A bumper crop of pending litigation and legislative initiatives for the coming year (without even thinking about Brexit).

EU copyright reform

  • The proposed Directive on Copyright in the Digital Single Market is currently embroiled in trialogue discussions between Commission, Council and Parliament. It continues to excite controversy over the publishers’ ancillary right and the clash between Article 13 and the ECommerce Directive’s intermediary liability provisions.
  • Political agreement was reached on 13 December 2018 to a Regulation extending the country of origin provisions of the Satellite and Cable Broadcasting Directive to online radio and news broadcasts. Formal approval of a definitive text should follow in due course.

EU online business: The European Commission has proposed a Regulation on promoting fairness and transparency for business users of online intermediation services. It would lay down transparency and redress rules for the benefit of business users of online intermediation services and of corporate website users of online search engines. The legislation would cover online marketplaces, online software application stores, online social media and search engines. The Council of the EU reached a common position on the draft Regulation on 29 November 2018.

Telecoms privacy: The proposed EU ePrivacy Regulation continues to make a choppy voyage through the EU legislative process.

Intermediary liability: The UK government has published its Internet Safety Strategy Green Paper, the precursor to a White Paper to be published in winter 2018-2019 which will include intermediary liability, duties and responsibilities. In parallel the House of Lords Communications Committee is conducting an inquiry on internet regulation, including intermediary liability. A House of Commons Committee examining Disinformation and Fake News has also touched on the topic. Before that the UK Committee on Standards in Public Life suggested that Brexit presents an opportunity to depart from the intermediary liability protections of the ECommerce Directive.

On 12 September 2018 the European Commission published a Proposal for a Regulation on preventing the dissemination of terrorist content online. This followed its September 2017 Communication on Tackling Illegal Content Onlineand March 2018 Recommendation on Measures to Effectively Tackle Illegal Content Online. It is notable for one hour takedown response times and the ability for Member States to derogate from the ECommerce Directive Article 15 prohibition on imposing general monitoring obligations on conduits, caches and hosts.

The Austrian Supreme Court has referred to the CJEU questions on whether a hosting intermediary can be required to prevent access to similar content and on extraterritoriality (C-18/18 – Glawischnig-Piesczek). The German Federal Supreme Court has referred two cases (YouTube and Uploaded) to the CJEU asking questions about (among other things) the applicability of the ECommerce Directive intermediary protections to UGC sharing sites.

Pending CJEU copyright cases: Several copyright references are pending in the EU Court of Justice. Issues under consideration include whether the EU Charter of Fundamental Rights can be relied upon to justify exceptions or limitations beyond those in the Copyright Directive (Spiegel Online GmbH v Volker Beck, C-516/17;  Funke Medien (Case C-469/17) (Advocate General Opinion 25 October 2018 here) and Pelham Case 476/17); and whether a link to a PDF amounts to publication for the purposes of the quotation exception (Spiegel Online GmbH v Volker Beck, C-516/17). The Dutch Tom Kabinet case on secondhand e-book trading has been referred to the CJEU (Case C-263/18). The YouTube and Uploaded cases pending from the German Federal Supreme Court include questions around the communication to the public right.

Online pornography: The Digital Economy Act 2017 grants powers to a regulator (subsequently designated to be the British Board of Film Classification) to determine age control mechanisms for internet sites that make ‘R18’ pornography available; and to direct ISPs to block such sites that either do not comply with age verification or contain material that would not be granted an R18 certificate. The process of putting in place the administrative arrangements is continuing.

Cross-border liability and jurisdiction: The French CNIL/Google case on search engine de-indexing has raised significant issues on extraterritoriality, including whether Google can be required to de-index on a global basis. The Conseil d’Etat has referred various questions about this to the CJEU (Case C-507/17; Advocate General Opinion to be delivered 10 January 2019). C-18/18 Glawischnig-Piesczek, a reference from the Austrian Supreme Court, also raises territoriality questions in the context of Article 15 of the ECommerce Directive.

In the law enforcement field the EU has proposed a Regulation on EU Production and Preservation Orders (the ‘e-Evidence Regulation’) and associated Directive that would set up a regime for some cross-border requests direct to service providers. The UK has said that it will not opt in the Regulation. US-UK bilateral negotiations on direct cross-border access to data are continuing. The Crime (Overseas Production Orders) Bill, which would put in place a mechanism enabling UK authorities to make cross-border requests under such a bilateral agreement is progressing through Parliament.

Online state surveillance: The UK’s Investigatory Powers Act 2016 (IP Act), has come almost completely into force, including amendments following the Watson/Tele2 decision of the CJEU. However the arrangements for a new Office for Communications Data Authorisation to approve requests for communications data have yet to be put in place.

Meanwhile a pending reference to the CJEU from the Investigatory Powers Tribunal raises questions as to whether the Watson decision applies to national security, and if so how; whether mandatorily retained data have to be held within the EU; and whether those whose data have been accessed have to be notified.

Liberty has a pending judicial review of the IP Act bulk powers and data retention powers. It has been granted permission to appeal to the Court of Appeal on the question whether the data retention powers constitute illegitimate generalised and indiscriminate retention.

The IP Act (in particular the bulk powers provisions) may be indirectly affected by cases in the CJEU (challenges to the EU-US Privacy Shield), in the European Court of Human Rights (in which Big Brother Watch and various other NGOs challenge the existing RIPA bulk interception regime) and by a judicial review by Privacy International of an Investigatory Powers Tribunal decision on equipment interference powers.

The ECtHR gave a Chamber judgment in the BBW case on 13 September 2018. If the judgment becomes final it could affect the IP Act in as many as three separate ways. The NGOs have lodged an application for the judgment to be referred to the ECtHR Grand Chamber.

In the Privacy International equipment interference case, the Court of Appeal has held that the Investigatory Powers Tribunal decision is not susceptible of judicial review.  A further appeal has been heard by the Supreme Court. Judgment is awaited.

Compliance of the UK’s surveillance laws with EU Charter fundamental rights will be a factor in any data protection adequacy decision that is sought once the UK becomes a non-EU third country post-Brexit.

This post originally appeared on the Cyberleagle Blog and is reproduced with permission and thanks.