For the future of the Internet, EU policy needs to focus on digital infrastructure

With the EU progressively increasing its focus on digital policymaking, it is ever more crucial that digital infrastructure be kept at the core of decisions that impact the Internet. The true advancement of digital policies incorporates all actors along the value chain of Internet service provision and has the potential to create an innovative digital sphere in the interest of EU citizens. Policies must be adapted to the reality of an ecosystem that is composed of many kinds of actors, taking into account differences in resources and precedent, particularly if we want to see even implementation across the entire sector. Indeed, what we need in order to create a sustainable EU digital policy life-cycle is clarity regarding implementation and coherence with existing legislation, and avoidance of legislative overlap.

The EU is seen as a driving force of innovation globally; but in order to truly enable an innovative, free, and fair Internet, the EU must consider all the actors within the sphere of Internet service provision. By considering all players and creating a level-playing field, the EU can create a cohesive internal market and enable increased sharing of knowledge and best practice. For the EU to maintain its status as a key actor at the global level of Internet services provision, it must nurture a competitive digital market at the infrastructure and service level. The EU has the chance to play a leading role in the development of emerging technologies, including AI, quantum technology, blockchains, and virtual worlds, and to build legislation which allows players of all sizes to participate – and it must take that chance to be at the forefront change.

Meanwhile, we must not forget that a safer Internet is crucial for the integrity of EU democracy. Ensuring technology neutrality and encompassing every actor within the Internet ecosystem allows for effective policy-making that creates a safer and freer Internet for all EU citizens. 

Elina Ussa
President of EuroISPA

Read EuroISPA’s Manifesto for the 2024 European Elections here.

Joint industry call for protecting encryption in the Child Sexual Abuse Regulation

Together with other industry associations, EuroISPA is calling on EU Member States to preserve the integrity of end-to-end encryption in the Child Sexual Abuse Regulation, and to protect both safety and privacy in the Council position.

Some worrying suggestions have been put on the negotiating table last week which are highly problematic for the privacy of users and the security of the Internet. In our joint statement, we point at other avenues for improvement, including voluntary detection and prevention.

Collaborative Strategies in Combating Online Piracy

In May 2023, the European Commission released a recommendation on combating online piracy of sports and other live events. The recommendation underlines rapid action against unauthorised streams and fosters collaboration across the Internet industry. In October, a conference co-hosted by the Commission and EUIPO spotlighted the fight against online piracy, at which Worldstream was invited due to our established measures.

In line with the recommendation, Worldstream has developed its own proactive Notice and Take Down tool. This tool empowers rightsholders to quickly block IP addresses used to distribute infringing content during live events, effectively disrupting online piracy as it happens. This tool is part of a broader strategy to foster industry-wide efforts, aligning with the Commission’s plan.

However, the challenge is not just about implementing tools: real progress in combating online piracy requires industry-wide cooperation. The current efforts often feel fragmented, with each party handling issues in isolation. From intermediaries to rightsholders, everyone has a crucial role, and only through sharing knowledge and resources can we collectively stay ahead of piracy. Creating working groups or direct communication channels might be the key to consolidating our efforts. By sharing insights, processes, and challenges, we can transform individual actions into a cohesive, industry-wide strategy against online piracy.

Wouter Van Zwieten
Chief Legal Operations Officer, Worldstream

Charting the Connectivity Landscape: challenges, investments, and the EU’s vision for a digital future

In 2023, the challenges for the connectivity sector in Europe were dramatically highlighted. The European Commission initiated an exploratory consultation, underlining the crucial need to review the existing regulatory framework to attract more investment in infrastructure in response to the profound changes in practices and to the development of innovative technologies, which are affecting the financial balance of the ecosystem.

Very high-capacity networks capable of processing massive amounts of data are needed for the EU to remain competitive, but electronic communications operators today face growing economic pressure. Digital markets are constantly changing, and the need for investment to keep pace with these developments is exploding. For example, incoming mobile traffic in France increased 18-fold between 2012 and 2021 and is expected to further increase 6-fold by 2030. Faced with an expected deficit of nearly 200 billion euros in investments to achieve the connectivity objectives of the Digital Decade by 2030, the industry must be supported by the European Union through a proactive and ambitious policy plan, spreading the investment effort across the entire value chain to ensure the resilience of an essential infrastructure at the heart of our economy.

