NGOs call to ensure fundamental rights in copyright implementation

The signatories of the letter have on numerous occasions throughout the legislative debate on the copyright reform expressed their explicit concerns about the fundamental rights questions that will arise during the implementation of the Directive.

The letter highlights that the participation of organisations representing internet users in the consultation process is crucial for ensuring that fundamental rights are properly considered, especially in cases where the Directive requires internet platforms to disable access to or remove user-uploaded content. A diverse working group can ensure that the fears around automated upload filters are not realised. It can assist in creating guidelines under which both content-sharing service providers and rightsholders respect the Charter of Fundamental Rights of the European Union.

You can read the letter below, or download it here (pdf).

20 May 2019

Dear President Juncker,
Dear First Vice-President Timmermans,
Dear Vice-President Ansip,
Dear Commissioner Gabriel,
Dear Director General Roberto Viola,

The undersigned stakeholders represent fundamental rights organizations, the knowledge community (in particular libraries), free and open source software developers, and communities from across the European Union.

The new Directive on Copyright in the Digital Single Market has been adopted and, as soon as it is published in the Official Journal, Member States will have two years to implement the new rules. Article 17, on ‘certain uses of protected content by online services’, foresees that the European Commission will issue guidance on the application of this Article.

The undersigned organisations have, on numerous occasions throughout the legislative debate on the copyright reform, expressed their very explicit concerns (1) about the fundamental and human rights questions that will appear in the implementation of the obligations laid down on online content-sharing service providers by Article 17. These concerns have also been shared by a wide variety of other stakeholders, the broad academic community of intellectual property scholars, as well as Members of the European Parliament and individual Member States. (2)

We consider that, in order to mitigate these concerns, it is of utmost importance that the European Commission and Member States engage in a constructive transposition and implementation to ensure that the fears around automated upload filters are not realized.

We believe that the stakeholder dialogues and consultation process foreseen in Article 17(10) to provide input on the drafting of guidance around the implementation of this Article should be as inclusive as possible. The undersigned organisations represent consumers and work to enshrine fundamental rights into EU law and national-level legislation.

These organisations are stakeholders in this process, and we call upon the European Commission to ensure the participation of human rights and digital rights organisations, as well as the knowledge community (in particular libraries), free and open source software developers, and communities in all of its efforts around the transposition and implementation of Article 17. This would include the planned Working Group, as well as other stakeholder dialogues, or any other initiatives at consultation level and beyond.

Such broad and inclusive participation is crucial for ensuring that the national implementations of Article 17 and the day-to-day cooperation between online content-sharing service providers and rightholders respects the Charter of Fundamental Rights by safeguarding citizens’ and creators’ freedom of expression and information, whilst also protecting their privacy. These should be the guiding principles for a harmonized implementation of Article 17 throughout the Digital Single Market.

Yours sincerely,
Balázs Dénes
Executive Director
Civil Liberties Union for Europe (Liberties)

Association for Progressive Communications
APADOR-CH
ApTi Romania
Article 19
Associação D3 – Defesa dos Direitos Digitais
Associação Nacional para o Software Livre – Portugal
Bits of Freedom
BlueLink Foundation
Center for Media & Democracy
Centrum Cyfrowe Foundation
Civil Liberties Union for Europe
Coalizione Italiana Libertà e Diritti civili
COMMUNIA association for the Public Domain
Creative Commons
Digital courage
Digitalegeshellschaft
Electronic Frontier Finland
Electronic Frontiers Foundation
Elektronisk Forpost Norge
epicenter.works
European Digital Rights (EDRi)
Fitug e.v.
Hermes Center
Hivos
Homo Digitalis
Human Rights Monitoring Institute
Hungarian Civil Liberties Union
Index on Censorship
International Federation of Library Associations and Institutions (IFLA)
Irish Council for Civil Liberties
IT-Pol Denmark
La Quadrature du Net
Metamorphosis Foundation
Nederlands Juristen Comité voor de Mensenrechten (NJCM)
Open Rights Group
Peace Institute
Privacy First
Rights International Spain
Vrijschrift
Wikimedia Deutschland e. V.
Wikimedia Foundation
Xnet

1 Human rights and digital rights organisations: https://www.liberties.eu/en/news/delete-article-thirteen-open-letter/13194
2 Academics from the leading European research centres: https://www.create.ac.uk/blog/2019/03/24/the-copyright-directive-articles-11-and-13-must-go-statement-from-european-academics-in-advance-of-the-plenary-vote-on-26-march-2019/
Max Plank Institute: https://www.ip.mpg.de/fileadmin/ipmpg/content/stellungnahmen/Answers_Article_13_2017_Hilty_Mosconrev-18_9.pdf
Universities: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3054967
Researchers: https://www.southampton.ac.uk/assets/imported/transforms/content-lock/UsefulDownloads_Download/A6F51035708E4D9EA3582EE9A5CC4C36/Open%20Letter.pdf
UN special rapporteur on the promotion and protection of the right to freedom of opinion and expression: https://www.ohchr.org/Documents/Issues/Opinion/Legislation/OL-OTH-41-2018.pdf

Background

After two and a half years of inter-institutional negotiations, the European Parliament adopted the Directive on Copyright in the Digital Single Market on 26 March 2018. Rules bind the European Commission to hold stakeholder dialogues and the consultation process after the Directive is published in the Official Journal of the European Union. Member states will then have two years to implement the regulation. Regarding Article 17, a guidance on the application will be issued by the European Commission in order to help national implementation processes.

