Hey there, tech policy geeks!
The perhaps last “digital” legislative file that made it across the finishing line ahead of the EU elections is on cyberviolence against women.
The Child Sexual Abuse Materials regulation remains stuck.
The AI Liability Act will remain on the next parliament’s to-do list.
On another level, the Council of Europe in Strasbourg adopted its Anti-Slapp Recommendation.
On yet another level, Italy is fighting puzzle makers.
Read on!
Dimi
=== Cyberviolence Against Women ===
Last week the European Parliament approved the first ever EU rules explicitly aimed at combating violence against women and domestic violence https://www.europarl.europa.eu/doceo/document/A-9-2023-0234-AM-298-298_EN.pdf. It took years for the file to inch across the finishing line, but the majority was rock solid: 522 in favour, 27 against, and 72 abstentions.
—
The Directive requires all Member States to criminalise certain acts in their national laws. Among them are the intentional and non-consensual sharing of intimate or manipulated material (e.g. revenge porn, nude deep fakes, images of genitalia), cyberstalking (“repeatedly or continuously placing a person under surveillance, without that person’s consent or a legal authorisation”), cyber harassment (“repeatedly or continuously engaging in threatening conduct directed at a person, at least where such conduct involves threats to commit criminal offences”), and cyber incitement to violence or hatred.
—
All these criminal offences must be punishable across EU countries by a maximum term of imprisonment of at least one year. Service providers will have to comply with relevant content removal orders under this legislation, but will also have the explicit right to an effective judicial remedy, including challenging an order before the courts of the Member State of the competent authority that issued the order.
—
Don’t hold your horses, though. Member States will have until 2027 to transpose the rules.
===AI Act ===
The European Parliament formally adopted https://www.europarl.europa.eu/doceo/document/TA-9-2024-0138_EN.html the Artificial Intelligence Act.
===Files That Didn’t Make It===
Spare a thought for the Child Sexual Abuse Matrials file https://oeil.secure.europarl.europa.eu/oeil/popups/ficheprocedure.do?reference=2022/0155(COD)&l=en, which remains stuck in Council. The Belgian Council Presidency made a last ditch effort to find a compromise by keeping end-to-end encryption apps in scope, but providing some safeguards against the scanning of encrypted data. This was criticised by both sides - children groups and by privacy activists. It also didn’t get enough support in the Council itself.
—
The AI Liability Act https://www.europarl.europa.eu/RegData/etudes/BRIE/2023/739342/EPRS_BRI(2023)739342_EN.pdf, an often overlooked piece of the software liability puzzle, didn’t get anywhere this mandate. The Cyber Resilience Act (which included liability on FOSS) and the AI Act simply sucked up all the political energy. Its rapporteur, German conservative Axel Voss, who is very likely to get reelected, has stated that he intends to move on with it after the elections. He said this after stating that the EU regulates technology way too much. Well, perhaps just a little more then.
===Anti-SLAPPs Recommendation ===
The Council of Europe (NB: the Strasbourg-based international organisation) has adopted its Recommendation on countering the use of strategic lawsuits against public participation https://rm.coe.int/0900001680af2805 (SLAPPs).
—
Articles 18 and 19 may be of particular importance to many Wikimedians. They address the cases where a claimant seeks to force the disclosure of the identity of the defendant whose participation has been done anonymously or under a pseudonym and call on Member States to protect such identities and limit disclosures.
===France: SREN Bill ===
After many, many delays, some of them caused by European Commission notifications, French lawmakers passed the country’s latest “flagship digital bill” (ahem). The pretext for it was to transpose the latest bunch of EU law (Digital Services Act, Digital Markets Act, Data Act). France being France however, the legislators couldn't resist going way beyond that remit and attached all sorts of ideas to it. Hence the lofty title “loi visant à sécuriser l'espace numérique” (loi SREN https://www.legifrance.gouv.fr/dossierlegislatif/JORFDOLE000047533100/).
—
French users are supposed to experience a safer digital space by a set of new provisions. Pornographic websites established in France or outside of the EU can be blocked if they don’t check user age. Cyberbullies and hate spreaders will face bans on services for up to six months. Online platforms that don’t comply with the obligation to suspend such users and block them from registering a new account face fines. Obligations that seem impossible to comply with while also respecting other fundamental rights.
—
The law is already being challenged in front of the Constitutional Court by several parliamentary groups. The European Commission, which needs to be notified https://technical-regulation-information-system.ec.europa.eu/en/notification/25785 about such laws, may also further delay or challenge it. Wikimédia France and Wikimedia Foundation are working together on this. Our main grievances didn’t change https://medium.com/wikimedia-policy/wikipedia-will-be-harmed-by-frances-proposed-sren-bill-legislators-should-avoid-unintended-45d46a4b773c since last November.
===Poland: DSA Action===
Poland is moving ahead with its Digital Services Act implementation. Our Polish community (Maciej, Szymon) is engaging in the process. Read their translated submission https://drive.google.com/file/d/1DuVB58LBo5wqSg5vmL39owBEqtW0lpqQ/view?usp=sharing here. Interestingly, the Polish legislator seems keen on the idea of having three regulators responsible for the DSA: Office of Electronic Communications (telecoms regulator) will be in the lead, but may hand over cases to the Office of Competition and Consumer Protection or Office of Personal Data Protection, if it decides.
===Deep Dive: Italian Cultural Heritage Code and European Courts===
Ever since the 2019 Copyright in the Digital Single Market Directive made it clear that you can’t claim new copyright or related rights when digitising a public domain work, Italy has been eager to find a way around this. The Italian Cultural Heritage Code essentially imposes an administrative fee on every re-use of public domain material owned by Italy. There have been legal battles between Italy and Netflix over Michelangelo’s David https://www.theglobeandmail.com/world/video-the-fight-for-davids-image-italy-tries-to-protect-its-cultural/, between Italy and Jean Paul Gaultlier over Boticelli images https://www.theguardian.com/world/2022/oct/10/uffizi-galleries-sue-jean-paul-gaultier-over-use-of-botticelli-images, and between Italy and German puzzle maker Ravensburger over the Virtuvian Man https://www.nytimes.com/2024/04/10/world/europe/vitruvian-man-puzzle-leonardo-da-vinci-ravensburger.html. Many exciting questions about territoriality and the interplay between copyright, related rights and administrative laws here. In our opinion this will end up in front of the Court of Justice of the EU eventually. In the meanwhile we can highly recommend a Communia blog article https://communia-association.org/2024/04/29/the-eu-imperative-to-a-free-public-domain-the-case-of-italian-cultural-heritage/ by Guilia Dore and Guilia Priora on this issue.
===END===
publicpolicy@lists.wikimedia.org