By Luca Bertuzzi and Molly Killeen | Euractiv.com Est. 26min 14-10-2022 The Tech Brief is EURACTIV's weekly tech newsletter. Euractiv is part of the Trust Project >>> Print Email Facebook X LinkedIn WhatsApp Telegram Welcome to EURACTIV’s Tech Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here. “BEREC’s experience shows that the internet has proven its ability to cope with increasing traffic volumes, changes in demand patterns, technology, business models, as well as in the (relative) market power between market players.” -BEREC preliminary assessment of the underlying assumptions of payments from large CAPs to ISPs Story of the week: The Body of European Regulators for Electronic Communications (BEREC) has given a largely unfavourable review of the Commission’s upcoming proposal to make online platforms contribute to telecom network costs. In a paper, the first of two studies on the proposal, BEREC assessed the need for such an initiative, concluding that it had yet to be convinced that there was one. In particular, the preliminary assessment dismissed the telecoms’ request as unfounded, considering there is no evidence that the platforms are “free-riding”. Quite the contrary, it points out that telecom providers are reaping high margins compared to the low risk for their infrastructural investments. Moreover, the regulators also pointed to potential market distortions that the move could cause and that any changes to the current settings could significantly harm the internet ecosystem. The second paper is expected by mid-November and will reflect on the proposal’s potential implications, particularly regarding innovation and competition. Read more. Don’t miss: The EU Council’s Czech Presidency has questioned whether the Council of Europe’s AI treaty should cover national security issues, as the Commission seeks a mandate to negotiate its contents on member states’ behalf. In preparatory discussions with the EU executive, the Czech Presidency put forward two approaches for dealing with national security matters, covering divergent scenarios in which the treaty is or is not aligned with the EU’s own AI Act, which would shape the extent to which member states are involved. On Thursday, the national representatives gathered in the Telecom Working Party overwhelmingly expressed themselves in favour of keeping national security in the scope of the AI convention, with only Croatia and Denmark preferring the second option – and Lithuania not having a position yet. Read more. Also this week: US President Biden signed the Executive Order that should lay the ground for a Privacy Shield 2.0. The Commission is examining financing a submarine cable connective Europe to Asia passing via the Arctic. The chair of the EDPB sent a wish list to the Commission on the procedural aspects that need to be standardised to accelerate cross-border collaboration. IMCO’s opinion rapporteur on the Data Act proposed removing the ‘functional equivalence’ requirement for cloud switching. The Czech Presidency proposed further raising the bar on how platform workers would qualify as employees. Prague also shared new compromise texts on the Chips Act and CSAM proposal. Centre-left lawmakers filed complaints against ‘astroturfing’ business representatives. MEPs in ITRE adopted their position on the secure connectivity file. Before we start: Even though the European Court of Justice ruled against data retention a few weeks ago, the debate on the topic does not seem to end in Germany. The government is still not in agreement on whether to follow a “quick freeze” approach or whether to store IP addresses in the fight against crime. Konstantin Macher from Digital Courage, a German privacy and digital rights organisation, contextualised the debate and the different approaches to privacy rights. Germany’s ongoing debate on data retention Even though the European Court of Justice ruled against data retention a few weeks ago, in Germany, the debate on the topic does not seem to end. The government is still not in agreement on whether to follow a “quick … Artificial Intelligence Technical discussions. The AI Act continued to progress with three technical meetings this week. The requirements and obligations for users and providers of high-risk AI systems were on the table. Despite the continued discussions, there were no breakthroughs, with most political points put on standby. In particular, further work will be needed for the articles on authorised representatives and the derogation from the conformity assessment procedure. The EDPS’ view. The Council of Europe’s (CoE) AI Treaty could complement the EU’s AI Act in a significant way by enacting stronger protections of individuals’ fundamental rights, the European Data Protection Supervisor (EDPS) has concluded in an opinion published this week. The Convention, the EDPS said, should aim for consistency with the EU’s data protection