European E-Commerce & Telecommunications Law

European E-Commerce & Telecommunications Law Lukas Feiler, Ph.D., SSCP Associate, Wolf Theiss Attorneys at Law European E-Commerce & Telecommunications Law, June 1 & 4, 2012 1

European E-Commerce Law Information requirements Unsolicited commercial communication (Spam) ISP Liability European Telecommunications Law Telecommunications 101 Regulatory authorities Data protection & the Data Retention Directive Market regulation Net neutrality European E-Commerce & Telecommunications Law, June 1 & 4, 2012 2

European E-Commerce Law Harmonization by directives (no regulations) Regulation: is binding in its entirety and directly applicable in all Member States Directive: binding upon each Member State & shall leave to the national authorities the choice of form and methods E-Commerce Directive (2000/31/EC) Information requirements Unsolicited commercial communication ISP Liability Distance Selling Directive (97/7/EC) Unsolicited commercial communication Contract law European E-Commerce & Telecommunications Law, June 1 & 4, 2012 3

Scope of the E-Commerce Directive Covers all information society services any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services European E-Commerce & Telecommunications Law, June 1 & 4, 2012 4

Scope of the E-Commerce Directive Examples A digital TV broadcasting station? not at the individual request of a recipient A free blog that sells no advertisements? Not provided for remuneration A company s website which is only offered for marketing purposes? Yes, also considered as normally provided for remuneration as it advertises commercial services An online retailer? yes European E-Commerce & Telecommunications Law, June 1 & 4, 2012 5

Information Requirements under the E-Commerce Directive The following information has to be easily, directly and permanently accessible: name of the service provider geographic address at which the service provider is established Contact details, that allow direct and effective communication, including the provider s e-mail address trade register in which the service provider is entered and his registration number e.g. number in a commercial register European E-Commerce & Telecommunications Law, June 1 & 4, 2012 6

Information Requirements under the E-Commerce Directive #2 The following information has to be easily, directly and permanently accessible (cont d): Information about the supervisory authority (if any) VAT identification number if the provider is a member of a regulated profession professional body with which it is registered professional title and Member State where granted reference to the applicable professional rules Easily, directly, and permanently accessible e.g. a link at the bottom of each page, named About or Imprint European E-Commerce & Telecommunications Law, June 1 & 4, 2012 7

Information Requirements under the E-Commerce Directive #3 Additional information requirements if contracts can be concluded electronically: technical steps to follow to conclude the contract whether concluded contract will be accessible technical means for identifying & correcting input errors languages offered for the conclusion of the contract relevant codes of conduct to which the provider subscribed Contract terms and general conditions It must be possible to store and reproduce them European E-Commerce & Telecommunications Law, June 1 & 4, 2012 8

Unsolicited Commercial Communication (UCC/Spam) What is Spam? spiced ham How UCC became spam How can a user consent to receiving UCC? Opt-in: UCC may only be sent if prior consent was given Opt-out: UCC may be sent until (implicit) consent is revoked General opt-out: black list of addresses that do not wish to receive any spam European E-Commerce & Telecommunications Law, June 1 & 4, 2012 9

Unsolicited Commercial Communication (UCC/Spam) E-Commerce Directive art. 7 Email-Spam has to be clearly and unambiguously identifiable as such General opt-out for email-spam: natural persons may register themselves in an opt-out register that service providers have to consult regularly Distance Selling Directive art. 9 Opt-in for automatic calling machines & fax: prior consent needed Opt-out for all other means of individual communication (incl. email) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 10

Unsolicited Commercial Communication Summary Email Fax & automated calling machines Others (e.g. Facebook messages) Opt-in Distance Selling Directive art. 9(1) Opt-out Distance Selling Directive art. 9(2) Distance Selling Directive art. 9(2) General opt-out E-Commerce Directive art. 7(2) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 11

Spamming under U.S. Law CAN-SPAM Act of 2003, 15 U.S.C. 7701 et seq. Individual opt-out Spammers have to honor opt-out request within 10 business days. 15 U.S.C. 7704(a)(4). General opt-out CAN-SPAM Act called for the FTC to establish a Do-Not-E-Mail registry However, in 2004, the FTC decided not to implement the registry, arguing that any opt-out list would be abused by spammers is that a valid argument? European E-Commerce & Telecommunications Law, June 1 & 4, 2012 12