The Digital Network Act is expected in 2024, as announced by Internal Market Commissioner Breton, who rightly reminded that cutting-edge telecommunications infrastructure is a fundamental pillar for growth, innovation and job creation. Among the priorities there is the need to adapt the regulatory framework to reduce costs and facilitate the rapid deployment of very high-capacity networks. The Gigabit Infrastructure Act proposed by the Commission in February 2023 was a promising start, but its ambition needs to be confirmed in the ongoing negotiations.

Finally, the green transition is affecting all sectors, including connectivity. Telecom operators seek to reach sustainability goals, but the success of these initiatives requires a global commitment towards a more optimised use of networks from the digital sector as a whole.

With the upcoming EU elections, 2024 will be a crucial year to make the connectivity aspirations of the European Union a reality. The announced “connectivity package” could be an essential instrument to overcome the challenges and secure the future of the sector, ensuring the sustainability of our infrastructures for the benefit of European citizens and businesses.

Romain Bonenfant
EuroISPA Board Member
Managing Director, Fédération Française des Télécoms

Cybersecurity in the EU: Milestones, Challenges, and the Road Ahead

The past year has brought several significant developments at EU level both in the Cybercrime and Cybersecurity field.

The adoption of the European Commission’s flagship project, the e-Evidence Regulation, in the summer of 2023, was a significant milestone given the ongoing discussions on the topic since 2017. For the first time, law enforcement authorities will now be able to directly address service providers established on the territory of a different Member State. The focus will now be on the technical implementation of the Regulation in the Member States, where new challenges will be posed by the EU-wide harmonisation of the national technical platforms for the secure exchange of data between law enforcement authorities and service providers via a decentralised IT-system.

Another central topic is the importance of encryption. The initial proposal on the Regulation to combat child sexual abuse stipulated detection measures that would have significantly undermined the use of end-to-end encryption in communication services. This provoked a huge wave of criticism showing that secure communications are also important to the broader public. This response ultimately led the European Parliament to explicitly exclude end-to-end encrypted communications from the scope of the Regulation.

At EU Member State level, the implementation of the NIS-2-Directive is still ongoing and will require substantial efforts by the affected companies, especially those that have not been subject to any cybersecurity requirements until now. On the other hand, providers of electronic communication networks and services are already under a sector-specific security regime as part of the European Electronic Communication Code. It will therefore be important that the national implementation of the NIS-2-Directive take into account the already existing security concepts in this sector and only stipulate additional measures where these would in fact lead to a higher level of security.

A political agreement on the Cyber Resilience Act has been reached, which harmonises cybersecurity standards for products and software with digital components and will also assist providers under the NIS-2-Directive to ensure supply chain security. Finally, it must be noted that the enormous frequency of new legal acts in the field of cybersecurity in recent years poses major challenges for the companies affected by them, as their internal processes must constantly be adapted, and it is often hard to find the necessary skilled workers to implement new requirements. With this in mind, along with the new mandate coming up this year, the focus of the upcoming European Commission should be on the smooth implementation of these legal acts rather than on new proposals.

Andreas Gruber
Former Chair of the EuroISPA Cybercrime & Cybersecurity Committee

Navigating the future: regulatory streamlining of electronic communications in the European Union

Over the next five years, the European Union (EU) is poised to witness a transformative era in the development of electronic communications networks. This period is anticipated to be marked by a concerted effort to modernise the existing infrastructure and reduce barriers to the construction of advanced VHCN networks. The so-called GIA legislation is trying to focus on harmonisation across Member States and reduce bureaucratic procedures. The question we must ask is “Will that be enough?”.

Any harmonisation effort should primarily target regulatory framework, aiming to streamline and simplify the procedures for network development. This will involve revising existing regulations and possibly introducing new ones to address the evolving landscape of electronic communications. The goal is to eliminate unnecessary bureaucratic hurdles that currently impede progress and innovation. By doing so, the EU intends to foster an environment conducive to investment, innovation, and rapid deployment of advanced networks like 5G and beyond.