framework and prohibit AI systems that pose an unacceptable risk to individuals. Moreover, the regulatory frameworks in development should aim to deliver minimum procedural safeguards for individuals affected by AI systems, implement compliance and control mechanisms, and boost cross-border cooperation between oversight authorities. Competition AdTech’s competition problems. The European Commission could bring competition charges against Google over the company’s digital advertising business, its largest source of revenue. According to Reuters, the charges could be issued next year following an investigation that began last June. A potential fine, the tech giant’s fourth of over a billion euros, could be avoided if Google offers concessions to settle the dispute. Cybersecurity Shaking post. Germany’s interior minister is reportedly seeking to dismiss the country’s head of cybersecurity over his alleged contacts with the Russian security services. Arne Schönbohm, president of Germany’s federal information security agency, has been accused by German media of having been in contact with Russian agents through the Cyber Security Council of Germany, which he helped to found. German authorities are said to seek his reassignment rather than outright dismissal under German law. Read more. Speedy progress. The Czech Presidency is dealing with the Cyber Resilience Act with high priority. Last week, the EU Council discussed the first nine articles (except the one on critical products) and how the new regulation will interplay with existing legislation. This week, the file was discussed twice at the Cyber Working Party, diving into the chapter on the obligations for economic operators, the annexes on the essential requirements and information to be provided to the user, the application of the New Legislative Framework and how the software would be covered. Next Wednesday, the national representatives will touch upon the conformity assessment process and the provisions on critical products with the related annexes. The discussion on the remaining chapters on the conformity assessment bodies, market surveillance and enforcement, delegated powers, penalties and final provisions is scheduled on 26 October. On the 10 and 11 November, the Presidency is organising a field trip to ENISA, where the Cybersecurity Certification Scheme for Cloud Services (EUCS) is also on the agenda. A tentative date for a progress report has been set to 6 December. Meanwhile, in the Parliament. The provisional decision has been to assign the CRA’s lead to ITRE, with LIBE and IMCO set to provide an opinion. Although the file strongly focuses on industrial processes, IMCO might be tempted to claim some exclusive or at least shared competencies over the consumer protection aspects. In ITRE, the rapporteur will be from Renew, and the group is set to make up its mind next Wednesday. For the social democrats, heavyweight Eva Kaili has been appointed as a shadow. The EPP and Greens still have to confirm their choice. Albania’s continuous struggle. Senior government officials in Albania were gathered by the country’s President this week as cyberattacks against state infrastructure continue. Last weekend saw the release of personal data linked to employees of the State Police, the latest in a series of cyber assaults that began in July and have been attributed to Iran, leading to the severing of diplomatic ties and closure of Tehran’s embassy in Tirana. Read more. Cybersecurity & 5G. As lawmakers and experts have said, cybersecurity must be mainstreamed in the deployment of 5G as Europe races to catch up with other regions regarding the rollout. Speaking at an event last week, MEP Tsvetelina Penkova warned that the current geopolitical situation made attention to cybersecurity even more important, and other stakeholders emphasised telecom market consolidation as the crucial first step in addressing Europe’s lagging 5G development. Read more. Data & Privacy Executive Order landed. US President Joe Biden signed an executive order this week introducing a new framework for data transfers between the EU and US. The order is the product of lengthy negotiations between Brussels and Washington. It entails limiting US intelligence activities to well-defined national security objectives and establishing two-layer protection with a Civil Liberties Protection Officer and a Data Protection Review Court under the ministry of justice. Privacy activist Max Schrems is not satisfied, stating that the notion of ‘proportionality’, a fundamental legal principle in the EU, is intended differently in the US. The court’s independence is also questioned, as it would be under the executive branch and critics also said that a new president could change the executive order at will. Read more. EDPB’s wish list. Procedural deadlines, investigative powers and cooperation procedures were just some of the items included in a