Liability of Internet Service Providers under EU Law The E-Commerce Directive provides exemptions from liability for Internet access services (mere conduit) Caching services Hosting services The exemptions apply to all areas of the law, including intellectual property law European E-Commerce & Telecommunications Law, June 1 & 4, 2012 13

Liability Exemption for Internet Access Providers An Internet access provider is not liable for the information transmitted if it (E-Commerce Directive art. 12) does not initiate the transmission; does not select the receiver of the transmission; and does not select or modify the information contained in the transmission. Result: No liability even if Internet access provider has actual knowledge of infringing content European E-Commerce & Telecommunications Law, June 1 & 4, 2012 14

Liability Exemption for Caching Providers A caching provider is not liable for the information temporarily stored if it (E-Commerce Directive art. 13) does not modify the information; complies with conditions on access to the information complies with common rules on updating of the information does not interfere with the lawful use of technology commonly used to obtain data on the use of the information; expeditiously removes information upon obtaining actual knowledge of the fact that the information at the initial source of the transmission has been removed Result: No liability even if caching provider has actual knowledge of infringing content European E-Commerce & Telecommunications Law, June 1 & 4, 2012 15

Liability Exemption for Hosting Providers A hosting provider is not liable for the information stored if it (E-Commerce Directive art. 14) is not aware of facts or circumstances from which the illegal information is apparent; or upon obtaining such awareness acts expeditiously to remove or to disable access to the information Result: Notice and take-down regime European E-Commerce & Telecommunications Law, June 1 & 4, 2012 16

Liability Exemptions for ISPs under U.S. law Communications Decency Act 502, codified at 47 U.S.C. 230 Covers all interactive computer service providers no liability, even if knowledge of the information in question (Zeran v. Am. Online, Inc., 129 F.3d 327 (4th Cir. 1997)) does not apply with regard to any law pertaining to intellectual property Coypright Act 512 similar to the E-Commerce Directive but Hosting provider: willful blindness may constitute knowledge (Viacom Int'l, Inc. v. YouTube, Inc., 676 F.3d 19 (2d Cir. 2012)) No safe harbor for vicarious liability (right and ability to supervise & direct financial interest) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 17

Injunctions Against ISPs E-Commerce Directive art. 12(3), 13(2), and 14(3) all state that the liability exemptions shall not affect the possibility for a court or administrative authority, in accordance with Member States legal systems, of requiring the service provider to terminate or prevent an infringement Injunctive relief is therefore available against ISPs European E-Commerce & Telecommunications Law, June 1 & 4, 2012 18

Website Blocking Injunctions under EU Copyright Law Copyright Directive (2001/29/EC) art. 8(3) provides Member States shall ensure that rightholders are in a position to apply for an injunction against intermediaries whose services are used by a third party to infringe a copyright or related right. Case C-324/09, L Oréal SA v. ebay: injunctions are not limited to measures which contribute to bringing infringements to an end but may also cover measures which contribute to preventing further infringements of that kind. European E-Commerce & Telecommunications Law, June 1 & 4, 2012 19

Website Blocking Injunctions under EU Copyright Law Possible Issues Are Internet access providers intermediaries? Case C-557/07, LSG v. Tele2: Yes! Are the Internet access services used by a third party to infringe a copyright? Who uses and who infringes? European E-Commerce & Telecommunications Law, June 1 & 4, 2012 20

Website Blocking Injunctions under EU Copyright Law ECJ Case Law Case C-70/10, Scarlet Extended v. SABAM: injunction that requires active monitoring of all data relating to each customer would violate the fundamental rights of the ISP concerned to conduct its business; of users to receive or impart information; and of users to protection of personal data Is a website blocking injunction a similarly severe interference with fundamental rights? European E-Commerce & Telecommunications Law, June 1 & 4, 2012 21

How to Implement Website Blocking Injunctions Three basic possibilities DNS blocking IP blocking Proxy European E-Commerce & Telecommunications Law, June 1 & 4, 2012 22

Implementing Website Blocking Injunctions DNS Blocking The access provider s DNS server has to be reconfigured Possible circumvention For users: alternative DNS server use IP address For website operators Choose different domain European E-Commerce & Telecommunications Law, June 1 & 4, 2012 23

