Digital Watch newsletter – Issue 38 – February/March 2019
1. Efforts to curb the spread of harmful content intensify
In the past few years, authorities have been applying more pressure on tech companies to monitor and remove hate speech and violent extremism. Although companies have been implementing new tools, governments are planning stricter rules which place more responsibility on companies (especially the bigger companies) and are tougher on those who spread harmful content.
One recently announced plan is by the French government, which will require platforms to take stronger preventive measures towards hateful and racist content, and to ensure that the internal moderation process is transparent and human-controlled. The draft law, which will incorporate proposals made in a 2018 report on fighting online racism and anti-Semitism, will demand large companies to remove hate speech within 24 hours, and terrorist content in much less time.
In Canada, the new National Expert Committee on Countering Radicalization to Violence will help ensure the implementation of the national strategy. New rules in India will require social media platforms to implement automated screening tools and remove posts or videos which officials consider 'libelous, invasive of privacy, hateful, or deceptive'. Pakistan plans to do the same: the Information Minister has announced ‘a mechanism... to control hate speech on social media.’
The issue has also caught the attention of UN Secretary General Antonio Guterres, who has mandated the Special Advisor on Genocide Prevention, Adama Dieng, to ‘bring together a UN team to scale up our response to hate speech, (to) define a system-wide strategy and present a global plan of action on a fast track basis’.
Although self-regulation and new rules present a stronger way of curbing the spread of harmful content, this is not sufficient. Appropriate frameworks need to incorporate awareness-raising campaigns and programmes that promote tolerance and increase the levels of digital literacy.
2. Cybersecurity: Old concerns and new policy initiatives
Cyber incidents have not abated. In early March, a cyber-attack on Venezuela’s hydroelectric power operations caused a major power outage. The country’s president attributed the cyber-attack to the USA, but this was promptly denied by the US Secretary of State. One of the world’s biggest aluminium producers, Norsk Hydro, was also hit by a major ransom cyber-attack affecting production systems and causing loss estimated at more than $40 million.
Looking ahead, cybersecurity concerns are looming over upcoming elections in Europe and Indonesia. Security firm FireEye has alleged that two Russian state-sponsored hacking groups have targeted European government systems to gather information that could be used against particular political parties or candidates ahead of the European Parliament elections in May.
Indonesia’s elections are also vulnerable to attacks: the head of the country’s General Elections Commission said that hackers are attacking the country’s voter database in an attempt to create hake votes identities. Although some of the attacks allegedly originated in Russia and China, both countries denied the accusations.
As more cyber threats emerge, governments and intergovernmental organisations are coming up with new policy and regulatory initiatives to address the issues. The EU’s Council adopted the EU Law Enforcement Emergency Response Protocol, to facilitate the investigation of cyber incidents. The protocol gives a central role to Europol’s European Cybercrime Centre (EC3) to support EU law enforcement authorities in providing response to cross-border cyber incidents of a suspected criminal nature.
One can easily predict that there will be more cyber attacks and interference with critical infrastructures and electoral systems. Simultaneously, questions will continue to arise on the effectiveness of policy responses when it comes to ensuring protection from or responses to cyber-attacks.
3. The Internet economy in focus… again
The pressure on tech companies to tackle concerns over harmful content, competition practices, and tax rules, continued to mount. The number of fines imposed by authorities has also risen.
In March, the European Commission fined Google €1.49 billion for abusing its dominant position in the market for online advertising related to its AdSense advertising service. According to the Commission, Google has abused its dominant position in the market by imposing anti-competitive contractual restrictions on third-party websites. This is the third antitrust fine for Google by the EU in the last three years.
Uber has also been dealing with many regulatory challenges, and is now working with regulators to address issues such as operating licenses and drivers status. The company recently consented to paying a fine of €2,3 million to settle charges concerning past violations of the Taxi Act in the Netherlands. Uber also agreed to pay $20 million to settle the class action brought by 385 000 US drivers who claimed they were employees of Uber and not independent contractors. Besides the cash settlement, Uber compromised to modify its businesses practices in California and Massachusetts, including in relation to publishing a comprehensive policy online and providing notice before deactivating a driver’s account.