letter sent by the European Data Protection Board (EDPB) chair to Justice Commissioner Didier Reynders this week. Andrea Jelinek’s “wish list” of various procedural aspects that the EU should seek to harmonise is designed to speed up GDPR implementation and tackle the fragmented approach to its enforcement across the EU. According to Jelinek, the solution is not reforming the landmark regulation but a convergence of administrative practices and greater cross-border cooperation regarding its deployment. Read more. No functional equivalence. IMCO’s Data Act rapporteur, Adam Bielan, is seeking to scrap the obligation that the regulation would place on cloud providers to ensure an equivalent level of service when a client changes provider. In his draft opinion, published this week, Bielen argued that functional equivalence requirements would stand in the way of competitiveness in the sector and, therefore, that they should be removed. While the cloud-related part is an exclusive competence of IMCO, the Polish lawmakers also included suggestions for other sections of the proposal, notably proposing the removal of the ‘gatekeeper’ exclusion, limitations to B2G data sharing and a list of countries where industrial data cannot be transferred. Read more. No more compensation? The Advocate General of the Court of Justice of the European Union (CJEU) issued a non-binding opinion, which privacy advocates fear could further limit users’ possibilities to enforce their privacy rights under the GDPR. In the opinion, Europeans would hardly get compensated if their rights are violated under the GDPR, even though the EU’s data protection rulebook foresees a claim for non-material damages. The opinion came in reaction to an Austrian case where the national postal service illegally calculated the political affiliation of millions of people to offer marketing services. A Viennese plaintiff sued the postal service for wrongly associating him with the right-wing party, saying this had damaged his reputation. More here. Financial data coming up. The expert group on the Financial Data Space is expected to publish its report in 10 days. Although this initiative has been under the radar until now, the financial data space will be crucial in a few months. Digital Markets Act Ready, set, go. The Digital Markets Act (DMA) was officially published in the EU’s books this week, half a year after co-legislators reached an agreement on its contents. Negotiations on the landmark digital regulation were concluded in March this year, with rules set to kick in in 2023. The Commission is still to publish its implementing acts for public consultation in the coming weeks. Digital skills Digital skills in schools. The Commission released on Tuesday a toolkit to aid educators in teaching digital literacy and anti-disinformation techniques. The guidebook, produced by an expert group formed a year ago, comes as part of the Digital Education Action Plan and offers tips for delivering lessons on topics such as how to distinguish between fact and opinion and the economics of disinformation. The toolkit is accompanied by a report looking more broadly at the role of education in tackling disinformation amid a broader push by the Commission to invest in cultivating digital skills and cleaning up the information space. Read more. Disinformation Sustainable fact-checking. As attention turns to tackling disinformation at policy and organisational levels, some fact-checking organisations are innovating to address the issue on their own terms. Treading a fine line between needing funding to carry out their activities and needing to maintain independence for these activities to be seen as impartial and legitimate, some outlets have turned to community engagement models. These are seen as a means of more effectively undertaking their tasks while also transforming their businesses and creating a replicable approach for a broader impact within the sector. Read more. Make fake news illegal. More than half of EU citizens want the dissemination of disinformation to be made illegal, and over two-thirds are concerned about possible cyber-attacks on critical infrastructure, according to new research by Spain’s IE University. This year’s edition of a report on attitudes towards technology, social media, the future of work and democracy finds that more than one-third believe an AI algorithms would be more productive at work than their boss, and 57% support codifying the right to disconnect into law. eGovernance LIBE’s eIDs opinion. The eIDAS draft opinion was voted on and adopted on Monday in LIBE. The committee has exclusive and shared competencies on GDPR alignment, transparency requirements, personal data protection and fundamental rights. The new clauses include data protection by design, the possibility always to withdraw consent, and access to transaction history. Another change is the obligation to obtain