Implementing Website Blocking Injunctions IP Blocking IP blocking via remote-triggered black hole filtering 1. Configure a static route to Null0 Interface on all Edge Routers (e.g. for 192.0.2.0/24) 2. At the Triggering Router: configure e.g. 192.0.2.1 as next hop for the IP address to be blocked 3. Distribution of the routing information to all Edge Routers via ibgp European E-Commerce & Telecommunications Law, June 1 & 4, 2012 24

Implementing Website Blocking Injunctions IP Blocking #2 Costs for the Internet access provider One-time costs: configuring the edge routers (if not already) Adding a route at the Triggering Router Possible circumvention For users: Directing all traffic via a proxy server For website operators: Changing their IP address Overbreadth One IP address may be used to host multiple unrelated websites European E-Commerce & Telecommunications Law, June 1 & 4, 2012 25

Implementing Website Blocking Injunctions Proxy All traffic is routed over a proxy server It can perform filtering base on URLs or content Problem: encryption Costs for access provider Very high Possible circumvention For users similar to IP blocking European E-Commerce & Telecommunications Law, June 1 & 4, 2012 26

Proportionality of Website Blocking Injunctions revisited Proportionality of the measure to the ISP s fundamental right to conduct its business cost vs. benefit the users fundamental right to protection of personal data Differences between IP/DNS blocking and proxy-based blocking the users fundamental right to receive or impart information IP blocking vs. DNS blocking European E-Commerce & Telecommunications Law, June 1 & 4, 2012 27

Website Blocking Injunctions under EU Copyright Law Nat l Case Law Netherlands: BREIN v. UPC, District Court of The Hague, May 10, 2012, case No. 413085: injunction issued (The Pirate Bay) U.K.: Dramatico Entertainment v. British Sky Broadcasting, High Court, May 2, 2012, [2012] EWHC 1152 (Ch.): injunction issued (The Pirate Bay) Austria: Constantin Film v. UPC, Superior Regional Court, Nov. 14, 2011, docket No. 1 R 153/11v: injunction issued (www.kino.to) Finland: IFPI Finland v. Elisa Corp., Helsinki District Court, Oct. 26, 2011, docket No. H 11/20937: injunction issued (The Pirate Bay) Belgium: VZW v. NV Telenet, Andwerpen Court of Appeal, Sept. 26, 2011, docket No. 2011/8314: injunction issued (The Pirate Bay) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 28

Website Blocking Injunctions under EU Copyright Law Nat l Case Law U.K.: Twentieth Century Fox Film Corp. v. BT, High Court, July 28, 2011, [2011] EWHC 1981 (Ch.): injunction issued (newzbin.com) Denmark: Telenor v. IFPI Denmark, Danish Supreme Court, May 27, 2010, docket No. 153/2009: injunction issued (thepiratebay.org) Italy: Bergamo Public Prosecutor's Officer v. Kolmisappi, Italian Supreme Court of Cessation, Sept. 29, 2009, n.49437/09: injunction issued (thepiratebay.org) Denmark: IFPI Denmark v. Tele2, City Court of Copenhagen, Oct. 25, 2006, docket No. F1-15124/2006: injunction issued (AllOfMP3.com) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 29

Website Blocking Injunctions under EU Copyright Law Nat l Case Law In the following cases an injunction was denied because Copyright Directive art. 8(3) had not been transposed into national law: Germany: EMI v. Hansenet, Regional Court Cologne, Aug. 31, 2011, docket No. 28 O 362/10 Norway: Nordic Records Norway v. Telenor, Court of Appeal, Feb. 9, 2010, docket No. 10-006542ASK-BORG/04 Ireland: EMI Records v. UPC, Irish High Court, Oct. 11, 2010, [2010] IEHC 377 European E-Commerce & Telecommunications Law, June 1 & 4, 2012 30

Website Blocking Injunctions under EU Copyright Law Nat l Case Law Injunctions issued Austria Belgium Denmark Finland Italy Netherlands U.K. Injunctions denied Germany Ireland Norway (Non-EU-MS) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 31