A significant part of this harmonisation will be the standardisation of technologies and protocols. This will ensure interoperability of networks and services across the EU, enhancing the user experience and promoting a more connected European digital market. It’s not just about enhancing speed and bandwidth; it’s also about ensuring reliability, resilience, and security of these networks, especially in the wake of increased cyber threats.

Alongside these developments, there will be a strong emphasis on the formulation of clear and fair rules for data privacy in the digital space, especially data retention. The EU recognises the need for law enforcement agencies to access certain types of data for security purposes. However, this need must be balanced against the fundamental rights of individuals, particularly their right to privacy and data protection. This framework will aim to provide clarity and certainty for both law enforcement agencies, telecommunication service providers and providers of information society services, as well as protect the privacy rights of EU citizens. The future of electronic communications network development in the EU will be characterised by a drive towards harmonisation to reduce barriers for building new infrastructure and a focus on setting clear, human rights-centred rules for data protection in the digital space. These efforts will be critical to ensure that the EU remains at the forefront of digital innovation while safeguarding the rights and freedoms of its citizens.

Jaromir Novak
Partner for Regulatory Affairs, CZ.NIC

EuroISPA publishes Position Paper on Data Retention

Data retention frameworks refer to the regulation of what data should be stored or archived, where that should happen, and for exactly how long. The obligation of data storage stems from the possibility of law enforcement authorities to request such data to Electronics Communications Services Providers at any time.

In light of the current discussions within the High-Level Group on access to data for effective law enforcement, EuroISPA has published this Position Paper on Data Retention. This paper is a testament to EuroISPA’s collective dedication to identifying the practical, operational and economic consequences and challenges of data retention at both the national and cross-border level.

Allowing law enforcement authorities to prevent and prosecute serious crimes needs while safeguarding the fundamental rights of users and electronic communications services providers is not an easy task, as shown by several rulings of the Court of Justice of the EU. EuroISPA has put together a list of imperative requirements to provide guidance on how to achieve the right balance between the interests and obligations of all parties involved.

EuroISPA, a pan-European association which represents over 3,300 Internet Services Providers (ISPs), works to advocate for the needs both of the wider industry and of users. This position paper is one example of how the association’s members work together to draft recommendations for EU policy makers that can be implemented by the industry in order to tackle the issue at hand.

EuroISPA General Meeting in London: a recap

London, March 14-15, 2024

EuroISPA travelled to London on March 14-15 for the first General Meeting on 2024, gathering Council and Forum members, Board Officers and Secretariat, kindly hosted by our member LINX.

On the agenda were topics such as the future of GDPR, the state of the CSAM discussions, our work on piracy of live content, implementation at national level of the DSA, e-Evidence and NIS 2, as well as fruitful exchanges on AI and copyright or the new Commission’s White Paper “How to master Europe’s digital infrastructure needs?“.

Participants also had the chance to discuss the state of our growing membership base, our ongoing work for the European elections, positions on different topics, the new Committees structure, and more.

Most notably, the members unanimously endorsed EuroISPA’s first Position Paper on Artificial Intelligence, that marks the first step and sets the tone of EuroISPA’s increasing work on Artificial Intelligence. You can read the paper here.

The General Meeting also brough about some internal changes in the way of working of the Association. EuroISPA’s Committees, the hub of our policy work, have been undergoing some restructuring and the new configuration of the Committees and the appointment of new Committee Chairs was approved by the Members in London:

  • The Online Content Committee covers topics such as online content moderation, DSA, CSAM, and piracy of live content. The Committee Chair is Alex de Joode (AMS-IX)
  • The Data Economy Committee deals with issues such as data protection, emerging tech, AI, and copyright. The Committee Chair is Oliver Süme (eco)
  • The Cybersecurity & Infrastructure Committee covers from infrastructure to connectivity, including a potential Digital Networks Act and cooperation with law enforcement, for example on e-evidence. The Committee Chair is Paul Guinard (FFTélécoms).

Read more about the work of our Committees here.