Taxation practices is another contentious issue, especially in Europe. Many EU member states are in favour of common rules for large tech companies; others prefer a more global approach. While the disputes waged on, a handful of European countries made plans to introduce new tax rules.
France is one of them. After announcing its plans in December, the French government recently unveiled its plans to introduce a 3% tax on the revenues obtained in France by large Internet companies such as Google and Amazon. While authorities claim that such a tax would help protect local companies, and especially start-up, the industry argues that it will have ripple effects on consumers themselves. More European countries are expected to follow this approach.
Digital policy developments
The monthly Internet Governance Barometer of Trends tracks specific Internet governance issues in the public policy debate, and reveals focal trends by comparing the issues every month. The barometer determines the presence of specific IG issues in comparison to the previous month. Learn more about each update.
Global IG architecture
During the 32nd Assembly of the African Union, heads of states and governments called for digital transformation of the continent.
Participants in the Going Digital Summit, organised by the Organisation for Economic Development and Co-operation (OECD) discussed opportunities and challenges of the digital economy. Session reports are available on the Digital Watch observatory.
The United Nations Office for South-South Cooperation launched a digital tool to support south-south digital cooperation.
The UN Economic and Social Commission for Western Asian outlined recommendations for harnessing digital technologies for development in the Arab region.
The World Government Summit called on public sector organisations to integrate big data into decision making processes and to develop digital agendas.
The UK and South Africa will co-lead the Commonwealth Digital Connectivity Agenda, to support digital trade.
The European Commission ordered the recall of Enox Safe-Kid-One children’s smartwatches. The Commission also set up an Expert Group on Safer Internet for Children to improve co-operation between member states in protecting children rights online. The African Union made an urgent call for the protection of children online.
The EU is reportedly developing a sanctions regime to deter and respond to cyber-attacks involving data breaches, intellectual property theft and stealing of classified information, attacks on IT and critical infrastructure, and election hacks. The European Parliament adopted the Cybersecurity Act, which defines cybersecurity certification schemes for products, processes, and services.
The Council of the EU adopted the EU Law Enforcement Emergency Response Protocol, outlining procedures, roles, and responsibilities of key agencies in providing response to cross-border cyber incidents.
NATO is developing a Cyber Security Collaboration Hub for its member states to gather information and collaborate in an encrypted workspace.
Australia detected an attack on the national parliament’s computer network and believes that a sophisticated state actor is responsible. A US cybersecurity company Maltese Bank of Valletta was affected by a cyber-breach which allowed hackers to transfer €13 million to accounts in the USA, the UK, the Czech Republic, and Hong Kong.
E-commerce and Internet economy
India’s Competition Commission is looking into whether Google has abused its position on the mobile operating systems market. France unveiled plans to impose a 3% tax on large Internet companies.
Lithuania, Luxemburg, Malta, the Netherlands, and Sweden oppose the European Commission’s proposal to remove the veto power that member states have over EU tax reforms. This has implications for the previously proposed EU tax for large Internet companies.
Uber agreed to pay a €2.3 million fine to settle charges for violating the Taxi Act in the Netherlands. The company also consented to paying $20 million to settle US drivers class action.
Arizona attorney found no basis for criminal liability for Uber in the 2018 self-driving car accident.
Multinational bank J.P. Morgan Chase & Co created the first US bank-backed cryptocurrency, the JPM coin, equivalent to 1 USD. The coin will be used for instantaneous payments between institutional accounts. Facebook gets closer to creating its own cryptocurrency.
Luxembourg created a regulatory framework for blockchain transactions, giving them the same legal status as traditional transactions. The German Ministry of Finance has urged the introduction of a regulatory framework for blockchain-based securities.
The German Federal Cartel Office ordered Facebook to stop combining users’ data from other Facebook-owned platforms such as WhatsApp and Instagram, without voluntary consent. In the USA, the New York governor ordered an investigation into Facebook accessing and collecting personal data from users’ mobile apps. A new Privacy International report indicates that major Android apps still send data to Facebook. Facebook CEO Mark Zuckerberg indicated the company’s intention to develop a ‘privacy-focused vision for social networking’.