Website Blocking Injunctions under U.S. Law U.S. Copyright Act 512(j)(1)(B)(ii): A court may grant injunctive relief in the following form: An order restraining the service provider from providing access, by taking reasonable steps specified in the order to block access, to a specific, identified, online location outside the United States. So far, only a single case: Arista Records, Inc. v. AT&T Broadband Corp., No. 1:02CV06554, 2002 WL 34593743 (S.D.N.Y. Aug. 16, 2002) Plaintiffs sought an injunction against Internet backbone operators to block the Chinese website Listen4Ever Complaint was voluntarily withdrawn European E-Commerce & Telecommunications Law, June 1 & 4, 2012 32

European Telecommunications Law Telecommunications 101 Regulatory authorities Data protection & traffic data retention Market regulation Net neutrality European E-Commerce & Telecommunications Law, June 1 & 4, 2012 33

The History of Telecommunications in the EU Telecommunications providers were typically stateowned monopolies until the 1990s One operator per country until 1990s Was it any different from the situation in the U.S.? Regulation was deemed necessary to create competition Today, multiple telecommunications providers operate in each Member State. However: prices for telecommunications services differ greatly from one Member State to another European E-Commerce & Telecommunications Law, June 1 & 4, 2012 34

Market Comparison: Prices of Mobile Voice Communication Per Minute Source: European Commission, Progress Report on the Single European Electronic Communications Market 2009, COM (2010) 253 final European E-Commerce & Telecommunications Law, June 1 & 4, 2012 35

The EU Regulatory Framework for Telecommunication Framework Directive (2002/21/EC): regulatory authorities and general matters eprivacy Directive (2002/58/EC): privacy issues Universial Service Directive (2002/22/EC): mandatory quality of service Authorisation Directive (2002/20/EC): rules for the authorization of the provision of communications networks Access Directive (2002/19/EC): rules for the sharing of telecommunications facilities Data Retention Directive (2006/24/EC): traffic data retention BEREC Regulation (Reg. No 1211/2009): establishing the Body of European Regulators for Electronic Communications European E-Commerce & Telecommunications Law, June 1 & 4, 2012 36

Telecommunication Defined Electronic communications service (Framework Directive art. 2(c)) a service normally provided for remuneration which consists wholly or mainly in the conveyance of signals on electronic communications networks exclud[ing] services providing, or exercising editorial control over, content Electronic communications network (Framework Directive art. 2(a)) transmission systems and, where applicable, switching or routing equipment and other resources [ ] which permit the conveyance of signals by wire, radio, optical or other electromagnetic means European E-Commerce & Telecommunications Law, June 1 & 4, 2012 37

Examples of Electronic Communications Services? A WiFi hotspot you operate at home (configured for public access)? Not normally provided for remuneration A mail service (e.g. Gmail)? Does not consist wholly or mainly in the conveyance of signals European E-Commerce & Telecommunications Law, June 1 & 4, 2012 38

Examples of Electronic Communications Services? A news website (e.g. nytimes.com)? Services that exercise editorial control over content are excluded Voice over IP (VoIP) services? Only if the VoIP service allows calls from or to the public switched telephone network European E-Commerce & Telecommunications Law, June 1 & 4, 2012 39

Regulatory Authorities National regulatory authorities (Framework Directive art. 3 et seq.) Of primary importance for operators Independent from regulated entities Structural separation from rest of government if Member State retains partial ownership in an operator European Commission Can issue binding opinions to national regulatory authorities in the area of market regulation BEREC (Body of European Regulators for Electronic Communications) Advisory role vis-à-vis the European Commission & national regulatory authorities European E-Commerce & Telecommunications Law, June 1 & 4, 2012 40

Regulatory Authorities #2 European Network and Information Security Agency (ENISA) Non-regulatory agency Only advises the European Commission European E-Commerce & Telecommunications Law, June 1 & 4, 2012 41

Data Protection Confidentiality of Communications Governed by the eprivacy Directive More specific than general Data Protection Directive (95/46/EC) Confidentiality of communications (eprivacy Directive art. 5) Covers all communications and related traffic data all traffic data has to be deleted once it is not needed anymore for billing purposes Confidentiality has to be maintained unless the end-user has freely given his specific and informed consent European E-Commerce & Telecommunications Law, June 1 & 4, 2012 42

Confidentiality of Communications Example In 2007, British Telecom (BT) used a software known as Phorm to monitor the web surfing behavior of its end-users in order to deliver personalized advertisements Users were asked to opt in by declaring that they wanted to participate in a trial that would increase their bandwidth Monitoring violates the confidentiality of communications informed consent necessary but none given European E-Commerce & Telecommunications Law, June 1 & 4, 2012 43