explicit consent from the user to store information in the cloud. While the controversial unique identifiers are still in the text, it is clearly stated that they shall only be used when required by law. Next, the ITRE Committee will vote on the report on 23 November, followed by a general approach at the beginning of December. Gig economy Raising the bar. In a new compromise text seen by EURACTIV, the Czech Council Presidency has proposed that the threshold for triggering the presumption of employment in the platform workers’ directive should be raised to add another criterion. Platforms will still bear the burden of proof to rebut a presumption, but the compromise suggests that three rather than two criteria must be met for it to be invoked in the first place. The text is set to be debated by member states on Monday. Read more. EPP’s internal struggle. In the Parliament, divisions over the directive remain stark. Splits are still present within the centre-right EPP, where opinions differ over the presumption of employment and the burden of proof. Common ground between the shadow Dennis Radtke and the ‘hawks’ within his group is still out of reach, according to draft amendments obtained by EURACTIV. Read more. Troubled hearing. The whistle-blower who ignited the Uber Files scandal is due to speak at a Parliament hearing alongside the company’s Director of EU Public Policy in a move that would leave him “unprotected”, it was argued in a letter to the chair of the Employment Committee, written by the legal director of a whistle-blower support NGO. The letter, obtained by EURACTIV, argues that Mark MacGann participating in a panel with a representative from Uber would leave him overly exposed and throw the Parliament’s support of whistle-blowers into doubt. Some lawmakers have also raised concerns about the hearing being organised precisely to discuss the Uber Files. Read more. Industrial strategy The GA is near. The Czech Presidency shared its second and potentially final compromise text on the Chips Act. The file is a top priority for Prague, which is aiming for a general approach at the Competitiveness Council on 1 December, following a COREPER green light at the end of November. However, before then, the Czechs still have some outstanding issues to address. The scope of the type of semiconductors covered by the Act has been controversial, with the definition of first-of-a-kind facilities being broadened to include several innovation elements. The formation of consortia is still sensitive for small member states, who see it as an administrative burden giving large member states an advantage. Pillar three remains highly sensitive, with the role of the member states further strengthened and additional safeguards included, for instance, by giving the concerned manufacturer the right to be heard before a priority order is issued. Whether automotive should be considered a critical sector might re-emerge at the political level. The budget, another contentious issue, is likely to land on the desk of the Swedish Presidency, as several member states are not happy that the funding is taken away from the Horizon and Digital Europe programmes. ITRE’s amendments. On Thursday, the European Parliament’s Committee on Industry, Research and Energy (ITRE) debated the draft report on the Chips Act by rapporteur Dan Nica. For pillar one, there is now a particular focus on quantum technologies and the importance of skills. Tom Berendsen from the EPP group suggested including photonics and manufacturing equipment to strengthen Europe’s position. For the most controversial pillar three on the mapping to prevent crises, the rapporteur added that the Commission should substantiate its requests for sensitive and confidential data and keep them to a minimum. A significant part of the debate was devoted to the question of budgeting, where multiple MEPs expressed their hope that the revision of the MFF would bring more clarity and funds. Many MEPs across party groups were pleased with clarifications, for instance, on the definition of ‘first-of-a-kind’, but lamented the delay of the file. All about the network. The Quantum Internet Alliance, led by the Netherlands-based technical university and quantum pioneer QuTech Delft, has kicked off its seven-year programme endorsed by the European Commission, aiming to collaboratively and innovatively build a quantum internet ecosystem ‘made in Europe’. Ultimately, the goal is to make the quantum internet available to everyone, which is why there is a strong focus on accelerating the transition from research to engineering, eventually bringing the technology to the market. The second goal is to create a platform for European quantum internet innovation that can transform these technological advancements into innovation. More here. Law enforcement An uphill battle. Commissioner for Home Affairs Ylva Johansson faced critical questions