Finally, we had the pleasure of welcoming three guest speakers:

  • Professor Vanessa Franssen from the University of Liege to exchange on our work on data retention and the collaboration between service providers and law enforcement authorities in the context of the High Level Group on Law Enforcement Access.
  • Owen Bennett from Ofcom, the UK’s Communications Regulator, on the Online safety Act and Ofcom’s regulatory approach and alignment with the EU’s Digital Services Act.
  • Christopher Oldknow from our Industry Forum member Amazon on copyright, covering key milestones and relevant trends.

EuroISPA publishes Position Paper on Artificial Intelligence

In the wake of the approval of the Artificial Intelligence Act (EU AI Act) by the European Parliament, EuroISPA publishes its Position Paper on Artificial Intelligence. This paper is a testament to EuroISPA’s collective dedication to shaping a future where AI serves as a force for good, and highlights principles that should be considered for current and future regulatory frameworks on AI, including by the European Union.

EuroISPA, a pan-European association which represents over 3,300 Internet Services Providers (ISPs), works to advocate for the needs both of the wider industry and of users. This position paper is one example of how the association’s members work together to draft recommendations for EU policy makers that can be implemented by the industry in order to tackle the issue at hand. This paper reflects our commitment to establishing a harmonised and globally accepted framework that encourages innovation, upholds ethical standards, and mitigates potential risks associated with AI deployment.

What does Artificial Intelligence mean for the Internet Industry, now and in the future?

Today, the European Parliament is holding the final vote on the Artificial Intelligence Act (AI Act), which proposes groundbreaking regulations for the use of artificial intelligence in the EU. In this context, EuroISPA Vice-President Lars Steffen illustrates how Artificial Intelligence will fundamentally change the landscape of the Internet industry

Artificial Intelligence (AI) is fundamentally changing the landscape of the Internet industry, ushering in a new era of efficiency, personalisation and innovation. In recent years, AI has become a cornerstone of many Internet-based services, influencing everything from search algorithms to customer service interactions. Its impact is not only transformative, but also indicative of the future trajectory of the Internet industry.

One of the most noticeable changes brought about by AI is the improvement of the user experience. From content recommendations on streaming platforms to personalised search results, AI algorithms are analysing vast amounts of user data to tailor online experiences. Not only does this keep users engaged, but it also fosters a sense of connectedness as the Internet becomes more attuned to individual preferences. This is why European copyright law must continue to be adapted to the digital age, and why excessive liability of ISPs for AI-generated content must be avoided.

AI also plays a key role in cybersecurity within the Internet industry. As online threats become more sophisticated, AI-powered systems have become particularly adept at detecting and preventing cyberattacks. Machine learning algorithms can analyse patterns and anomalies in real time, providing robust defences to protect sensitive data and ensure the integrity of online platforms.

Looking ahead, the Internet industry will see even more profound changes driven by AI. The emergence of advanced natural language processing and understanding is likely to revolutionise human-computer interactions. Conversational AI, chatbots and virtual assistants will become more sophisticated, enabling seamless communication between users and online platforms. In addition, AI-driven automation will continue to streamline various aspects of the Internet industry. From content creation and curation to logistics and supply chain management, automation will optimise efficiency and reduce costs. This will not only benefit businesses, but also contribute to a faster and more responsive Internet ecosystem.

However, these advances come with certain challenges, such as ethical concerns around data privacy and the potential for job displacement. Striking a balance between innovation and the responsible use of AI will be crucial for the sustainable growth of the Internet industry. AI is a global technology with a wide range of applications, some of which are not yet foreseeable, which means that clear assessments of the opportunities and risks in certain application areas are not always possible. In this respect, the ex-ante regulation of use cases cannot address the complexity of AI and its applications and risks weakening Europe’s capacity for innovation.

It is clear that the symbiotic relationship between AI and the Internet industry is reshaping the digital landscape. Challenges remain, but the future holds the promise of an Internet ecosystem that is smarter, more responsive and more attuned to the needs of its users. Embracing these changes with a thoughtful and balanced approach will be key to realising the full potential of AI in shaping the future of the European Internet industry.

Lars Steffen
EuroISPA Vice-President
Head of International, Digital Infrastructures and Resilience at eco – Association of the Internet Industry