‹ Back
Newsletters 15 May 2018

European Regional Bureau Newsletter – 5 May – 11 May 2018

Internet Access

EU: Vodafone and Liberty Global sign €19bn merger deal

  • The UK-based telecoms operator has signed a deal taking-over Liberty Global’s cable networks in Germany, Czech Republic and Hungary.
  • The merger marks Vodafone’s largest acquisition since 2000 and is expected to create a powerful rival to Germany’s Deutsche Telekom. The deal will also trigger a regulatory investigation (either led by German or EU officials) as they decide whether it gives Vodafone too much power. Mike Fries, Liberty Global’s Chief Executive, was optimistic the deal would pass, however: “There’s no question it clears” he said. 

Trust

EU: MEPs strongly in favour of regulating AI

  • According to a recent survey, some 66% of Members of the European Parliament support introducing a system for the registration of advanced robots, managed by a new EU Agency for Robotics and AI.
  • The survey conducted by VoteWatchEurope also found that an overwhelming majority (89%) of MEPs support legislating on a comprehensive assessment of the impact of robots in Europe, and just under half favour a tax on robots.

EU: Slow progress on ePrivacy discussions in the Council of the EU

  • The Bulgarian Presidency of the Council has released its proposed version of the Regulation on privacy in electronic communications (ePrivacy), displaying slow progress on some of the key issues since Member State’s last discussed the text.
  • The ePrivacy Regulation is a central part of the Commission’s privacy and data protection agenda, but the proposals, and especially the European Parliament’s amendments, have led to criticism from large digital companies who argue the measures go too far.
  • The Developers Alliance, an industry association representing online platforms and Internet companies (including Facebook and Google), released a study pointing to the very high cost to companies if the current version of the ePrivacy text is kept, claiming costs could reach an astronomical €551.9bn if no changes are made.
  • The Council aims to adopt a general approach in time for a meeting of the Telecoms Council on June 8, but disagreements between Member States on the definition of data “in transmission” and issues tied to data retention, are holding up the talks. 

EU: German industry pushes for greater security on Europe’s 5G networks

  • German industry lobby organisation VDMA, which counts companies Bosch and Siemens among its members, is reportedly lobbying Brussels lawmakers to lay out stricter restrictions for foreign-owned equipment-makers.
  • The calls come in the context of suspicion that foreign-built networks could include “backdoors” allowing communications to be accessed by the US or Chinese intelligence agencies.
  • The EU’s Cybersecurity Act is one step forward, say officials at the European Commission (EC), creating cybersecurity certification standards for telecoms and 5G, however this legislation is not expected to be implemented for another two years. Stronger measures have reportedly not yet been considered by the Commission, such as blocking procurement from foreign vendors in private supply chains and business-to-business contracts, for fear of appearing too protectionist.
  • The EU’s only current cybersecurity law, the NIS Directive, holds telecoms service providers liable for breaches, but network equipment-makers are not directly covered. The lack of more EU action on network security is also due to the EU’s structure: decisions relating to critical security are made by national capitals.
  • “Each member state can take their own views on the risks associated with using various suppliers,” said the EU’s cybersecurity agency Director Udo Helmbrecht, a former president of the German Federal Office for Information Security. “We believe that some countries have asked for the source code when using foreign critical infrastructure providers equipment. Others only allow equipment vendors that they trust and work closely with,” Helmbrecht said. 

EU: Cybersecurity – Only 5 EU countries have transposed NIS Directive so far

  • According to a European Commission official, only 5 out of 28 Member States have transposed the NIS Directive measures so far.
  • The NIS Directive was adopted in 2016 to boost security measures in Member States lagging in this regard. It is sometimes cited as the EU’s first major cybersecurity legislation.
  • One of the challenges facing Member States is the requirement laid down by the NIS to decide on a systematic process to flag breaches to national authorities. To do so, they must establish a process and point of contact, potentially requiring the empowerment of new bodies and cybersecurity centres.
  • Member States have until November 9 2018 to complete the second stage of transposition – in which they must identify the operators of essential services which will be covered by the NIS. 

France: Additional measures are needed to tackle online hate speech

  • France will take additional measures to track and remove all online hate speech, said Digital Affairs Minister Mounir Mahjoubi on Friday 4 May.
  • The announcement follows the results of a study “Panorama of online hate speech” commissioned by the French government, which highlighted that 10% of all comments posted online contained hate speech.
  • Minister Mahjoubi’s call for a more aggressive policing of platforms, coincides with criticism of the European Commission’s own measures, which allow companies to manage the process themselves, potentially allowing hate speech to thrive on niche sites that do not self-police.
  • France, Germany and Britain are now calling for a major revision to the eCommerce Directive, an EU text from 2000 that allows online platforms to benefit from limited liability over their content. Revising this directive would be the “next step” in making platforms more accountable said the French Culture Minister, Françoise Nyssen, at a recent conference in Lille.

Czech Republic: GDPR awareness-raising efforts must continue says Commission

  • The Commission released more information this week on its awareness-raising efforts around GDPR, following a parliamentary question from Czech MEP Michaela Šojdrová.
  • The Czech MEP highlighted to the EC that the GDPR is a matter of concern in the Czech Republic due to the administrative burden it could create and the difficulty in interpreting it.
  • The Commission responded that it has published guidance on the direct application of the GDPR, has allocated EU-wide grants for training within data protection authorities, with six contracts concluded at the end of December 2017 for an amount of €1.8m, and has made €2m available for awareness-raising activities. The EC has also set up a multi-stakeholder expert group, with representatives from business, civil society, academics, which last met on March 20 2018.

Global: Facebook defends WhatsApp’s end-to-end encryption

  • Gail Kent, Facebook’s lead on Global Public Policy, published a blog post on Monday 7 May defending WhatsApp’s encryption tools, responding to criticism from law enforcement authorities that it frustrates criminal investigations.
  • “End-to-end encryption lets patients talk to their doctors in complete confidence. It helps journalists communicate with sources without governments listening in. It gives citizens in repressive regimes a lifeline to human rights advocates” said Gail Kent.
  • Kent acknowledged that the technology has its drawbacks, making it harder for companies to catch bad actors or for law enforcement to investigate certain crimes, but emphasised Facebook’s “broad responsibility” in working with governments, as long as this does not undermine the security of its products. 

Global: Google publishes updated GDPR privacy policy

  • The Internet company published an update of its privacy policy, which will enter into force on May 25 in time for when the EU’s General Data Protection Regulation will kick in.
  • The changes include a simplification of Google’s privacy settings, more detail provided to users on how to manage, export and delete data, as well as an open-source project to allow users to export and move their photos under the GDPR’s portability right. A new system called Family Link also allows parents to create an account for their child to better manage their privacy settings.
  • Publishers have criticised Google for some of the changes made to the privacy policy, which asks publishers to gather consent from their readers to display Google’s advertisements.
  • William Malcom, director of privacy policy for Europe, explained in a blog post that this was nothing new, that “Google already asks publishers to get consent from their users for the use of our ad tech on their sites and apps under existing legislation, but we’ve now updated that requirement in line with GDPR guidance”.
‹ Back

Related articles

Newsletters 3 April 2020

Kilima: Highlights from ISOC Africa – March 2020

Africa Regional Bureau Newsletter for March 2020

Newsletters 3 February 2020

Kilima: Highlights from ISOC Africa – January 2020

Africa Regional Bureau Newsletter for January 2020

Newsletters 12 December 2019

Kilima: Highlights from ISOC Africa – November 2019

Africa Regional Bureau Newsletter for November 2019

Join the conversation with Internet Society members around the world