The ‘von der Leyen’ Commission, which is scheduled to take office on 1 December, does not seem to be moving towards a new unified digital agenda compiling a multitude of projects, as was the case for the ‘Juncker’ Commission, which, by opening 16 projects, will have presented 30 legislative initiatives.
On the contrary, the European institution is expected to focus on a series of flagship initiatives such as those concerning online platforms, artificial intelligence, cybersecurity and technological sovereignty. A brief overview of the work in progress or planned.
DIGITAL SERVICES ACT
In her policy guidelines, the President-elect of the European Commission commits herself to present new legislation on digital services to “strengthen our liability and security rules for digital platforms, services and products” (see EUROPE 12297/1).
This flagship text is expected in the second half of 2020. During their hearing before the European Parliament, the candidate Commissioners suggested that this act - which will be prepared by the Directorates-General for Digital, Industry, Justice and Home Affairs - would not call into question the principle of limited liability established by the e-commerce directive.
Before the rejection of her candidacy as Internal Market Commissioner, Sylvie Goulard of France was more specific than Vice-President Margrethe Vestager on the issue: “I do not intend to question the principle that has been set by legislators on liability. That's not the goal, there's no plan to change that”, she said.
An expanded scope
So what is the purpose of this new act? According to several sources, the Head of Unit of the E-Commerce and Online Platforms Department at the European Commission (DG CONNECT), Werner Stengg, has publicly explained that he intends to extend the scope of the E-commerce Directive to cover actors in the collaborative economy, such as BlablaCar and AirBnB.
The new act would provide a set of minimum obligations, including those relating to the fight against cyberbullying and online hate speech. Unlike the current e-commerce directive, it would create a series of positive rather than negative obligations. Thus, instead of indicating under which conditions a host is exempt from liability, the act would establish the situations leading to liability. It would also clarify the rules on “notification” and “action”, following the public consultation conducted in 2018. A DG CONNECT document circulated last August referred to transparency obligations in areas such as content moderation and online political advertising.
In his speech, Werner Stengg also highlighted two other areas of work. On one hand, he mentioned provisions to strengthen cooperation with competent authorities, a kind of strengthening of the competence of national authorities (not necessarily a centralised body, even if the new platforms observatory could be used); on the other hand, he spoke of specific obligations for the major platforms based on their influence.
“Thorny” discussions in perspective
In her speech to the European Parliament (see EUROPE 12344/2), the candidate for Executive Vice-President for Digital, Margrethe Vestager, said she expected “difficult” discussions on this issue. In her view, the same issues that have arisen with copyright reform are likely to come to the fore again, namely the search for a balance between freedom of expression and the protection of rights holders (see EUROPE 12236/4).
She immediately clarified that she had no intention of reopening this issue. “I think it’s really important not to do that, otherwise we'd be wasting time again on the issue of ensuring that there’s remuneration for copyright holders”, she said.
It should be noted that Parliament is already planning to draft an own-initiative report on this issue.
ARTIFICIAL INTELLIGENCE
President-elect Ursula von der Leyen pledged to present “a legislative proposal for a coordinated European approach to the human and ethical implications of artificial intelligence” during the first 100 days of her mandate.
The hearings of the Commissioners-designate in Parliament have not revealed much about the substance of this initiative, which confirms rumours that this initiative will be relatively hollow.
Overall, the initiative will be based on the ethical principles identified by the High Level Expert Group on Artificial Intelligence, currently being evaluated by a series of professionals expected to submit their opinions by December 2019.
“The action plan will work to prioritise increased investment in R&D, develop the necessary key infrastructure and implement/update actions and investments already identified in the coordinated plan”, notes a DG CONNECT information document seen by EUROPE.
At this stage, it is not yet clear what will come next, but a series of issues have already been mentioned vaguely: - liability (bearing in mind that the Commission was expected to present product safety guidelines in mid-2019 following its assessment); - algorithmic transparency (and the question of black boxes); - the issue of facial recognition.
According to Politico, this initiative could foreground the idea of “data passports, which would cover the data sets and algorithms used in the training and decision-making process for artificial intelligence systems”.
