Our Perspectives for an Open, Transparent and Fair Internet for All Citizens' Rights and Business Environment beyond 2014
Over the last few years issues such as search and net neutrality, online advertising, protection of intellectual property rights, data protection issues especially related to social networks, cloud computing, profiling and privacy, cybercrime, the security of the internet, espionage etc., have become of utmost importance to every single Internet user.
The Internet is a multi-faceted economic and social space. Its extremely fast development has created a world of new possibilities. At the same time it has created new challenges for businesses, citizens and states. The Internet has become the central nervous system of the worldwide information society. Tablets, mobile phones, smartphones and many other devices are constantly transforming the way we access and use information and communicate. These developments are so profound that they need to be closely monitored by politics in order to be able to address new developments as quickly as possible for two reasons: Establishing a business environment that creates opportunities and safeguards fair competition on the one hand; securing citizen's rights and allow users to fully benefit from the advantages of an open, transparent and fair internet on the other.
A new and elaborated EU Internet strategy for the time after the next European elections in 2014 is needed. The EU will have to shape a common strategy as important decisions will have to be taken on EU level as well as on international level. Otherwise the EU will miss essential steps toward economic growth in a new era of internet. Guaranteeing freedom of expression, a free flow of information and access for everyone as well as taking care of individual rights and business will remain the benchmarks of our EPP approach.
For the EPP Group there are three main political issues to be focussed on during the next legislative term of the European Parliament from 2014 to 2019:
- 1. The Internet must be transparent and safe.
- 2. The Internet must be open and competitive.
- 3. The Internet must be fair and inclusive.
I. The Internet must be transparent and safe
In the offline world it is a common procedure to set rules for all stakeholders involved. Consumers generally know what they can expect from certain forms of behaviour in the market, while companies generally know how far they can go in their struggle to make business. In the online world things sometimes appear to be slightly different. Without knowing rules, traps, consequences and risks consumers generally want to use the Internet in the broadest possible way: the Internet should be for free, it should be attractive, innovative, up to date, quick, anonymous, communicative, it should provide for cheap & swift shopping alternatives, it should be a virtual market place, a job provider and much more. At the same time the majority of Internet users expect an open Internet with high standards of data protection and safe to be used.
Data protection rules which enable business and protect the individual
The main currency in the online world, which satisfies to a large extent the above mentioned expectations by the users, is personal data. According to Article 8 of the Charter of Fundamental Rights of the European Union, data protection is a fundamental right and all EU policies should aim at protecting and enforcing this right. The European Commission submitted a proposal to the EU legislator in order to update the existing legal framework to the online world. The European Parliament managed to achieve a broad consensus on the outline of this review. However, Member States did not manage to agree on the requisite revision of the EU data protection framework. Until now national considerations are still blocking the much needed modernisation of rules and the creation of a true single market in that area. The successful conclusion of this reform is a top priority for the new legislative term. The EPP has been in the driving seat of this process and will do everything necessary to reach a successful conclusion.
From an EPP Group point of view a final agreement on data protection rules must enshrine a fair balance between effective protection of users' data and allowing successful economic activity on the Internet. The user must be enabled to know about dangers and decide on access and use of his data. One problem of the current data protection regime is the lack of enforcement and dissuasive penalties; the reform now needs to address these shortcomings: enforcement must take place and competences in that sense must be precisely allocated. The consumer / user must need to know whom to turn to in case his right to data protection is violated. The one-stop-shop system is therefore a cornerstone of the data protection reform.
Data protection must prevent the user from becoming "transparent"
New services, e.g. analytic services, allow the owner of a website to get detailed statistics on the visitors of their website and provide them with an analysis of the activities of the visitor. For these purposes, IP addresses of visitors are analysed and transferred. The ongoing struggle between European data protection authorities and big Internet service providers, mainly search engines, show that the scene is far from being settled. The surveillance of search behaviour, its analysis and the interlinking of services allow for data control in extraordinary volumes.
There is a strong need to find the balance between the business interests of influential Internet players – and European SME's being part of that business model – on the one hand and consumers' interest on the other hand. Both are interested in better and more targeted services. But no matter what: The misuse of users' data must under all circumstances be prohibited. Browsing history and search results are personal data and must not be used without the user's prior and informed agreement.