Read more

Open letter on the Copyright Directive stakeholder dialogue (20.05.2019)
https://edri.org/files/copyright/20190517-EDRI_copyright_open_letter.pdf

EU Member States give green light for copyright censorship (15.04.2019)
https://edri.org/eu-member-states-give-green-light-for-copyright-censorship/

Filters Incorporated (19.04.2019)
https://edri.org/filters-inc/

Censorship machine takes over internet (26.03.2019)
https://edri.org/censorship-machine-takes-over-eu-internet/

Copyright reform: Document pool
https://edri.org/copyright-reform-document-pool/

This General Assembly also marked the kick off of our strategic planning process that will lead to the adoption of EDRi’s strategy for the next five years in 2020. This is the beginning of a year-long journey of consultations and reflection to develop a new plan for continuing to efficiently work together as the leading European network of NGOs, successfully defending human rights in the digital environment.

We are committed to a transparent and inclusive process to strengthen the network’s theory of change. Looking back at our past achievements, we will be looking at long-standing and emerging topics, tactics and network and organisational development. At the heart of the strategy, we will put efforts to strengthen a network of organisations, and to equip individuals working for these organisations to deal with raising challenges, and to feel safe and empowered to be actors of change.

A new digital deal

In a changing environment, EDRi must adjust to stay relevant and offer redress to people affected by human rights violations online.

EDRi’s recent achievements on data protection, privacy and freedom of expression make our network more relevant than ever. Since our last strategy was adopted in 2015, there is not a day without data exploitations being uncovered, States attempting to curb freedom of expression online, and digitalisation increasing opportunities and risks for people. While more actors embrace this change, only a few continue to prioritise human rights as their key concern.

The weight of corporate lobby makes it hard for civil society organisations to have a meaningful contribution. “Alone you go faster, but together you go further,” says an African proverb. New connections with the broader human rights movement are needed to make our voice heard, while EDRi’s expertise and unique perspective remains intact and essential.

What we will do?

As a network of NGOs, we will look at some of the following questions to add strategic guidance, whether in our collective or individual work:

• What have we learned since the last strategy in terms of organisation and work areas and how does this inform our strategic process?
• How can we better define EDRi’s vision and mission?
• What is the future of digital rights in Europe?
• What are the changes we want to see happening in the field of digital rights in Europe to ensure protection of human rights in the digital envirdonment for all?
• Who should we work with inside and outside the “digital rights bubble”?
• How is the change most likely to happen? What are some methods and decision-making processes we need to get there?
• What kind of resources do we need in order to achieve our goals?

Next steps on our journey

Based on a first survey on members and observers, we held a fruitful workshop with the participants of our General Assembly. An advisory group of members and Board members has been established to provide expert input, and we are currently processing the data collected to date. At the end of May, the Brussels office staff and Board will meet for a day to further work on the draft strategy, which will be followed by a consultation inside the membership and with external advisors. The second half of the year will be dedicated to formal reviews on the draft strategy.

We would like to thank our members based in the UK Open Rights Group, Article 19 and Privacy International for hosting the General Assembly in London as well as FabRiders and Aspirations for the skillful facilitation and invaluable advice. We welcome an ongoing dialogue with you on how we can aspire for a strategy that provides value for EDRi members, observers, and the broader movement. If you want to contribute to this collective reflection, please get in touch!

Deep Packet Inspection allows telecom companies to examine the content of our communications. Information about which apps we use, which videos we watch, and which news articles we read should be off limits for the telecom industry. Yet, with the proliferation of zero-rating in all but two European countries, the industry has started to deploy DPI equipment on a large scale in order to charge certain data packages differently or to throttle services and cram more internet subscribers in a network already running over capacity.

EDRi and its members have for many years advocated in favour of strong net neutrality rules that protect people’s privacy and prevent the discrimination of selected types of internet traffic.

And yes, Europe’s current net neutrality rules indeed ban DPI technology that examines specific user information for the purpose of treating traffic differently. Yet, a mapping of zero-rating offers in Europe conducted by EDRi member Epicenter.works identified 186 telecom services which potentially make use of DPI technology. Most regulators have so far turned a blind eye on these net neutrality violations. Instead of fulfilling their enforcement duties, they seem to now aim at watering down the rules that prohibit DPI.