The Data Retention Directive (2006/24/EC) Basic idea: to retain, for at least 6 months, who communicated with whom when and from where Timeline Madrid train bombings in 2004 and London bombings in 2005 Data Retention Directive was adopted on March 15, 2006 To be transposed into national law until Sept. 15, 2007; as regards Internet traffic data until March 15, 2009 Multiple Member States transposed the Directive only after infringement proceedings were initiated by the Commission Germany has still not transposed the Directive European E-Commerce & Telecommunications Law, June 1 & 4, 2012 44

Traffic Data to be Retained General principles Concerns only traffic and location data, not the contents of communication Concerns only data already generated or processed by operators (e.g. no obligation to collect the names and addresses of previously anonymous customers) Data has to be retained for at least 6 months but no more than 2 years Purpose: investigation, detection and prosecution of serious crime, as defined by each Member State in its national law European E-Commerce & Telecommunications Law, June 1 & 4, 2012 45

Traffic Data to be Retained Scope of Covered Fields Data only has to be retained with regard to the following services: 1) Fixed network telephony 2) Mobile telephony 3) Internet access 4) Internet e-mail 5) Internet telephony Everything else is not covered! e.g. hosting providers & website operators Why do you think, that is? European E-Commerce & Telecommunications Law, June 1 & 4, 2012 46

Traffic Data to be Retained For fixed network telephony & mobile telephony (incl. text messages) telephone number, name, and address of both parties date and time of the start and end of the communication type of telephone service used (e.g. text message) Plus, for mobile telephony: International Mobile Subscriber Identity (IMSI) International Mobile Equipment Identity (IMEI) Cell ID at the start of the communication In case of pre-paid anonymous mobile telephony services: Date, time & cell ID of initial activation European E-Commerce & Telecommunications Law, June 1 & 4, 2012 47

Traffic Data to be Retained #2 For Internet access services allocated IP address name and address of the subscriber user ID(s) in case of dial-up access: calling telephone number date and time of the log-in and log-off DSL or other end point on the user's side in the case of mobile Internet access cell ID when Internet connection is established European E-Commerce & Telecommunications Law, June 1 & 4, 2012 48

Traffic Data to be Retained #3 Internet e-mail service the sender's and the recipient's names, and addresses e-mail addresses telephone numbers in case of dial-up access DSL or other end points date and time of the log-in and log-off of the Internet e-mail service European E-Commerce & Telecommunications Law, June 1 & 4, 2012 49

Traffic Data to be Retained #4 Internet telephony (VoIP) both parties VoIP addresses names and addresses telephone number (in case of VoIP-to-PSTN or if a dial-up Internet access is used) DSL or other end points on either user's side date and time of the log-in and log-off of the Internet telephony service If a mobile device is used: cell ID at the start of the communication European E-Commerce & Telecommunications Law, June 1 & 4, 2012 50

Who Has to Retain Traffic Data? Providers of publicly available electronic communications services i.e. operators selling their services to end-user Providers of public communications networks i.e. providers who rent out their infrastructure to service providers Such as Internet backbone operators European E-Commerce & Telecommunications Law, June 1 & 4, 2012 51

Who Has to Retain Traffic Data? - Examples A WiFi hotspot somebody operates from his or her home? No; not normally provided for remuneration not a provider of a public communications service Gmail, Hotmail, GMX, Facebook? No; no service that consists wholly or mainly in the conveyance of signals not providers of public communications services An Internet access provider yes A company that operates its own mail server for business purposes (e.g. a law firm)? No; not a public service European E-Commerce & Telecommunications Law, June 1 & 4, 2012 52

Access to Retained Data Access by law enforcement agencies The data is retained for the investigation, detection, and prosecution of serious crime, as defined by each Member State in its national law each Member State regulates access to retained data differently Access by private entities (e.g. copyright holders) Outside the scope of the Data Retention Directive but may be provided for by a Member State (Case C-461/10, Bonnier Audio v Perfect Communication Sweden, Apr. 19, 2012) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 53

Who has to pay for it? Each Member State can decide whether network and service providers can (partly) recover their expenses Result: Distortion of competition between operators established in different Member States European E-Commerce & Telecommunications Law, June 1 & 4, 2012 54