Tackling the challenges to EU data protection standards by third countries
EU standards must apply to all data collected within the EU, even if these data are stored or processed outside of the EU. With regard to the protection of users in the Internet, the EU and its Member States have to double their efforts, and if necessary their pressure on third countries, to enable controls and checks to verify the respect of EU data protection rules by all business being active on the EU market. Recent reports on US NSA collecting data of EU citizens reveal the need to include in the Data Protection Regulation an "anti-net tapping clause” by establishing an obligation for companies to inform their customers in case of data sharing with public authorities.
Review Safe Harbour to enable EU controls
One of the existing pillars of an international system, the Safe Harbour scheme, ensuring that US Internet business is considered being in compliance with EU data protection rules, is in urgent need to be revised as it seems to create an imbalance in data protection obligations for EU enterprises and US-based enterprises. The aim of that scheme was to ensure that US business protect data of EU citizens in the same way as business within the EU. A thorough analysis of the practice shows that the agreement did not fulfil the expectations. Controls and checks by EU data protection authorities are needed to enable the EU to maintain the scheme. As a matter of urgency the Safe Harbour scheme should therefore be replaced by a revised scheme in order to allow for checks and controls by EU authorities.
Fighting economic espionage
The protection of citizens also requires that the EU fights against espionage, regardless by which country it is undertaken and for which purposes it is done. The fight against terrorism and the fight against international organised crime are subject to cooperation between EU, Member States and third countries. The EU and its Member States are reliable partners in the quest for a safer world. This means that there is no justification for spying EU citizens. Economic espionage must not be neglected, as it does not only infringe EU citizens' rights, but it harms our economy. Therefore enhancing cyber security must be on top of the agenda.
The EPP Group believes that the cyber security framework for the EU should be based on two principles - efficiency and trust: efficiency of legal measures and trust of market operators and public authorities in the framework and communication channels with regard to incident notifications and early warning alerts. One element could be to strengthen the European Internet Safety Agency (ENISA). Structure and mandate should be amended according to the most up-to-date requirements.
Setting EU standards for secure Cloud Computing
Outsourcing through cloud computing helps businesses and users save money and gain flexibility. The promising economic and commercial prospects of cloud computing need to be fully acknowledged and supported as an opportunity to re-launch the European economy. The EPP Group therefore calls for a European Cloud Computing Strategy 2014 - 2019; this would not mean the setting up of a publicly financed second infrastructure. We rather aim for a set of legal and technical standards to enable providers to offer secure services to their customers.
These legal and technical standards should focus on three elements: The cloud must be technically reliable and resilient. This means that there must be a minimum number of backup positions to prevent the loss of data in case of a harmful event. Secondly, the cloud must be secure. It must provide for a liability scheme and technical standards (e.g. the digital signature), including authorisation and certification schemes. There are technical possibilities to ensure that a cloud is secure against viruses and other cyber-attacks, yet, we need to oblige providers to make use of these technical possibilities. Thirdly, the cloud must be designed in a way that European users' data are protected according to the interoperable standards. The EU has been a leader in data protection since the 1990s and should turn that into a competitive advantage for a future market of cloud services.
II. The Internet must be open and competitive
At high speed, the online world is undergoing similar developments the offline world went through already years ago. Direct links between enterprises and consumers, both active on the Internet, start being channelled by Internet giants; the latter acquiring business beyond their initial business models and developing into integrated concerns, covering search, communication, purchase, services etc.
The EU has to guarantee fair competition in this emerging online market. More transparency will create more choice for consumers and will allow for the co-existence of both business models, the “Internet marketplace” where individual offers are available for consumers, as well as “Internet shopping malls”, where synergies are created by grouping services. For the EPP Group the major elements for keeping the Internet an open and competitive space are the preservation of search neutrality, net neutrality, the application of competition law and the stimulation of competitive new business models.