The negotiations of Europe’s new net neutrality rules are expected to continue behind closed doors and will be followed by a public consultation in autumn 2019. The final rules are then expected to be decided in March 2020.

EDRi and its member organisations will continue to fight for strong net neutrality rules in Europe that protect people’s privacy and prevent the discrimination of selected types of internet traffic.

You can download the letter here (pdf).

Read more:

Net neutrality wins in Europe! (29.08.2016)
https://edri.org/net-neutrality-wins-europe/

Zero rating: Why it is dangerous for our rights and freedoms (22.06.2016)
https://edri.org/zero-rating-why-dangerous-for-our-rights-freedoms/

A study evaluates the net neutrality situation in the EU (13.02.2019)
https://edri.org/a-study-evaluates-the-net-neutrality-situation-in-the-eu/

These perks are crucial in the decision of millions of prepaid phone users who need to optimise their top-ups. This has led to a class divide where those with the economic means have access to the unlimited options of the internet, while those who need to be mindful of their expenses are constrained to the services of big tech corporations.

Class is central in the discussion about net neutrality. Supporters of net neutrality claim that without this regulatory framework users would have differentiated packages according to their economic means, and consequently there would be a first and a second-class internet. Those in favor of zero rating – and against net neutrality – refer to the same class divide, but now as an argument towards mitigating the cost of data plans for those in economic need.

Nobody wants to be the villain who opposes free Pokémon Go.

But the dystopia of corporations that are permitted to offer their services zero-rated doesn’t end there. The profound social infiltration of services owned by Mark Zuckerberg has led to scenarios in which entire communities rely on Whatsapp groups or Facebook fan pages as sources of information. Do you see where I’m going? Cambridge Analytica, anyone?

On 1 January 2019, Jair Bolsonaro became the president of Brazil. He is a right-wing politician who is in favour of torture, of the destruction of the Amazon rainforests, and of the criminalisation of homosexuality. The Guardian prepared a piece on how Whatsapp, a service used by 120 million Brazilians, proved to be a very effective tool to mobilise support for Bolsonaro. Whatsapp was used to promote his fascist promises, harass users who questioned these proposals and, of course, to send out big shipments of fake news.

According to the information that circulated in these Whatsapp groups, Bolsonaro’s opponent wanted to legalise pedophilia and incest, and his rival party was preparing a mandatory “gay kit” for 6-year-olds in Brazil’s public schools. For sure it is very easy to discard this as fake news if you have unlimited internet access to fact-check, or if you have a support system of informed people who will tell you the truth. But what happens when you’re restricted to a single-platform ecosystem where those calling out fake news are harassed, and where support for it is amplified by likes and social acceptance?

The relation between zero rating and the spreading of fascism might at first sight seem very distant. However, a closer look at the human motivations and interactions that take place in the virtual “free” spaces, and the economic interests of tech business, reveals a systematic information attack on the most vulnerable users of mobile internet who are forced to inhabit these environments of digital garbage.

Advocates and policymakers, who are well-versed in internet topics and hold the privilege of accessing secure and legitimate communications and information channels, can choose to blame the users of these services. They can choose to expect people to ignore fake news and spend their limited megabytes on the interactive visualisations of the New York Times instead of on Facebook with the people they know. However, it will be much more fruitful to work on strategies that guarantee a strict enforcement of net neutrality – including a ban on zero rating – through an interdisciplinary approach that includes community, tech and regulatory work.

It is important to fight for a vision where, at least in theory, all of us, regardless of our economic situation, are able to access and participate in an ecosystem of truthful information and open collaboration. We cannot abandon those with fewer means to the digital junk content that promotes fascism and generates toxic revenue for the big internet platforms.

This article was first published at https://www.bitsoffreedom.nl/2019/04/29/it-starts-with-free-pokemon-go-it-ends-with-bolsonaro/.

Zero rating: Why it is dangerous for our rights and freedoms (22.06.2016)
https://edri.org/zero-rating-why-dangerous-for-our-rights-freedoms/

Two years of net neutrality in Europe – 31 NGOs urge to guarantee non-discriminatory treatment of communications (30.04.2019)
https://edri.org/two-years-of-net-neutrality-in-europe-29-ngos-urge-to-guarantee-non-discriminatory-treatment-of-communications/

(Contribution by Danae Tapia, Mozilla fellow at EDRi member Bits of Freedom, the Netherlands)

The law “on care and responsibility on the net” forces media platforms with forums to store detailed data about their users in order to deliver them in case of a possible offence not only to police authorities, but also to other users who want to legally prosecute another forum user. Looking at the law in detail, it is obvious that they contain so many problematic passages that their intended purpose is completely undermined.