In its fourth evaluation of the Code of Conduct on Countering Illegal Hate Speech Online, the European Commission concludes that the code is an ‘effective tool to face hate speech’. IT companies are reviewing the majority of notifications within 24 hours and are removing 72% of the notified content. The UN Secretary-General mandated his Special Advisor for the Prevention of Genocide to create a UN team to prepare a strategy and action plan against hate speech. France announced a plan of action against hateful content online, requiring online platforms to strengthen measures against the spread of hate speech and to be transparent in their decisions involving content moderation.
At the request of the Bombay High Court in India, Facebook and Google explained that they are introducing enhanced rules for political advertisement ahead of the country’s general elections.
Partner organisations of the Council of Europe’s Platform for the Protection of Journalism and Safety of Journalists call on states to improve conditions for media freedom and provide legal and practical protections for journalists.
The UN Special Rapporteur for Freedom of Opinion called on the EU to bring the Copyright Directive in line with freedom of expression standards.
The Council of Europe issued a new set of guidelines on the protection of health-related data.
Jurisdiction and legal issues
EU institutions reached a political agreement on the Copyright Directive, requiring online platforms to conclude licensing agreements with rights-holders to feature their work online.
The European Commission fined Google €1.49 billion for abusing its dominant position in the market for online advertising.
Tech firms proposed policy principles for planned Internet regulation to the UK government.
Social media platforms were placed under increased scrutiny, following New Zealand shooting.
Russian President Vladimir Putin signed a law banning the dissemination of fake news online.
NATO is holding internal consultations on Huawei security concerns.
The Port of Marseille plans to build a new subsea cable landing infrastructure to make it easier for subsea cables to land in Europe. Russia intends to lay a new fibre optic cable along its Arctic coast.
Facebook and Vodafone Ghana are launching a joint project to provide low-cost Wi-Fi services in Ghana.
The cost of Internet access in 2018 dropped everywhere in the world except in low-income countries, study shows.
New generic top-level domains and universal acceptance for Internationalised Domain Names were in focus at ICANN64.
According to a study on the net neutrality situation in the EU, zero-rating practices implemented by wireless providers have led to an increase in the cost of wireless data, compared to countries without zero-rating practices.
A new bill to restore net neutrality was introduced in the US Congress.
New technologies (IoT, AI, etc.)
US President Donald Trump presented the American AI Initiative, while the Department of Defense launched its own AI strategy. India plans to launch a new national programme on AI. The UK will allocate up to £100 million for a programme focused on training the next generation of AI experts.
The Committee of Ministers of the Council of Europe adopted a Declaration on the manipulative capabilities of algorithmic processes, drawing attention to the threats that automated systems could pose to human rights.
The UK launched a public consultation on a code of practice for testing automated vehicles in public places. The European Telecommunications Standards Institute released a cybersecurity standard for IoT products.
AI weapons may be harder to control than nuclear ones, warned former US Secretary of State Henry Kissinger.
According to the United Nations Educational Scientific and Cultural Organization (UNESCO), AI developments should be aligned with ROAM principles – human rights, openness, accessibility, and multistakeholder governance.
Facebook announced a new AI tool to fight revenge porn online.
Policy discussions take place in Geneva every day. The following updates cover the main events of the month. For event reports, visit the Past Events section on the GIP Digital Watch observatory.
Humanitarian Networks and Partnerships Week (HNPW)
The conference, which ran on 4–8 February, was dedicated to consultations and discussions on humanitarian networks and partnerships. Benefiting from the contribution of experts in crisis preparedness and response, the conference also addressed digital-related topics. The week highlighted the work of the UN Office for the Coordination of Humanitarian Affairs’ (OCHA) Center for Humanitarian Data, and the Humanitarian Data Exchange, and highlighted projects such as iTRACK, funded by the European Commission.. The event highlighted the challenges and opportunities related to the collection of large amounts of personal data for humanitarian purposes, the importance for data protection, and the responsibility of stakeholders when collecting and using data for humanitarian activities.