on Monday from EU lawmakers over her proposal to prevent and combat child sexual abuse material. While all speakers acknowledged the worsening issue of child abuse online, the debate again circled the controversial points of privacy, disproportionality and whether this legislation would benefit children or overwhelm law enforcement. The proposed rules would allow court orders to require providers of end-to-end encrypted communication services, such as WhatsApp and Signal, to detect and report child pornography to law enforcement. Read here. Independence removed. The Czech Presidency completely removed the provisions mandating the independence of the national authorities, including the fact that the authorities should not be subject to direct or indirect external influences, in a new compromise dated 12 October and seen by EURACTIV. The requirement for member states to set up the competent authority has been extended from two to six months from the regulation’s entry into force. The role of the EU Centre has been downsized from verifying to simply providing an opinion on the possibility of issuing detection orders, removal orders and delisting orders. Moreover, the EU body would also be called on to advise detection orders’ effectiveness, but not removal orders. More time needed. The political trilogue meant to seal a deal on the e-Evidence package was postponed upon the Czech Presidency’s request. Member states have asked the Czechs to discuss the controversial points raised during the French Presidency, EURACTIV was told. No new date has been set yet. Media Media innovators. Fourteen projects are set to explore innovation in the media sector as the Stars4Media NEWS programme got underway this week. The winning projects, selected from 48 applications, will kick off with four months of financial support and expert coaching as they explore transformation in newsroom and media sector business models. The nine most successful projects will work to implement their plans in the second phase of the programme. This year’s cohort also includes five projects linked in some way to Eastern Europe as part of a focus on boosting cross-border cooperation and tackling disinformation in the context of the war against Ukraine. Read more. Cross-language platform. The EU’s recently-published Media Freedom Act focuses on safeguarding public service media. Still, outlets are also turning to in-house innovation to bolster their operations and tackle wider issues affecting Europe’s media sector. A tool recently launched by the European Broadcasting Union seeks to do so by allowing news agencies to view, translate and share each other’s content as a means of strengthening cross-border understanding and, as part of the Stars4Media NEWS programme, the Finnish news agency STT is set to develop a platform to provide clients with real-time updates about what content will soon be available to them. Read more. The lawmaker’s view. Given the sector’s centrality to democracy, it is concerning to face so many challenges. Ensuring outlets’ financial security is vital to protecting independence and pluralism, Chair of the Parliament’s CULT committee, Sabine Verheyen, told EURACTIV this week. However, she added that she has significant concerns about the Commission’s recently-released Media Freedom Act, particularly the power it would hand to a new regulatory body, the European Board for Media Services. Read more. BBC’s first century. The BBC will mark its centenary next month, looking back at 100 years of influential national and global operation spanning news, entertainment and drama. The outlet has, in recent years, received substantial criticism in terms of its coverage and impartiality and has been targeted by the UK’s current government, which has sought to scrap the license fee that funds it as a public broadcaster. Despite allegations of its being a “legacy media”, the outlet has also seen significant innovation in content and format. Read more. Platforms MEPs against astroturfing. Three social-democrat lawmakers have submitted nine complaints to the Transparency Register over the alleged “impersonation” of SME representatives by groups lobbying on behalf of Big Tech during negotiations on the DMA and DSA. Paul Tang, Christel Schaldemose and René Repasi say that they engaged “in good faith” with groups from all sides of the debate but learned later that these particular organisations were not included in the transparency register and that their funding had come from elsewhere. The companies concerned are Connected Commerce Council, Amazon, Meta, Google, SME Connect, Allied for Startups, CCIA and IAB Europe. The MEPs have also written to officials at Meta’s European headquarters in Dublin to follow up on earlier conversations about the issue and determine whether the company had contact with these groups or was involved in their efforts. Suspected cartel. Facebook allegedly