex issue of age verification of online users. 

Actions must follow words. The German government – including the Minister for digital topics, Volker Wissing – repeatedly expressed concerns about potential chat control as part of the European Commission’s proposal to combat online child pornography. So far, however, it has not voiced this criticism in the EU Council of Ministers, where it really matters. “The words of the coalition agreement must be followed by deeds in Brussels,” said Felix Reda, former Member of the European Parliament from Germany. 

GDPR. On the fourth anniversary of the EU data privacy rules, the GDPR, in force since 25 May 2018, the President of the German digital association Bitkom, Achim Berg, was critical. The German application needed an update because the claim to “unify European data protection legislation and data protection practice has so far only been achieved in parts at best,” Berg said. According to a Bitkom study, only 37% of entrepreneurs with 20 or more employees in Germany say the regulation is a competitive advantage, 40% do not see it as an advantage and 18% even see it as a disadvantage. Almost two-thirds of the respondents even state that data protection inhibits the implementation of data-driven business models in their companies. 

Privacy shield 2.0? Noyb, the privacy group run by activist Max Schrems, has penned an open letter to a number of Us and EU officials, including Justice Commissioner Didier Reynders, US Trade and Commerce Secretary Gina Raimond and the chair of the European Data Protection Board, Andrea Jelinek, expressing concern that the recent provisional agreement of a new Transatlantic Data Privacy Framework replicates the EU-US data transfer “Privacy Shield” it was supposed to replace. The Privacy Shield was deemed invalid by the EU’s Court of Justice in 2020, following a suit launched by Schrems. Still, noyb now says that the new political agreement, which does not constitute a fixed deal, risks recreating old issues, for example, through the US’ objection to material protections for US persons and baseline protections for non-US persons. 

Big Brother. The association La Quadrature du Net wants to go to war against the “mass surveillance system” in France. On Tuesday, it launched a campaign to collect signatures online with a view to filing a collective complaint with the French privacy watchdog, the CNIL. The activists believe that there are far too many video surveillance, facial recognition and behavioural tracking devices and that their use is disproportionate and unnecessary. The aim is to revive the debate on surveillance in France ahead of the 2024 Olympics, which the association fears could become a testing ground for facial recognition. 

Industrial strategy

Wanted: talents. Nicosia hosted the first inaugural European Coding Challenge last Friday, where young Cypriots got training and insights from tech experts as the EU tries to ensure it won’t lack the skills it needs to achieve digital sovereignty. In Cyprus alone, there is a shortage of some 4,000 IT specialists, according to Kyriacos Kokkinos, the country’s Deputy Minister of Research, Innovation and Digital Policy, who delivered a speech at the event and had a chat with EURACTIV. Read more.


Sanctions opposition. A coalition of Dutch organisations filed a petition this week calling for the EU Court of Justice (CJEU) to investigate sanctions against Kremlin-backed outlets RT and Sputnik levied by the Commission in March. The Freedom of Information Coalition said the measure was taken “in haste” and without judicial review, arguing that the decision was political and should instead have been one for independent judges to make. Read more.

SLAPP detected. Media watchdogs have filed an alert on the pan-European human rights body Council of Europe’s (CoE) press freedom platform after the leader of Ireland’s opposition filed a defamation lawsuit against the country’s broadcaster, RTÉ. The complaint centres on a radio show that aired in February, which touched upon historical allegations of the mishandling of sexual abuse allegations by Sinn Féin and the Irish Republican Army. Sinn Féin’s now leader, Mary Lou McDonald, who did not appear on the programme, has now filed the defamation suit, which the CoE describes as a SLAPP, or Strategic Lawsuit Against Public Participation, the use of which a recent EU directive aims to crack down on. Read more. 

Moscow’s media control tightens. The EU’s RT and Sputnik sanctions were also responded to by Russia this week, with the passage of a bill in the lower house of the country’s parliament that would allow prosecutors to shut down the Moscow bureaus of foreign media outlets if Western countries are deemed to have been “unfriendly” towards Russian media. The bill must pass through two more legislative stages before becoming law but if it does, it will mean that the content of any outlet targeted by the prosecutor’s office will be prevented from being distributed. The legislation follows the passage of another Russian bill earlier this year, which banned the spread of “false information” about the war in Ukraine, including by describing it as such, a move that saw many foreign media close their operations. Read more. 


App store rivalry. Russian social media network VK launched its app store this week in a bid to develop alternatives to Western services. RuStore was made available to Android users on Wednesday, as a result of market conditions, the Kremlin’s minister of communications and media said, referring to the fact that Russian users’ access to  Apple and Google’s app stores, the world’s two largest, has been limited in response to the invasion of Ukraine in February. Read more.

Personal responsibility. Meta CEO Mark Zuckerberg is facing a lawsuit from Washington DC’s attorney general over the Cambridge Analytica scandal, which found that the personal data of millions of American users had been harvested from Facebook for political use in the 2016 US elections. The suit seeks to lay personal responsibility on the Facebook co-founder for what it says was his direct participation in company policies which facilitated the data extraction. According to attorney general Karl Racine, Zuckerberg’s desire to open the platform up to third-party developers despite awareness of the risks of data leaks and his then-involvement in the day-to-day operations of the platform are grounds for direct liability. 


What else we’re reading this week:

  • The dark secret behind those cute AI-generated animal images (MIT Technology Review)
  • How a semiconductor metaverse could accelerate chip innovation (VentureBeat)

Laura Kabelka contributed to the reporting.

[Edited by Alice Taylor]

Subscribe to our newsletters