Search neutrality – non-discriminatory and transparent
Search engines and social networks generally have a positive impact on consumers and users in terms of online information. But the concentration on a very limited number of search engines have created the risk that these act as the Internet's gatekeepers due to their ability to direct users to websites and due to the inherent bias of ranking of search results. By basing their search on designed algorithms, which can potentially favour some websites and fail to include others, they are capable of determining the information users access online. In this way, they can create obstacles to market entry and thus deprive business and users of new opportunities. This is particularly the case when search engines do not only offer search services but use their platforms for distributing their own products or services.
Based on the search queries of their users, it is of paramount importance to ensure that search engines provide access to the relevant content as comprehensively as possible. Therefore EU competition law must be strictly applied. In this context, there is a need to have a close look, in particular, on the interlinking of services. Interlinking per se does not constitute anti-competitive behaviour but there is large potential for abuse. Any abuse has to be prevented in order to keep the Internet search non-discriminatory, to ensure more choice and competition and to maintain the diversity of sources of information. Therefore the EPP Group requests that algorithms must be the same, for own content as for third party content; indexation, evaluation, presentation and sanctions by search engines must be non-discriminatory and transparent. For interlinked services search engines must guarantee full transparency when showing search results.
Open Internet – open access for everybody
Much of the success of the Internet is due to the openness of the Internet as a platform, providing low barriers to entry and fertile ground for competiveness and innovation, in particular for the development of new content and applications. The EPP Group wants to protect the users' freedom to access and distribute content, to promote competition (including in the delivery of content), and to promote innovation, media pluralism and cultural diversity in Europe.
The increased use of tablets and smartphones starts putting an enormous strain on mobile networks demanding a lot of bandwidth. For the EPP Group, the principle of net neutrality is the guarantee that traffic on the open Internet is treated equally, without discrimination, restriction or interference, independent of its source/destination, content or device, service or application. It provides a level playing field for all actors in the web and is a fundamental characteristic of the free and open Internet. The EPP Group understands net neutrality as the fundamental principle which preserves the neutral transmission of data thereby banning anti-competitive blocking or slowing down, degrading or discriminating against content, application and services.
On the other hand, it is the EPP's view that net neutrality allows for different services to be offered to users according to their needs. A fair balance needs to be defended between the “open Internet access” where the transparency and non-discrimination principles are ensured but, at the same time, the market is allowed to continue the development of new innovative products, such as the “specialized services” (ex. IPTV), meeting existing demand and anticipating future ones.
As a consequence, the EPP Group advocates on one side that consumers are free to access and distribute information and content of their choice, no matter the applications, services or terminal used and the location, origin and destination. But simultaneously, on the other side, operators are free to offer specialized services in cases where the network capacity is sufficient and not in material detriment of the availability/quality of Internet access services and not discriminating between competing services.
In any case, traffic management measures ought to be restricted and permitted only if transparent, non-discriminatory, proportionate and necessary in a close list of restricted cases (i.e. a court order, integrity/security of the network).
Clarity with regard to technical characteristics of services
Internet service providers (ISPs) often do not provide consumers with the actual speeds of their connection versus the advertised speeds. ISPs should only be allowed to advertise with the minimum speed they can provide for, not the maximum speed. The relevant technical, commercial and quality characteristics for different service offerings must be described in a clear, concise and understandable way. The basic information package should include details concerning speed, principles for traffic management employed by ISPs and prices for different services. The ban on misleading advertising must therefore be coherently enforced.
The future of audiovisual media online
In the traditional telecoms sector the distribution of specified content is subject to must carry rules, thus ensuring access for users (Universal Service Directive). Findability and access to audiovisual goods and services aimed at the general public are becoming key factors in a converged media landscape. Net neutrality guarantees the non-discriminatory access to and transmission of all audiovisual content and represents a key element. In addition, the must-be-found principle complements the net neutrality principle and is a safeguard for media pluralism. The EPP Group therefore advocates to avoid bottlenecks, e.g. with regard to the provision of applications. A suitable framework for audiovisual content online without hampering competition and the development of new business models is needed.