During her speech before Parliament, Ms Vestager contended that the issue of bias in algorithms is one of the main issues to be resolved in order to ensure trustworthy technology. She stressed that “trust by design” is an important aspect for her.
CYBERSECURITY
It is in this spirit that the future Commission intends to address the topic of cybersecurity. The President-elect expressed her intention to launch a joint cybersecurity unit. "This would include the dimensions of ‘resilience’, ‘respect for the law’ and ‘defence’, in order to ensure stronger and more structured cooperation and a mechanism for mutual assistance in times of crisis at the EU level”, Sylvie Goulard specified in her written replies.
In a series of documents reviewed by EUROPE, DG CONNECT emphasises that this joint unit could build on the 2017 recommendation for a coordinated response to major cybersecurity incidents and crises. The documents also mention several tracks that could constitute a “strategy to ensure the cyber-resilience of critical infrastructure and cybersecurity in the design of ICT products and services”. They recall that the Network Security Directive (2016/1148) provides for a review report in May 2021 and that it may be appropriate to amend it. They also underline that the recent ‘Cybersecurity Act’ does not provide for horizontal risk coverage (whereas with the Internet of Things, everything is connected) and suggests establishing common criteria for cybersecurity from the design stage (either through co-regulation or through fully fledged legislation). Finally, they call for continued progress towards certification systems in priority areas (the Internet of Things, cloud computing, critical or high-risk applications, 5G, etc.), with more investment in ‘made in the EU’ solutions.
During her hearing, Sylvie Goulard specified that mandatory certification, demanded by Parliament during negotiations on the Cybersecurity Act (see EUROPE 12157/5), remains a possible option “in due time”.
ADVANCED TECHNOLOGIES
Technological sovereignty will a priori be one of the von der Leyen Commission’s keywords.
Mrs von der Leyen has already announced an initiative in this area, which will be part of a broader industrial strategy for the European Union. In her mission letter to Mrs Goulard, the President-elect wrote that she wants Europe to define standards for new technologies that are needed globally, namely blockchain, high-performance computing, algorithms and tools for sharing and using data.
“We have set the global rules for data protection, we should do it again for these technologies of the future”, Sylvie Goulard said at her first hearing (see EUROPE 12340/1).
DG CONNECT documents refer to the first half of 2020 for this initiative. They cite the following initiatives as examples: - establishing a secure and interoperable pan-European blockchain infrastructure; - setting up a European network of artificial intelligence facilities to support public services and industry and hardware components for data processing to guarantee the EU’s autonomy in edge computing and artificial intelligence applications.
GEO-BLOCKING
Geo-blocking is a project that is totally absent from the debate, but which is likely to make a lot of noise next year.
Regulation 2018/302 requires the Commission to examine, by 23 March 2020, the scope of the text and the need to extend it to “services provided by electronic means whose main characteristic is to provide access to works protected by copyright”.
In its preparatory documents, DG CONNECT suggests including the supply of goods in the EU within the scope of the Regulation and extending it to certain sectors such as transport or non-audiovisual online content, such as electronic books or online music.
ePRIVACY
Will the proposal for a Regulation on the confidentiality of electronic communications, which has been under discussion in the EU Council for several years, survive the change of Commission? A priori, yes.
While Mrs von der Leyen did not openly take a position on the issue, Margrethe Vestager expressed her support for this legislative initiative before Parliament (see EUROPE 12351/8). “I share with you the need to see this directive adopted”, she said, before indicating that she did not want the confidentiality rules to be automatically “decentralised” to the citizen. “I have rights, but one of my frustrations is how to enforce them without having to read tons of pages, which you end up not reading out of laziness”, she said.
DISINFORMATION
The Commission will have to decide on the way forward following the code of best practices adopted in September 2018 by representatives from online platforms, advertising and civil society (see EUROPE 12104/1). It may opt for a new communication announcing legislative initiatives, including on advertising for political purposes, unless this aspect is included in the act for digital services. (Original version in French by Sophie Petitjean)