According to the Minister of Media, Gernot Blümel, harmless software will deal with the personal data processing. One of the risks of such a system would be the potential for abuse from public authorities or individuals requesting a platform provider the person’s name and address with the excuse to wanting to investigate or sue them − and then use the information for entirely other purposes. Rather than improving safety online, the resulting “chilling effect” will lead to individuals avoiding sharing their most controversial opinions on a forum that possesses their detailed personal data. In essence, this is a way of imposing self-censorship on individuals. The proposed laws would concern only a handful of platforms in Austria. The aim is quite clear: to diminish the public democratic discourse and to try to intimidate those who think differently politically.

This law is not alone in restricting online freedoms. During its EU Council presidency, Austria decided to not make a clear rejection of unlawful data retention − a concept that has already been judged several times as contrary to fundamental rights by the European Court of Justice. Furthermore, back at home, the Austrian Federal Government is trying to collect as much data as possible about citizens and with new surveillance laws and porn filters based on the British model. The goal is clear: To monitor people every step of the way on the internet and limit their leeway.

Austria’s Chancellor Sebastian Kurz argues that the internet is not a legal vacuum and that laws apply to the online world too. He’s right. The Charter of Fundamental Rights of the European Union also applies to the online world. We must not allow this creeping undermining and abolition of privacy, data protection, freedom of expression and participation in political discourse. It is time to stand up for these fundamental rights. Let us demand a transparent state instead of a transparent citizen!

Epicenter.works
https://epicenter.works/

EU Member States give green light for copyright censorship (15.04.2019)
https://edri.org/eu-member-states-give-green-light-for-copyright-censorship/

New EU data retention at Austria’s initiative
https://fm4.orf.at/stories/2975759/

(Contribution by Iwona Laub, EDRi member Epicenter.works, Austria)

However, Facebook’s ToS have been already subject to close scrutiny by a number of authorities in various EU Member States. The attention focused on the way the platform collects, processes and uses users’ data, which constitutes an essential part of its business model. The German competition authority has recently used competition rules to address the ToS; the Italian competition authority, instead, has enforced unfair commercial practices’ rules. In addition, national data protection authorities (DPAs) have raised concerns about the fact that Facebook’s ToS do not adequately protect users’ data. They are also questioning the admissibility of certain mechanisms of online advertising currently performed by the platform.

At European level, European Commission’s Directorate-General for Competition (DG COMP) officials have often expressed perplexity with regards to Facebook’s business model and at least some of its ToS. Furthermore, Directorate-General for Communications Networks, Content and Technology (DG CNECT) might look at Facebook’s ToS under its policies concerning data, media and artificial intelligence and digital industry. To complete the picture, in April 2018, the European Commission, under the impulse of DG JUST, adopted the New Deal for Consumers package, composed of two proposals for Directives and a Communication, on which the European Parliament and Council reached a provisional agreement in March 2019.

Against this patchwork of initiatives, it is difficult to praise the latest Facebook’s commitments as concrete advancement. First, there is the risk that Facebook (and other platforms in the future) can avoid in depth assessment of its conducts in enforcement actions (ran either by consumer protection authorities or by DPAs) by agreeing on vague and superficial changes in its ToS. By way of example, clearly explaining practices might not be a sufficient commitment when those practices are illegal under the General Data Protection Regulation (GDPR) or under competition rules. Moreover, the standard set in the commitments might result too low to adequately protect users’ rights, such as privacy or freedom of expression.

In other words, as ToS can impact different users’ rights and can be relevant under different legal instruments, their assessment shall be performed under all of them and not by consumer rules only. For this reason, in order to work properly in this sector, consumer protection authorities need to cooperate with DPAs and competition authorities, because effective enforcement of different rules cannot happen in silos. The same is true for the relevant DGs of the European Commission, whose initiatives shall be coordinated and take into account the impact on each other relevant policies and actions.

Article 19
https://www.article19.org/

Facebook changes its terms and clarify its use of data for consumers following discussions with the European Commission and consumer authorities (09.04.2019)
http://europa.eu/rapid/press-release_IP-19-2048_en.htm

Bundeskartellamt prohibits Facebook from combining user data from different sources (07.02.2019)
https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2019/07_02_2019_Facebook.html

Facebook fined 10 million Euros by the ICA for unfair commercial practices for using its subscribers’ data for commercial purposes (07.12.2018)
https://en.agcm.it/en/media/press-releases/2018/12/Facebook-fined-10-million-Euros-by-the-ICA-for-unfair-commercial-practices-for-using-its-subscribers%E2%80%99-data-for-commercial-purposes

Review of EU consumer law – New Deal for Consumers
https://ec.europa.eu/info/law/law-topic/consumers/review-eu-consumer-law-new-deal-consumers_en

(Contribution by Maria Luisa Stasi, EDRi member Article 19, United Kingdom)

Today, the internet is a part of 4,3 billion humans` daily lives. The internet is the most important development in the last decades. It facilitates the exchange of information around the world, brings together individuals and organisations to work on common goals, and makes it easier than ever before to work collaboratively. However, the right for access to the internet, protected by constitutions and civil laws, may face challenges under authoritarian regimes. In fact, this “digital divide” – the gap between those capable of accessing internet and those who can’t – has increased in the last ten years.