Mobile broadband – optimizing the use of spectrum
The EU, due to the fact that Member States dispose of spectrum capacities, risks being trapped in a broadband squeeze caused by increasing use of tablets and smartphones. Although some broadband capacities could be set free, there is still the decision to be taken how much bandwidth can be put at the disposal of mobile Internet and how much should be preserved for widely used existing services like Digital Terrestrial Television (DTT) or culturally important services (traditional use, e.g. television.) Therefore spectral efficiency is a key issue for the development of mobile broadband. We believe in the importance of ensuring the continuity and further development of digital terrestrial broadcasting technology in Europe. DTT as a powerful wireless technology will remain an essential part of the digital distribution landscape. It should continue to be used for transmitting data-intensive audiovisual content because it can help ensuring effective mobile broadband availability in future.
There is an urgent need to address this question on EU level if the EU wants to keep its technological advantage. The EPP Group wants to provide Europeans with faster, cheaper services and more overall connectivity, especially in less densely populated areas, and calls for a Joint EU Strategy on Mobile Broadband to enable investments in the sector by operators, so that networks keep up with the growth of data flows.
Updating the Intellectual Property Rights infrastructure
To date, the economic potential of the EU IP infrastructure is not fully appreciated. The role of Intellectual Property Rights (IPR) is sometimes questioned and criticized as an obstacle to growth. However, there is an evidence-based economic reason to underpin IPR. In today’s modern economy, business relies on different forms of IPR successively or in parallel in their economic activity and business cycle, from creation and R&D to marketing. They therefore need an optimal, economically efficient and coherent ‘Intellectual Property infrastructure’. This ‘IPR infrastructure’ spans the legal recognition, registration, exploitation and enforcement of IPR.
We need to modernize the IPR legal framework into a balanced and evidence based up-date of the copyright system. Protection of Intellectual Property Rights (IPR) is one of the pillars of the economic use of the Internet and a prerequisite of the digital economy in the EU. It is also a major challenge for the creative and innovative industries and for the press. The key challenge for the future successful growth of the digital arena, including e-commerce, is to ensure that consumers and businesses trust the online environment. For the digital single market to become a reality trust in the digital environment is a backbone of this single market.
Today, copyright protected works are illegally available on the Internet. Trademark law also suffers from certain Internet practices. Piracy is also a key concern, e.g. for App developers. The development of a single market in the online environment is impeded by the same threat that IPR infringements represent to physical goods (counterfeited and pirated products sold online) and digital works (piracy). In this respect, the modernisation of copyright in the online world is of a crucial importance.
A major step has already been achieved by the adoption of the Directive on the Collective Management of Copyright. The directive will improve the governance and transparency of collecting societies through stricter rules on reporting obligations but also enhance rightholders’ control over their activities. On the other hand it will create a genuine digital single market for musical works. The EPP Group calls for a swift implementation into national law. The EU copyright system should promote the efficient functioning of value chains between creators and users. Firstly a true Single Digital Market cannot accept unjustified territorial restrictions. Users should be able to access the services they want to watch or listen to independent of their location. At the same time sufficient reward must be generated to give incentives to creation and cultural diversity: For these purposes solid and clearly circumscribed exclusive rights that respond to the shifting patterns of consumption habits (from download to access) must be clearly defined. The EPP Group therefore calls for a long-term discussion on the development of a more efficient and up-to-date approach to the current system of private copying levies that takes suitable account of the developments in the online world. There is also an urgent need to assess the current exceptions and limitations within the legal framework, in particular for public policy objectives such as education or equal access for handicapped people.
Copyright must be an “enabler” for the Digital Single Market. The European Union should take an evidence-based approach, remedy any proven shortcomings of the current legislative framework and focus on market driven solutions. The objective should be to put in place flexible, business and consumer friendly licensing schemes for copyrighted works. This approach guarantees a fair remuneration for our artists and creators and benefits to European researchers, cultural institutions and companies by introducing flexibility to the use of copyrighted works.
Avoid abuse of IPR enforcement, but combat infringements on commercial scale
There is also a need for reviewing enforcement tools. A fair financial participation of artists and performers in the successful exploitation of their creations should be ensured. The objective therefore must be to adjust the IPR infrastructure of the Internal Market so that it allows creators and inventors established in the EU to reap appropriate returns and results in welfare-enhancing innovation for EU citizens. By having a modern IPR infrastructure the EU can attract and invest in creative and innovative talent, which is the very source of growth and sustainable employment for the EU’s knowledge based economy.
