We are all waiting for the Digital Services Act and the Digital Markets Act
- this legislative term’s cornerstone digital dossiers expected to
reshuffle the responsibilities of online platforms.
To pass the time, the Commission has published its proposal for a Data
Governance Act - a regulation that wants to open up European data for
business and research without relying on very large platforms collecting
data.
Meanwhile, the Terrorist Content Regulation is seemingly stuck in
trilogues.
This and previous reports on Meta-Wiki:
https://meta.wikimedia.org/wiki/EU_policy/Monitor
======
Data Governance Act
======
After getting shaky knees and postoping its publication three times, the
European Commision finally got around to share with the rest of the world a
proposal for a Regulation on European data governance, a.k.a. the Data
Governance Act. [1] No radical changes as compared to the leak we covered
in last month’s monitoring report [2], but bear with us for a basic
rundown.
---
The European Commission wants more European data (public, private and
personal) to be shared for the purposes of innovation, research and
business. It also wants to avoid a system where only a few large platforms
control all the data. It thus wants to create mechanisms and tools to get
there.
---
Public Sector Data: It creates a mechanism for re-using protected (e.g.
because of privacy rules, statistical confidentiality or IP) public sector
data. Public sector bodies are to establish secure environments where data
can be mined within the institution. Anonymised data could be provided
outside of the body if the re-use can’t happen within its infrastructure.
In case the data can’t be anonymised and can’t be processed within the
public body, there needs to be a legal basis under the GDPR for its
transmission outside of the public body (i.e. getting explicit consent from
all subjects). To help both private entities looking for data and public
sector bodies who need to provide it, governments are to designate one or
more competent bodies.
---
Commercial Data: The European Commission wants Member States to create a
notification regime (de facto a public registry) for “data sharing
providers”. Such organisations are meant to boost B2B data sharing by
acting as neutral clearinghouses for the data several companies share. They
must be an entity that has no other purpose and is either registered in the
EU or has a legal representative in one of the Member States.
---
“Data Altruism Organisations”: The Commission wants to establish a
possibility for organisations engaging in data altruism to register as
‘Data Altruism Organisation recognised in the EU’. As a real-life example
you may imagine a project gathering activity tracker data to research
COVID-19 syptoms. The label will come with rules and strings. Being a legal
entity constituted to meet objectives of general interest and operating on
a non-for-profit basis and independently from any for-profit entity. The
Commission will create a “common European data altruism consent form” by
which data subjects may share their personal data with such organisations
for a general interest goal. Data Altruism Organisations will also have to
be either established in the EU or have a legal representative within the
Union.
---
Lastly, a formal expert group - the *European Data Innovation Board* - will
be created which shall facilitate the emergence of best practices and
advise the Commission on standardisation and guidelines.
---
While there has been no outright opposition to the proposal, some
organisations defending privacy (AccessNow, noyb.eu) have raised concerns
that parts of this proposed Regulation overlap with the GDPR and we will
must be careful not to undermine its rules. The main point of debate
remains about the fact that the Commission wants to enshrine that personal
data can only be transferred out of the EU if adequate protection is
guaranteed. This comes very close to GDPR language (think of the struck
down EU-US agreements allowing data flows across the Atlantic). It is also
an open question as to how much the European legislator can restrict data
sharing without violating non-localisation principles written into trade
agreements. [3]
---
Special mention: The European Commission want public sector bodies to not
use the *sui generis database right*. The text reads: "The right of the
maker of a database [...] shall not be exercised by public sector bodies in
order to prevent the re-use of data or to restrict re-use beyond the limits
set by this Regulation." To my knowledge this might become the first time a
European legislator states that an existing IP protection should not be
used.