The signatories of the Declaration regret that in Turkey, the internet does not seem to be treated as an opportunity or resource, but as a problem. For example, access to Wikipedia has been blocked in the country for over two years. As part of Law no. 5651 section 8/A, the access blockages by related Ministeries are against the Turkish Constitution as well as the United Nations (UN) Universal Declaration of Human Rights. Thus, this is a bitter celebration for the 26th anniversary of the internet`s arrival in Turkey.

The declaration states that Turkey`s internet situation is improving in respect to mobile technologies, finance sector, contemporary devices, e-governmental services, research and development incentives and techno-cities. However, othere are many obstacles that restrain Turkey from enjoying a free and open internet:

Lack of trainings related to the protection of personal data: Even though there is a specialised institution responsible for protection of personal data in Turkey. However, leaks from state institutions continue and the training programs for personal precautions are not sufficient.

Widespread censorship: Research, development, innovation, freedom of the press, and freedom of expression may only take place in systems that are democratically governed. None of these are currently guaranteed by the existing authoritarian regime. Officially, the number of blocked websites that are allegedly illegal based on the Law no 5651 has augmented to 110 000, and the actual number may even be higher. Even though the European Court of Human Rights has ruled against this legislation, the instances of over-ruling still continue. Deep-packet inspection and internet throttling are among illegal sanctions of the existing regime of governance.

Digital divide: Turkey falls behind in international development indices each year, even though it claims to be the 17th largest economy in the world. The digital divide continues among men and women as well as in the urban-rural dimension. School curriculum adaptation, as well as lifelong learning facilities, are necessary. Free and open source software (FLOSS) are crucial when it comes to security, employment, competition, and economic well-being.

Online surveillance: Data collection is a significant issue and is not contested too harshly by civil authorities in Turkey. Consumer profiling is a tool for marketing revenue and deep packet inspection by governments is a serious violation of human rights, but still exercised by quite a few governments including Turkey for the last several years. Assange and Snowden`s warnings on massive targeted surveillance are more than real.

New Media Literacy and Digital Empowerment: In order to become active online citizens or “netizens” there needs to increase the online media literacy, including the way individuals engage in social media. Striving against online hate crimes and discrimination requires intensive campaigns and training programs.

The Turkish civil society organisations declare:

• that the internet and all other scientific and technological developments are common knowledge of humanity,
• that they will combine forces to overcome challenges arising from censorship, blockages and limitations, securing basic rights and freedoms,
• that they will do their best to elaborate social media as part of accountable communication rather than an instrument of consumption and cheap exposure,
• that they will defend fundamental rights and freedoms against surveillance regimes and elaborate on new technologies for liberating human lives,
• that they will tackle digital divide among diverse populations of the rural and the urban for more equity in resources,
• that they will secure freedom of thought, belief and expression,
• that they will defend secure communication at all costs,
• that they reject personal/private property over scientific and technological knowledge, as well as imposing regimes of patents,
• that they will endorse free, liberated open source software (FLOSS) and propagate it as such, and
• that they will keep on looking for common solutions for digital rights` based discrepancies at all scales.

Alternatif Bilişim Derneği
https://alternatifbilisim.org/

Civil society Internet Week declaration (only in Turkish, 13.04.2019)
https://internethaftasi.org.tr/2019/internet-bildirgesi/

(Contribution by Asli Telli Aydemir, EDRi member Alternatif Bilişim Derneği, Turkey)

In the run-up of the 2019 European Parliament elections, EU institutions (notably the European Commission, the European Council, and the Parliament) have adopted measures to seek to protect against data exploitation for political aims. They are detailed in an electoral package and an Action Plan against Disinformation.

These measures are addressed to the three main actors relevant to online communications that influence modern democratic elections: European member states, which are primarily responsible for the carrying out of free and fair elections; political parties, which have responsibility to conduct their campaigns in ways that respect rules, particularly in relation to targeting potential voters with online campaign messaging; and social media platforms, which are increasingly dominating (given their position in the market) and controlling (through their technology and terms of services) online communications.

The measures adopted by the EU seek to ensure free and fair elections by intervening in areas such as transparency in political advertising and cybersecurity.

Protection of personal data

Central to these measures is the protection of personal data. Much debate around elections has focussed on the content of digital communications, for example fake news and disinformation. It is therefore a welcome step that increased attention has also been dedicated to the role played by personal data and the importance of its protection.

The European Data Protection Board (EDPB) summarised neatly the role of personal data in modern elections: “Political parties, political coalitions and candidates increasingly rely on personal data and sophisticated profiling techniques to monitor and target voters and opinion leaders. In practice, individuals receive highly personalised messages and information, especially on social media platforms, on the basis of personal interests, lifestyle habits and values.” Meanwhile, the European Data Protection Supervisor (EDPS) dedicated a whole report to how personal data may be used to fuel online manipulation, including in election contexts.