Circumvention Measures How can (and, in fact, do) people prevent the retention of their data? Telephony Use of telephone booths and prepaid mobile phones Internet access Use of a public WiFi access point E-mail services Use of a mail service provider that is itself not a provider of a public communications service or network (e.g. Gmail) Plus: communicate only via encrypted mail protocols Use of any messaging service other than e-mail Facebook messages, Usenet, IRC, instant messaging software, European E-Commerce & Telecommunications Law, June 1 & 4, 2012 55

Effectiveness of Data Retention How does retained traffic data help us to investigate, detect, and prosecute crime? Investigate/prosecute Dynamic IP addresses are no longer anonymous It can be determined who was at the scene of the crime Video example of geo-tracking Accomplices may be identified more easily (if they were not smart enough) Detect traffic analysis, social network analysis, and data mining European E-Commerce & Telecommunications Law, June 1 & 4, 2012 56

Effectiveness of Data Retention #2 Why data mining does not help in the fight against terror: Assumption data mining system has accuracy of 99% there are 100 real terrorists in the EU s population of 500 million What is the probability that a person identified as a terrorist is, in fact, a terrorist? Not 99% but 0.002% (= 1 in 50,000) Known as the base rate fallacy The prior probability (base rate) is 100 to 500 million System correctly identifies 99% of the terrorists = 99 System incorrectly identifies 1% of the 500 million = 5 million European E-Commerce & Telecommunications Law, June 1 & 4, 2012 57

Proportionality of the Data Retention Directive? Does the government s interest to retain traffic and location data for the purpose of the investigation, detection, and prosecution of crime outweigh the citizens interest in their privacy? To consider How severe is the interference with the fundamental right to privacy? How effective is the data retention? European E-Commerce & Telecommunications Law, June 1 & 4, 2012 58

Future Developments in the Area of Data Retention Legal challenge by Digital Rights Ireland before the ECJ Compliance with the EU Charter of Fundamental Rights? The European Commission has announced plans to revise the Directive European E-Commerce & Telecommunications Law, June 1 & 4, 2012 59

Market Regulation Traditional competition law (anti-trust law) Prohibition of cartels (concerted practices) Merger control Abuse of dominant market position Legal consequences only if dominant position is abused ex post market regulation Ex ante market regulation in telecommunications law Dominant market position in itself creates legal consequences intended to prevent an abuse before it even happens (ex ante) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 60

Ex Ante Market Regulation If an operator has significant market power National Regulatory Authority (NRO) has to impose appropriate obligations (Access Directive art. 8 et seq.) Non-discrimination in relation to interconnection and/or access (art. 10) Accounting separation to make cross-subsidization transparent (art. 11) Permitting other operators to use network facilities (art. 12) Price control (art. 13) If these measures fail to achieve effective competition Disintegration of vertically integrated operators European E-Commerce & Telecommunications Law, June 1 & 4, 2012 61

Ex Ante Market Regulation Who Has Significant Market Power? Step 1: NRAs have to define the relevant market (Framework Directive art. 15) European Commission adopted a Recommendation on Relevant Product and Service Markets Consultation procedure: Commission has veto-power if NRAs do not follow the Recommendation Step 2: NRAs have to perform a market analysis (Framework Directive art. 14, 16) significant market power: operator enjoys a position of economic strength affording it the power to behave independently of competitors, customers and ultimately consumers NRA determination is subject to the Commission s veto-power European E-Commerce & Telecommunications Law, June 1 & 4, 2012 62

Net Neutrality What is Net Neutrality? The principle that all electronic communication passing through a network is treated equally, i.e. independent of 1) content; 2) application; 3) service; 4) device; 5) sender address; and 6) receiver address. Not covered: Offering different bandwidths to users, depending on how much they pay per month (no discrimination of content but of users) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 63

Examples of Interferences with Net Neutrality Peer-to-peer (P2P) downloads are slowed down An Internet access provider blocks services that are in competition with its own services e.g. blocking Skype for mobile phones VoIP is given a higher priority to ensure a high voice quality An Internet access provider only permits one service for a specific type of content e.g. only allows Netflix but no other video-ondemand provider European E-Commerce & Telecommunications Law, June 1 & 4, 2012 64