With regard to civil enforcement of IPR some areas of the enforcement of IPR infrastructure need adjustment. The review of existing IPR civil enforcement procedures should prevent their abuse for such purposes that undermine the economic performance of the IPR infrastructure. Since voluntary agreements and dialogues between stakeholders have not lead to any solutions, the EU must adopt a comprehensive legal framework addressing the enforcement of IPR to tackle commercial infringements online.
III. The Internet must be fair and inclusive
The Internet already is a major communication tool and will become an even more dominant part of our lives as far as communication, information, teaching, access to services and purchase of goods are concerned. The use of these facilities is therefore becoming an indispensable part of our daily life. It is therefore a political obligation to keep the Internet fair and inclusive so that all users can benefit from its advantages and options. Social networks need to be safe and must respect data protection rules; access to information and culture via the Internet must be inclusive and enable quality offers.
Social networks must respect EU law
Social networks are not only mere platforms where users can enter into communication and share information: they also bring people together, create new interpersonal relationships and therefore present a cultural and societal dimension. In particular young people recklessly disclose personal information in social networks and carelessly post photographs visible for all their social network friends. As fascinating as this new opportunity of communication is, these networks also raise a number of questions with regard to the creation of an identity in the net without any evidence, privacy controls, protection of minors, and data ownership.
Based on the personal information users disclose online, in combination with data tracing users' actions and interactions with other users, an informative profile of that person's interests and activities can be created. This can then be used by third parties for a variety of purposes, such as commercial purposes or spying. It may even pose major risks such as identity theft, financial loss, and physical or mental harm.
Social networks must inform users about the purpose and different ways in which they intend to process members' data. A link to this information should be visibly incorporated onto each social network's website. This information must explain in an easily understandable way what kind of data is being processed, for what purpose, what kind of tools are used and if it is transferred to third parties. Guarantees should be presented to users regarding the use of their data and the social networks' overall policies.
Social networks must be obliged to incorporate privacy-friendly default settings. From the beginning, each new account registration should implement the highest security standards which can then be lowered by the user. A complaint facility should be made obligatory for every social network site to serve members in case of data protection issues.
Since users and not platforms or networks are the owners of personal information they must be in full control of the information, data and images they provide, including the right to delete this information. In addition more efforts must be made by both social networks and the EU and its Member States to educate citizens about privacy risks. Social networks must provide adequate warnings to members about privacy risks and data protection rights when uploading information online. Given that the general public is often unaware of issues surrounding the use of personal data and the tools available for addressing them, information campaigns must be launched and education material be produced to inform Internet users about the technologies available to manage traces left in the web, and on how to protect their privacy.
Behavioural advertising has its limits
Behavioural online advertising involves the observation of users' online activity by collecting information about when they access the web and what websites they visit. Based on this information advertising network providers can create profiles over time in order to provide users with advertisements matching their interests.
Although there should be no general ban on profiling, there have to be clear limits. First and foremost, all actors engaged in online behavioural advertising need to comply with the provisions of the EU data protection framework. The new data protection legal framework must ensure that practices of data profiling are forbidden. Automated processing should be duly regulated in order to avoid abuses or discrimination. However, one has to acknowledge that it may also be beneficial to consumers e.g. by enabling well-targeted offers. Furthermore, the new data protection framework should oblige commercial actors to inform consumers about practices associated with behavioural advertising in a transparent way. This information should be displayed directly and visibly on the screen.
Cookies must support the consumer, not spy on him
Localisation services: On request only
For consumers, localisation privacy is an issue that needs to be addressed as users are weaving localisation-based services into every aspect of their daily-lives. Localisation services enhance personal and professional productivity (i.e. geo-searching apps), but create information that is potentially dangerous (i.e. geo-tagging). Therefore localisation services should be made available to the consumer only on his explicit request and informing him about the storage and use of the data collected.