Data protection must be seen as necessary for democratic resilience, and the General Data Protection Regulation (GDPR) provides some of the tools needed to address instances of unlawful use of personal data in the electoral context.

It is therefore of particular concern that some EU Member States, such as Spain, Romania and the United Kingdom, have introduced exemptions to the data protection requirements for political parties. These exemptions risk undermine the efforts to address the risks of exploitation of data during elections. The Spanish Data Protection Authority (DPA) has sought to limit the use of this loophole.

Transparency of political advertising

Revelations such as those surrounding the “Facebook/Cambridge Analytica” scandal have exposed the risks of online communications channels being used to target people covertly with political advertisements and messages. That targeting is facilitated by the exploitation of our data. Accordingly, several European institutions have taken steps to address the risk that personal data could be abused to manipulate opinion, spread disinformation or otherwise undermine democratic processes.

The measures adopted by the EU in the run up to the European Parliament elections seek to improve transparency of political advertising:

• Member States should require reasonable transparency surrounding paid online political advertisements and communications. This includes promoting the disclosure of information on groups that support political campaigns, yet are not officially associated with the campaign, and disclosure of campaign expenditure for online activities, including paid online political advertisements and communications. These measures aim to address growing unease regarding the often-shady support of online political advertising. Significantly, given the concerns related to micro-targeting, Member States should require the disclosure of information on any targeting criteria used in the dissemination of political advertisements and communications.
• Political parties, foundations and campaign organisations should ensure that individuals can easily recognise online paid political advertisements and communications and the party, foundation or organisation behind them. They should make available on their websites information on their expenditure for online activities, including paid online political advertisements and communications, as well as information on any targeting criteria used in the dissemination of such advertisements and communications.

In addition, as part of the efforts to improve transparency, the EU developed a Code of Practice on Disinformation aimed at online platforms, leading social networks, advertisers and the advertising industry. It has been signed by Facebook, Google, Twitter and Mozilla as well as by some national online advertisement trade associations. The Code contains a range of commitments mostly focussed on improving transparency of political and issue-based ads, and on limiting techniques such as the malicious use of bots and fake accounts.

The implementation of the Code of Practice by the main companies has been patchy. The companies have been criticised by the Commission for the lack of detail in their monthly reports. Focus on the social media platform is important. But there needs to be similar attention to the hidden data ecosystem that supports targeted advertising, often by exploiting our data. On 2 May 2019, the Irish Data Protection Authority announced the launch of an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry, following EDRi member Privacy International’s 2018 investigation and subsequent submission to the Irish DPC. This is a welcome move to shed the light on the systematic collection and exploitation of people’s data by this industry.

Next steps

As the European Commission starkly noted in 2018: “Online activities, including during the election processes, are developing fast, and thus increased security and a level political playing field are key. Conventional (“off-line”) electoral safeguards, such as rules applicable to political communications during election periods, transparency of and limits to electoral spending, respect for silence periods and equal treatment of candidates should also apply online. […] This is not the case now, and that needs to be remedied before the next European elections”.

As we are entering the last weeks of campaigning for the European Parliament elections, it will be crucial to assess whether the measures taken and the commitments given have ensured that adequate regulations and safeguards are in place for online electoral campaigning.

In the longer term, what the recent elections have taught us is that the whole plethora of laws, regulations and policies developed to ensure free and fair elections and the functioning of democratic institutions (such as Parliaments) need to be reviewed and updated to meet the challenges (and opportunities) of online communications and digital campaigning.

On 1 May 2019, Privacy International launched a new programme called “Defending Democracy and Dissent”. It seeks to defend democracy and dissent by investigating the role technology plays in facilitating and/or hindering everyone’s participation in civic society.

Privacy International
https://privacyinternational.org/

EU election package
https://ec.europa.eu/info/policies/justice-and-fundamental-rights/eu-citizenship/electoral-rights_en#europeanparliamentelections

EU Action Plan against Disinformation
https://ec.europa.eu/digital-single-market/en/news/europe-protects-eu-steps-action-against-disinformation

European Data Protection Board Statement 2/2019 on the use of personal data in the course of political campaigns
https://edpb.europa.eu/sites/edpb/files/files/file1/edpb-2019-03-13-statement-on-elections_en.pdf

Spanish Data Protection Authority opinion on GDPR and political parties
https://www.aepd.es/media/informes/2018-0181-tratamiento-datos-opiniones-politicas-por-partidos-polticos.pdf

Irish Data Protection Commission opens statutory inquiry into Quantcast International Limited
https://www.dataprotection.ie/en/news-media/press-releases/data-protection-commission-opens-statutory-inquiry-quantcast

Privacy International’s programme: Defending Democracy and Dissent
https://privacyinternational.org/strategic-areas/defending-democracy-and-dissent

(Contribution by Tomaso Falchetta, EDRi member Privacy International, international)

Online platforms act as “gatekeepers” for free speech, a tremendous power which they wield without adequate accountability or responsibility. Even though moderation may be necessary in certain situations such as the fight against illegal, harmful content, often perfectly legal and socially valuable materials often fall prey to it. Panoptykon hopes that the lawsuit against Facebook will help change this imbalance of powers.