Net Neutrality Possible Business Models Price differentiation between content providers (option #1) Faster data transfer to the access provider s customers in exchange for special compensation Data transfer to the customers only in exchange for compensation (e.g. exclusivity agreements) Price differentiation between subscribers (option #2) Only those who pay more get access to all services/websites Those who pay less do not get access to, e.g., social networking websites or Skype European E-Commerce & Telecommunications Law, June 1 & 4, 2012 65

Does Net Neutrality Matter? The economic argument: Net Neutrality enables innovation (end-to-end principle) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 66

Does Net Neutrality Matter? The political argument: Net Neutrality enables decentralized, nonmarket-based production of ideas & content content producers access provider content consumers European E-Commerce & Telecommunications Law 67

Net Neutrality under EU Law Competition Law Prohibition of the abuse of a dominant market position (Art 102 TFEU) Operators that have a dominant market position are in particular prohibited from discriminating trading parties It would thus be prohibited if such operators charged different content providers different prices without an objective justification blocked content providers or services (e.g. Skype) in order to give their own services a competitive advantage (e.g. their own mobile phone service) European E-Commerce & Telecommunications Law, June 1 & 4, 2012 68

Net Neutrality under EU Law Contract Law The law of service contracts is not harmonized in the EU However, the principles of the Consumer Sales Directive (1999/44/EC) apply in many Member States Generally, goods/services are only in conformity with the contract if they meet typical & reasonable consumer expectations If the service is not in conformity with the contract, the consumer has the right to have the service brought into conformity free of charge; to have the price reduced appropriately; or to rescind the contract. In many Member States, operators may only limit Net Neutrality if the contract explicitly allows them to do so European E-Commerce & Telecommunications Law, June 1 & 4, 2012 69

Net Neutrality under EU Law Transparency Transparency is a precondition for competition Information requirements under Universal Service Directive art. 20 Mandatory disclosure of any procedures put in place by the operator to measure and shape traffic European E-Commerce & Telecommunications Law, June 1 & 4, 2012 70

Net Neutrality under EU Law Loss of Liability Limitations E-Commerce Directive art. 12: An Internet access provider is not liable for the information transmitted if it does not initiate the transmission; does not select the receiver of the transmission; and does not select or modify the information contained in the transmission. What if an access provider only allows specifically selected content providers access to its customers (white list)? What if an access provider allows all access to its customers except certain few (black list)? European E-Commerce & Telecommunications Law, June 1 & 4, 2012 71

Net Neutrality under U.S. law A Brief Comparison FCC Open Internet Rules (76 Fed. Reg. 15,192 (Sept. 23, 2011) codified at 47 C.F.R. pt. 8) Transparency All broadband providers have to disclose network management practices No blocking Fixed broadband: no blocking whatsoever Mobile broadband: No blocking of lawful websites No blocking of applications that compete with own services [does not apply to app stores] No unreasonable discrimination: only applies to fixed broadband European E-Commerce & Telecommunications Law, June 1 & 4, 2012 72

Thank you! European E-Commerce & Telecommunications Law, June 1 & 4, 2012 73

Contact Details Lukas Feiler, Ph.D., SSCP Wolf Theiss Attorneys at Law Schubertring 6, 1010 Vienna Tel: (+ 43 1) 515 10 5090 Fax: (+ 43 1) 515 10 665090 e-mail: lukas.feiler@wolftheiss.com www.wolftheiss.com European E-Commerce & Telecommunications Law, June 1 & 4, 2012 74

Recommended Reading General Reading on Telecommunications Tim Wu, The Master Switch (2011) Data Retention Lukas Feiler, The Legality of the Data Retention Directive in Light of the Fundamental Rights to Privacy and Data Protection, European Journal of Law and Technology, Vol. 1, No. 3 (2010), http://ejlt.org/article/view/29/75 Net Neutrality Lawrence Lessig, The Future of Ideas (2001) p. 26-48 Yochai Benkler, The Wealth of Networks (2006) p. 99-106, 460-473 Barbara Van Schewick, Internet Architecture and Innovation (2010) Website Blocking Injunctions Jack Goldsmith & Tim Wu, Who Controls the Internet? (2006) Lukas Feiler, Website Blocking Injunctions under EU and U.S. Copyright Law (2012), TTLF Working Paper No. 13, http://ttlf.stanford.edu European E-Commerce & Telecommunications Law, June 1 & 4, 2012 75