Many different types of stakeholders have a role in defining and carrying out Internet governance activities: Businesses, states and international organisations; the Internet Society has always been an active leader in such discussions as well. Today the Internet is governed by a set of different organisations that are in charge of defining norms and standards like the IAB (Internet Architecture Board), the W3C (World Wide Web Consortium), IETF (Internet Engineering Task Force). The Internet Corporation for Assigned Names and Numbers (ICANN), having the responsibility of maintaining the ‘root’ of the Internet by managing the primary domains called the top level domains and also to define the IP addresses and port numbers that could be used, is among the most important. The EU, as a major part of the global market and one of the main legislators in the Internet must in the future play a more influential role in this governance, especially by a common representation of the EU in these international fora.
IV. EPP Group's Demands for the Internet of Tomorrow
Our Perspectives for an open, transparent and fair Internet for all, preserving citizens' rights and enabling a business friendly environment beyond 2014 require that the EU shapes a common strategy for the upcoming legislative term from 2014 to 2019 as important decisions will have to be taken on EU level as well as on international level. Guaranteeing freedom of expression, a free flow of information and access for everyone as well as taking care of individual rights and business will remain the benchmarks of our EPP approach.
For the EPP Group there are three main political issues to be focussed on during the next legislative term of the European Parliament from 2014 to 2019:
- First: The Internet must be transparent and safe.
1. The EU needs data protection rules which enable business and protect the individual
The successful conclusion of the EU data protection reform is a top priority for the new legislative term. The fair balance between effective protection of user's data and modern rules allowing successful business are needed now.
2. We have to tackle the challenges to EU data protection standards by third countries
EU standards must apply to all data collected within the EU, even if these data are stored or processed outside the EU. The EU has to adopt an "anti-net tapping clause” by establishing an obligation for companies to inform their customers in case of data sharing with public authorities.
3. The Safe Harbour scheme must be replaced by a reviewed scheme to enable EU controls
Controls and checks by EU data protection authorities in third countries in order to verify that EU data protection standards are kept are needed to enable the EU to maintain the Safe Harbour scheme.
4. Fighting economic espionage
There is no justification for spying EU citizens. Enhancing cyber security must be on top of the agenda, inter alia by amending the mandate of the European Internet Safety Agency (ENISA).
5. The EU must set its own standards for secure Cloud Computing
The EPP Group calls for a European Cloud Computing Strategy 2014 - 2019. This set of legal and technical standards must enable providers to offer secure services to their customers.
- Second: The Internet must be open and competitive.
1. Internet search must be neutral, non-discriminatory and transparent
Market dominance and the increasing interlinking of services built up a large potential for abuse. Therefore algorithms must be the same for own content as well as for third party content.
2. The Open Internet must offer open access for everybody
Users' freedom to access and distribute content, to promote competition and innovation, media pluralism and cultural diversity in Europe must be preserved.
3. Mobile broadband needs have to be addressed by optimizing the use of spectrum
The EU needs a Joint EU Strategy on Mobile Broadband to enable investment in the sector by operators, so that networks keep up with the growth of data flows.
4. The Intellectual Property Rights infrastructure has to be updated
The IPR system has to be balanced and evidence based; it should enable users to access the services they want and to watch or listen to independent of their location. At the same time sufficient reward must be generated to give incentives to creation and cultural diversity.
5. There must be no abuse of IPR enforcement, but infringements on commercial scale must be combatted.
The IPR infrastructure has to be adjusted so that it allows creators and inventors established in the EU to reap appropriate returns and results in innovation for EU citizens.
- Third: The Internet must be fair and inclusive.
1. Social networks must respect EU law
Social networks must inform users about the purpose and different ways in which they intend to process members' data. They must be obliged to incorporate privacy-friendly default settings. Users must be in full control of the information, data and images they provide.
2. Limits to behavioural advertising must be clearly fixed
Although there should be no general ban on profiling, there have to be clear limits. Information on the collection and use of data should be displayed directly and visibly on the screen.
3. Cookies must support the consumer, not spy on him
Although cookies are in principle no threat to the security, automatic deletion after leaving a website, except if the consumer accepts the preservation of cookies for further use, should be the rule.
4. Localisation services must be made available on request only
Localisation services should be made available to the consumer only on his explicit request and informing him about the storage and use of the data collected.
5. Internet governance
The EU, as a major part of the global market and one of the main legislators in the internet must in the future play a more influential role in this governance, especially by a common representation of the EU in international fora.