For the past decade, SIN has been providing drug education, cautioning against harmful effects of psychoactive substances, and helping drug users. SIN works mainly in the interest of young people who tend not to listen to experts or teachers, but who are very active on social media. The group focuses on harm reduction which is a drug-prevention strategy recommended by many institutions, including the United Nations, and the European Union.

In 2018, without any warning or clear explanation, Facebook removed a fan page and a group run by SIN. The platform had characterised their activity as “in violation of Community Standards”. In January 2019, one of the SIN’s accounts on Instagram, a subsidiary of Facebook, was also removed in similar circumstances. When Facebook banned SIN from its social networks, it essentially decided that information about damage reduction and drug education does not deserve the protection of the freedom of expression.

By doing so Facebook made it harder for us to help people who need it the most. It also undermined our reputation by suggesting our actions were illegal.

said SIN’s Jerzy Afanasjew.

He also stated that they had set up a new fan page and that they were trying to rebuild trust and reach. They claimed that the fact that they don’t know what exactly set off the alarm for Facebook content moderators and that therefore it is difficult for them to correct the situation.

Big tech companies such as Facebook, Google and Twitter present content selected by algorithms on the basis of users’ online activity. However, they also moderate the content published online, thus deciding what users will not get to see. Panoptykon fights for content removal to be based on clear and easily accessible rules and for users to have the right to effectively contest the decision. This means for example that the user has to be informed why their content was blocked, and to be able to present arguments in their defense. The appeal should also be considered by people who did not play a role in the initial decision. In addition, platforms’ final decisions should be subject to independent scrutiny by courts.

Panoptykon filed the case with the expectation that the court case will give online platforms an incentive to move away from their current opaque and arbitrary methods of blocking, and to introduce solutions which will better protect our freedom of expression. The case is expected to set standards that will influence policies of not only Facebook, but also other platforms.

Panoptykon Foundation
https://en.panoptykon.org/

SIN v Facebook
https://panoptykon.org/sinvsfacebook/en

(Contribution by EDRi member Panoptykon Foundation, Poland)

Unfortunately, the Report does not give the in-depth analysis of the situation that one could have hoped for. It ignores the fact that the respect for net neutrality protections has deteriorated across the EU in the past years, as shown by a recent study carried out by EDRi member Epicenter.works.

31 human and civil rights organisations therefore addressed an open letter to the EU Commission and the Body of European Regulators for Electronic Communications (BEREC).

The letter points out that it is now more critical than ever for the EU institutions to ensure that users and online businesses in Europe benefit from equal and non-discriminatory treatment of traffic in the provision of internet access services. The upcoming review of BEREC’s net neutrality guidelines will be an opportunity to work towards a true Digital Single Market that protects and promotes an open, neutral and non-discriminatory access to the internet.

EDRi, along with the other signatories of the letter will continue to closely monitor and contribute to the review process of the guidelines for a harmonised implementation which will start in the second half of 2019.

You can download the letter here (pdf) or read it below.

European Commission
DG for Communication Networks, Content and Technology
Directorate B: Electronic Communications Networks and Services
Unit B2: Implementation of the Regulatory Framework
1049 Bruxelles/Brussel
Belgium

Body of European Regulators for Electronic Communications (BEREC)
Zigfrīda Annas Meierovica bulvāris № 14, 2^nd floor
LV-1050 Rīga
Republic of Latvia

30 April 2019

Joint statement on the publication of the European Commission’s evaluation report on Europe’s net neutrality rules

Today, the European Commission published its implementation report on the EU’s net neutrality rules contained in Regulation (EU) 2015/2120 laying down measures concerning open internet access.

Net neutrality is one of the central reasons for the success of the internet and the foundation of its technological structure. Net neutrality is crucial for innovation, competition and for the free flow of information by allowing internet traffic to move freely without discrimination. Most importantly, a neutral and open access, as safeguarded in Article 3 of the Regulation, gives the internet its ability to generate new means of exercising fundamental rights such as the freedom of expression and the right to receive and impart information – without interference by telecom companies.

The undersigned organisations therefore welcome the European Commission’s decision to uphold the EU’s net neutrality legislation. While we welcome certain positive elements in the report, such as stating the Commission’s aim to protect European internet users and the release of the underlying study of Bird & Bird, many obvious problems, such as the market entry barriers for participation in the class-based zero-rating offers, particularly affecting cross-border content and application providers in the Digital Single Market, the ongoing throttling of certain applications by telecom operators, the complete lack of dissuasive and proportionate penalty provisions by member states have been ignored or overlooked.