======
Terrorist Content Regulation
======
The German Presidency of the EU is on the roll with TERREG aiming at
closing this debate before the end of 2020. A general proposal [4] seems to
suggest that DE adopted a strategy of pushing the envelope further to make
EC proposals seem moderate in comparison. Notably, journalistic, artistic,
and research content is exempted, but only if a government or a platform
would recognise them as legitimate journalistic artistic or research
purposes (!). There are so many problems with introducing such mechanisms,
and we already have many examples on how "terrorist content" narrative
harms initiatives such as condemnation of claims made by terrorists and
leads to silencing journalists. We have it covered for you in this
analysis[5]. Specific measures are designed in a way that will coerce
platforms into using content filtering for terrorism, which is even more
difficult to execute than for copyright due to context.
There is still time to talk to your government and your MEPs about this:
ask them to push back and support the solutions that the European
Parliament has proposed back in 2019 as they overwhelmingly supported the
LIBE Report
======
Digital Services Act/Digital Markets Act
======
A huge dossier on rules and regulations covering online platforms that is
expected to span everything from content moderation to competition rules.
We have written about it in 10/10 monitoring reports this year. There is
little new in the books. We are waiting, along with everyone else, for the
Commission to publish its proposals on 9 December. In the meanwhile they
have cranked up their security to avoid leaks. [6].
We promise to be back on 10 December with a DSA/DMA special edition and in
the meantime we’ll spare you another round of “who said what”, as it is
mostly clear where the various stakeholder groups stand.
======
Copyright Reform - Article 17 Hearing in CJEU
======
When the Copyright in the Digital Single market Directive was passed in
Council, the Republic of Poland referred the case to the Court of Justice
of the EU, claiming Article 17 and its de facto provision for “upload
filters” violate EU law. A first hearing took place in Luxembourg and as
these aren’t streamed publicly, we sent Communia’s Paul Keller to take
notes: [7]
======
Guidelines for Civil Servants - Open Source in the Public Sector
======
After its “Think Open’’ communication whereby the Commission committed
itself to increase its use of open source technology [8], there are now
guidelines for civil servants, project managers, and IT officials looking
to engage with open source in the public sector. [9] These might come in
handy when we talk to public sector bodies about practicalities.
======
Austrian Hate Speech Law
======
A number of MEPs have asked the Commission to request Austria to postpone
its draft hate speech law [10], because it could lead to more fragmentation
in the single market. While there is nothing Brussels could do to force
Vienna to delay its plans, we have raised similar concerns with the
European Commision. It would be harmful to have different definitions of
platforms and rules that apply to each of them depending on Member State.
The so-called NetzDG wants to make platforms more responsible for and more
proactive in fighting offenses such as hate speech, coercion or stalking on
their services. [11]
======
French Terrorism Law
======
A French law that would ban sharing images or video of police officers
“with the aim of harm” passed the lower chamber of the national parliament.
Civil society organisations, including Amnesty International and Reporters
Without Borders, criticised the law for being extremely vague on the
definition’s side. On a very practical level the issue is that the person
who initially needs to assess whether the content is with malicious intent
and confiscate it is the police officer who is being filmed. [12]
======
END
======
[1]
https://ec.europa.eu/digital-single-market/en/news/proposal-regulation-euro…
[2]
https://lists.wikimedia.org/pipermail/publicpolicy/2020-October/002039.html
[3]
https://datainnovation.org/2020/11/why-the-european-commission-should-revis…
[4]https://www.politico.eu/wp-content/uploads/2020/11/German-prez-TERREG.pdf
[5]
https://medium.com/@wikimediapolicy/upside-down-should-all-content-be-deeme…
[
6]https://twitter.com/LauKaya/status/1333326141025816576
[7]
https://www.communia-association.org/2020/11/12/cjeu-hearing-polish-challen…
[8]
https://ec.europa.eu/info/news/european-commission-adopts-new-open-source-s…
[9]
https://joinup.ec.europa.eu/collection/open-source-observatory-osor/guideli…
[
10]https://twitter.com/PiratKolaja/status/1329033494169870338
[11]
https://edri.org/our-work/first-analysis-of-the-austrian-anti-hate-speech-l…
[12]http://www.assemblee-nationale.fr/dyn/15/dossiers/securite_globale1