conspired with OnlyFans to blacklist rival websites in a case of collaboration that is now the centre of a US lawsuit. Adult website FanCentro is suing OnlyFans for what it says was the company’s partnership with Facebook to disable the accounts of adult performers whose content was hosted on rival platforms by placing their names on a database of extremist material run by the Global Internet Forum to Counter Terrorism and used by major online players to flag dangerous material. The claims have “no merit”, according to OnlyFans. Product liability PLD & AILD first steps. The Product Liability Directive and AI Liability Directive have been assigned to the Civil Law Working Party in the EU Council. In the Parliament, JURI is likely to take the lead on the AI directive, with the EPP’s Axel Voss determined to get the rapporteurship. The PLD will most probably land in IMCO, although the decision has not been taken yet. DG GROW has organised a webinar to explain the PLD next Thursday. Space ITRE’s position adopted. The European Parliament’s Committee on Industry, Research and Energy (ITRE) adopted its report on the secure connectivity programme for 2023-2027 on Thursday, emphasising a swift implementation and minimised environmental impact. The Commission presented the plans for secure satellite communications in mid-February 2022, aiming to cut the EU’s dependence on foreign companies and to protect critical communications services and surveillance data amidst growing concerns over Russian or Chinese military advances in outer space. The first trilogue is planned for 27 October, and the rapporteur, Christophe Grudler from the Renew group, is confident that the text can be concluded under the Czech Presidency before the end of this year. More here. Whines of a billionaire. Elon Musk has warned that Space X may stop funding the Starlink satellite service, which has proved critical to military communication in Ukraine as traditional infrastructure networks have been destroyed in the conflict. The warning comes after Musk presented his plan for a peace settlement that many saw as too lenient to Russia, which prompted a top Ukrainian diplomat to diplomatically ask him to f*** off. Musk said his company is not in a position to continue funding the programme indefinitely, which he said could cost Space X more than $100 million by the end of the year, and that the US military would instead need to take over. Almost 20,000 terminals have been donated so far, a large part of which was already paid for by the US and their allies. In July, the Ukrainian government asked for 8,000 more, emphasising their centrality in the conflict. Their withdrawal could cause significant issues for Ukraine, highlighting the complications of private companies being centrally involved in deploying wartime infrastructure. Telecom EU’s move into the Arctic. The Commission is contemplating whether to fund a fibre optic cable connecting Europe to Asia via the Arctic, EURACTIV has learned. The Far North Fiber project, run by a Finnish-Alaskan consortium, would see a cable connecting Scandinavia and Ireland to Japan via Greenland, Canada and Alaska. It would be Europe’s first connection with Asia avoiding the Suez Channel, a worrisome bottleneck point. The plan fits in a broader militarisation of the Arctic, a region increasingly becoming the setting for power games by world powers as the glaciers melt. It is also where one of the main stations of Galileo, the EU’s satellite programme, is placed. The only undersea cable to this area was damaged in January in what is deemed deliberate sabotage by Russia. Meanwhile, France plans to scale up its deep-sea capacity precisely to safeguard underwater infrastructure. Read more. Twin transitions Speeding the transitions. Digital technologies are vital in ensuring sustainability, and tools such as digital twins, paired with approaches including expanded data sharing and upgrading ICT infrastructure, can play critical roles, according to a paper on the Digitally Enabled Green Transition, released by the European Round Table for Industry (ERT). Standing in the way, however, the ERT concludes, are a lack of clear standards, inadequate incentivising of investment in the twin transition by the EU sustainable finance taxonomy, and the need for greater emphasis on cybersecurity and remaining skills siloes. What else we’re reading this week: This Is Life in the Metaverse (New York Times) Cutting off Europe? A Look at How the Continent Connects to the World (TeleGeography) Laura Kabelka contributed to the reporting. [Edited by Alice Taylor] Read more with Euractiv EU eyes Arctic internet cable to connect Europe to Asia via AlaskaThe European Commission is considering financing a fibre optic cable to connect Europe to Asia via the Arctic and avoid existing choke points, two EU officials familiar with the matter told EURACTIV under the condition of anonymity.