40th Session of the Human Rights Council (HRC)
The Special Rapporteur on the Right to Privacy’s report, submitted during the 40th session which ran from 25 February to 22 March, focused on intelligence oversight and data exchanges among different intelligence agencies. The report concluded that regional legal frameworks ensuring data protection (e.g. the EU’s GDPR) ‘while important [...] are not sufficient for extending privacy protection to the field of national security’. More legal certainty in protecting privacy in the surveillance field was needed, especially with regard to data exchanges among different security agencies. The report includes the results of the rapporteur’s work on privacy and gender, as well as privacy and health data. Side events tackled the issue of the right to privacy in the digital world and the relevance of human rights standards in the era of artificial intelligence (AI).
30th anniversary of the World Wide Web at CERN
On 20 March, CERN celebrated the 30th anniversary of the World Wide Web with a discussion with web pioneers and leading experts on the challenges and opportunities of innovative technologies, past, present, and future. The first panel discussed the early evolution of the Internet, and how it thrived on its open and public nature. The second panel focused on the technology evolution, and future challenges and opportunities. One major challenge related to the collection of user data. Since privacy notions vary around the world, the challenge is to foster cooperation among different sociocultural spaces. There is still a need for current international institutions to discuss data governance outside silos.
Symposium on the Future Networked Car
Panellists during the Symposium organised by the International Telecommunication Union (ITU) and the UN Economic Commission for Europe (UNECE), on 7 March, addressed issues of standards for networked cars to increase road safety as well as cybersecurity concerns for connected cars. Discussions focused on the implementation of AI in car modules and inboard systems to assist drivers, and the use of self-driving cars. The panellists spoke about the deployment of automated mobility services and how their implementation will affect suppliers of car manufacturers. They also discussed the impact of existing and draft regulations on the development of networked and automated cars.
Read the event report.
Group of Governmental Experts on Lethal Autonomous Weapons Systems (GGE LAWS)
The discussions, which took place on 25–29 March at the Palais des Nations, focused on the need to define autonomous systems, and their compliance with International Humanitarian Law (IHL). Discussions stressed the need for a greater understanding of how reliable and predictable fully autonomous systems are. Systems designed to conduct military operations without human intervention are of special concern. A qualitative measurement is needed in order to comply with the principles of proportionality, distinction, and precaution, which can be ensured only by human commanders and combatants, and therefore, by ‘meaningful’ human control.
Roundtable on International Digital Governance
The roundtable, organised by the Organisation Internationale de la Francophonie (OIF) on 28 March, highlighted the rapid developments caused by the digitalisation of societies. The French Ambassador on Digitisation presented France’s priorities for an open and free Internet. Panellists focused on harnessing new technologies such as blockchain, and noted the importance of regulating it early on in its development. Another challenge was taxation of the digital economy: the OECD’s base erosion and profit shifting project (BEPS) was highlighted as an example of finding global solutions to transnational problems.
European Parliament approves new Copyright Directive
After two years of heated debates, the European Parliament passed its Directive on Copyright and Related Rights in the Digital Single Market (the Copyright Directive). What are the main controversies?
Timeline of developments
14 September 2016. The new directive is proposed by the European Commission. Debates take off over Articles 11 and 13. Read more...
13 Jun 2018. The UN Special Rapporteur on freedom of expression voices serious concerns about the Directive's Article 13. Read more...
20 June 2018. The Legal Affairs Committee of the European Parliament (JURI) adopts the proposed version for copyright reform, including highly disputed Articles 11 and 13. Read more...
4 July 2018. The Polish, Spanish, and Italian pages of Wikipedia close down in protest of JURI's vote in favour of Articles 11 and 13. Read more...
12 September 2018. Amendments to the proposed Copyright Directive are approved by the European Parliament. Amendments include clearer provisions, but both articles remain highly disputed. Read more...
9 November 2018. Leaked Council of Europe document reveals that the proposed rules do not explicitly state if the existing liability protection is valid under Article 13. There are also clear exceptions for intermediaries that make an effort to prevent copyright infringements. Read more...
13 December 2018. Copyright activists and organisations sign new petition. Read more...
13 February 2019. The European Parliament, the Council of the EU, and the Commission announce that a political agreement has been reached. Read more...