The undersigned organisations feel that, regardless of the brief evaluation period, the report falls short of an in-depth analysis and we are disappointed that the Commission did not put more efforts into a substantive, evidence-based report.

New barriers to enter the market

The most significant issue, which is unfortunately not covered in the report, is the lack of enforcement as regards commercial practices such as differential pricing offers (zero-rating) which undermine the rights of end-users.

A recent study by EDRi member epicenter.works found that since the EU’s net neutrality rules came into effect, the discriminatory practice of zero-rating has spread to all but two EU countries with a total of 186 cases in Europe. Among the top 20 applications and services that receive preferential treatment, 15 are from the US and only three are based in the EU. As applications and services from EU Member States other than the country where the telecom service is offered are rarely zero-rated and telecom companies thus created new market entry barriers¹, the implementation has weakened European applications and services and led to further fragmentation of the European Digital Single Market.

Lack of harmonisation

The undersigned organisations firmly believe that an in-depth analysis of the state of harmonisation as regards the implementation of Regulation (EU) 2015/2120 is necessary.

Three serious shortcomings were highlighted to the Commission, BEREC and other experts but unfortunately not covered by the Commission’s implementation report:

1. A majority of national regulators have not implemented effective and dissuasive penalties (BG, CY, DE, DK, EE, ES, FI, GR, HR, IE, IT, LU, LV, NO, PT, SE, SI)² as required by Article 6 of the Regulation;
2. There have been contradicting decisions by national regulators (notably regarding congestion management as well as port blocking, which is critical for consumers to deploy self-hosted and decentralised email servers and service providers that rely on the digital single market);
3. Many national regulators are not compliant with their annual reporting obligations and most crucially only 8 regulators report numbers on the development of internet speeds that should meet increasing demands³.

Finally, we remain hopeful that BEREC’s work to review the Guidelines will lead to a more efficient and harmonised implementation. An essential part of this work will be to offer further guidance to national regulators when assessing differential pricing practices and their effect on material infringements of end-user rights and on cross-border provision of online services. Most importantly, Europe will lead the way as regards a clarification which (and if any) changes are needed in the net neutrality framework to incorporate the upcoming 5G mobile network standard. An evidence-based discussion will be of utmost importance in this matter.

We remain at the Commission’s and BEREC’s disposal for any support and expertise that we can provide to work towards a true Digital Single Market that protects and promotes an open, neutral and non-discriminatory access to the internet.

Signed:

AccessNow (International)
Alternatif Bilisim (AIA, Turkey)
Asocia ia pentru Tehnologie i Internet (ApTI, Romania) ția pentru Tehnologie și Internet (ApTI, Romania) și Internet (ApTI, Romania)
Bits of Freedom (Netherlands)
Chaos Computer Club (CCC, Germany)
Chaos Computer Club Wien (C3W, Austria)
Code4Romania (Romania)
Defesa dos Direitos Digitais (D3, Portugal)
Digitalcourage (Germany)
Digitale Gesellschaft e. V. (Germany)
Digital Rights (Ireland)
Electronic Frontier Norway (EFN, Norway)
Epicenter.works (Austria)
European Digital Rights (EDRi, Belgium)
Fitug e. V. (Germany)
Föreningen för digitala fri- och rättigheter (DFRI, Sweden)
Frënn vun der Ënn (Luxemburg)
Hermes Center (Italy)
Homo Digitalis (Greece)
IT-Pol (Denmark)
Iuridicum Remedium (IuRe, Czech republic)
Liga voor Mensenrechten (Belgium)
Net Users’ Rights Protection Association asbl (NURPA, Belgium)
OpenMedia (International)
Open Rights Group (United Kingdom)
Reporters Without Borders (International)
quintessenz (Austria)
SHARE (Serbia)
vibe.at (Austria)
Wikimedia Deutschland e. V. (Germany)
Xnet (Spain)

1Report: The net Neutrality Situation in the EU, pages 21-29: https://epicenter.works/document/1522

2Report: The net Neutrality Situation in the EU, pages 13-15: https://epicenter.works/document/1522

3Report: The net Neutrality Situation in the EU, pages 9-13: https://epicenter.works/document/1522

Net neutrality wins in Europe! (29.08.2016)
https://edri.org/net-neutrality-wins-europe/

Commission report on open internet
https://ec.europa.eu/digital-single-market/en/news/commission-report-open-internet

A study evaluates the net neutrality situation in the EU (13.02.2019)
https://edri.org/a-study-evaluates-the-net-neutrality-situation-in-the-eu/

Net Neutrality vs. 5G: What to expect from the upcoming EU review? (05.12.2019)
https://edri.org/net-neutrality-vs-5g-what-to-expect-from-the-upcoming-eu-review/