11 March 2019. The UN Special Rapporteur on freedom of expression urges the EU to align the proposed directive with human rights standards. Read more...
26 March 2019. The Copyright Directive is approved by members of the European Parliament, with 348 members in favour and 274 against. Read more...
While the EU’s aim is to unify the digital market and protect the rights of authors in an online environment, the advocates of an open Internet argue that the Copyright Directive will limit access to information and restrict freedom of expression. The most controversial articles of the Copyright Directive are Article 15 (the so-called ‘link tax’, previously Article 11) and Article 17 (the upload filter, previous article 13).
Article 15 requires that authors of works incorporated in a press publication receive an appropriate share of the revenues paid by the information society service providers (though mere hyperlinks accompanied by individual words are exempted from these payments). The proponents of this directive seek to strengthen the position of authors, and provide them with a system of fair remuneration for the use of their works. Critics of this legislation have described this rule as a tax, and have also criticised its vague wording.
An even bigger debate has surrounded Article 17, which requires online content sharing service providers to obtain an authorisation (licence) from rights-holders (content creators) in order to distribute content online. If online sharing service providers fail to do so, they will be held liable for unauthorised distribution unless they undertake their ‘best efforts’ to prevent such a situation. With the enormous amount of content being uploaded by content creators every minute, the only way to ensure compliance with this regulation is through the use of so-called upload filters.
Critics of Article 17, which included the UN Special Rapporteur on Freedom of Expression, expressed several concerns. Service providers will now be in position to monitor, and restrict, user-generated content before it is uploaded, impinging on pluralism of content and freedom of speech. With regards to the content to be filtered, the provision introduces an exception for the use of copyrighted works for caricature, parody, or pastiche. Yet, it remains to be seen how such content will be identified by upload filters.
The Copyright Directive is certainly good news for copyright holders, as it strengthens the rights of creators and users. Yet, it also imposes new responsibilities on online platforms and service providers, and introduces significant reporting obligations on producers. Due to the uncertain wording of several provisions, the Court of Justice of the European Union will quite likely be called upon to tackle issues of interpretation.
The new law will take effect after the European Council’s vote, and its publication in the official journal. EU member states will have up to two years to transpose the regulation into their national legislations.
New artificial intelligence initiatives launched
The past few years have seen an increasing number of countries developing their national strategies on artificial intelligence. We take a look at the strategies launched in the past months.
As DiploFoundation’s report on diplomacy and AI indicates, many of these strategies reflect a competitive tendency, as countries aim at leadership in this fast evolving field. The latest AI strategy, published by the USA, reconfirms this trend: The American AI Initiative, outlined in an executive order signed by President Trump, is dedicated to ‘maintaining American leadership in AI’.
To achieve such leadership, the strategy revolves around several priority areas, from driving technological breakthroughs in AI, to training current and future generations and fostering public trust in the technology, while protecting civil liberty. The initiative also calls for an action plan to protect US advantage in AI technology ‘against strategic competitors and adversarial nations’.
In a second development from the USA, the Department of Defense (DoD) launched its own AI strategy to accelerate the deployment of AI as a tool to enhance military decision-making and operations. In the light of recent concerns around the use of AI technology by the military, the DoD also announced plans to develop guiding principles for using the technology ‘in a lawful and ethical manner’.
As AI continues to find its way into many sectors of the economy and society, countries are realising that they need more focus on capacity development initiatives. In February, the UK government announced the allocation of India also intends to launch a new national programme on AI, to include an AI hub, centres of excellence, and a national AI portal meant to allow citizens to access AI technologies.
Another significant development in February came from the Council of Europe, whose Committee of Ministers adopted a Declaration on the manipulative capabilities of algorithmic processes. The declaration draws attention to the threats that automated systems could pose to human rights and democratic societies, and calls on member states to consider the development of additional protective frameworks. It also underlines the need for multistakeholder dialogue, and encourages countries to promote user empowerment and digital literacy.
For more updates on AI developments and strategies, visit the AI policy space on the Digital Watch observatory.