Since the launch of the Digital Single Market (DSM) strategy in 2015,2 the European Commission has presented 35 legislative proposals and policy initiatives to boost the European digital revolution.
In addition to proposals tabled in the second half of 2016 (such as the new rules on copyright, the connectivity package and the reform of the Audiovisual Media Service Directive), in January 2017 the Commission issued a proposal for a regulation on privacy and electronic communications (ePrivacy Regulation), aimed at complementing the General Data Protection Regulation (GDPR), which will apply from 25 May 2018.3
In May 2017, the Commission adopted the final report on the e-commerce sector inquiry launched in May 2015,4 which identifies certain practices that may restrict competition, such as platform bans, geo-blocking, and exclusivity of rights and content. On the basis of the findings of the inquiry, the Commission launched three investigations into possible anticompetitive practices in the e-commerce sector concerning video games, hotel accommodation and consumer electronics.
In June 2017, the Commission issued a long-awaited antitrust decision concerning alleged anticompetitive practices implemented by Google in the online search sector, which were sanctioned with the highest fine ever imposed under EU competition law.
i The regulators
The European Commission (Commission) is the most prominent regulatory body at the EU level. The Commission is equipped with a variety of regulatory and enforcement powers in areas related to TMT, including antitrust, privacy,5 online transactions, intellectual property6 and consolidation of the internal market for electronic communications.7 The adoption of the regulatory framework for electronic communications in 2009 has, inter alia, increased the Commission’s powers to oversee the measures proposed by national regulatory authorities (NRAs) to address problems relating to competition in the various telecommunications markets.
The Body of European Regulators for Electronic Communications (BEREC) was established by Regulation (EC) No. 1211/2009 (BEREC Regulation),8 and became fully functional in 2011. Its role is to guarantee consistent application of the EU regulatory framework by, for example, delivering opinions on NRAs’ draft regulatory measures and, upon request, offering assistance to NRAs in carrying out their duties under EU law. The Commission also turns to the BEREC before adopting recommendations on relevant product and service markets, which NRAs must rely on in defining the relevant national markets. The Commission may also task the BEREC with carrying out ad hoc market studies. In September 2016, the European Commission proposed an updated BEREC Regulation to transform BEREC into a fully-fledged agency.9
ii Regulated activities
In 2002, the EU adopted a new comprehensive regulatory framework for electronic communications networks and services with the aim of fostering a consistent regulatory approach across the EU. In 2009, Directive 2009/140/EC,10 Directive 2009/136/EC11 and Regulation (EC) No. 1211/2009 were adopted to improve and revise the 2002 regulatory framework.
As part of the DSM strategy, in May 2015 the Commission announced a complete review of the framework for telecommunications. The consultation closed in December 2015. In the context of the 2016 annual State of the Union,12 the Commission presented the connectivity package, proposing to strengthen the role of BEREC and to recast four existing telecoms directives (the Framework, Authorisation, Access and Universal Service Directives) into a new European Electronic Communications Code.13
The Code would overhaul the current EU telecoms rules by merging the four existing directives into a single piece of legislation. New rules on access to networks should create incentives to invest, especially in fibre. Moreover, the new rules would be based on the principle of ‘same service, same rules’, which aims at creating a level-playing field for all players providing similar services (including OTT services). The approval of this legislative proposal is not expected before 2018.
Within the framework of the DSM strategy, on 14 September 2016 the Commission proposed new rules to modernise the EU copyright regime, including two regulations and two directives.14 This set of legislative proposals aims to ensure wider online access to content in the EU and reach new audiences; adapt certain exceptions to the digital cross-border environment; and foster a well-functioning and fair copyright marketplace. The proposed measures should make it easier for content providers to improve their online offers across EU borders by introducing, inter alia, a legal mechanism to obtain authorisations more easily from right holders. Moreover, the improved copyright rules introduce four mandatory exceptions to copyright for the purposes of education, research, cultural heritage and inclusion of disabled people. Finally, the proposed measures should create a fairer online environment for creators of content and the press by reinforcing the position of right holders to negotiate remuneration for their creative content.
The regulation of audiovisual content is addressed by the Television Without Frontiers Directive. With the last revision in 2007, the Directive was renamed the Audiovisual Media Services Directive (AVMSD); it was then codified in 2010. In May 2016, the Commission tabled a proposal for its reform (see Section V).15
The Commission also has extensive investigative powers in the area of antitrust. It cooperates with national competition authorities (NCAs) to prohibit concerted practices, agreements restricting competition and unilateral anticompetitive behaviour. The Commission has exclusive jurisdiction over mergers above certain thresholds, including in the area of TMT.16
iii Ownership and market access restrictions
In principle, EU undertakings and undertakings from third states with reciprocity agreements can freely provide electronic communication services and networks. Under the Authorisation Directive, a prospective electronic communications provider needs an authorisation from the competent NRA. Obtaining this authorisation involves a procedure whereby an applicant notifies the NRA of its intentions without having to wait for any approval by the NRA.17 The information that may be requested in such a notification must be limited to what is necessary to identify the provider. By contrast, the use of spectrum in telecommunications is subject to a licence granted by Member States. The Authorisation Directive lays down not only rules governing the procedures for granting general authorisations or rights to use radio frequencies or numbers and the content of those authorisations, but also rules setting out the nature and scope of the financial payments related to those procedures that Member States may impose on electronic communications providers.18
III TELECOMMUNICATIONS AND INTERNET ACCESS
i Internet and internet protocol regulation
On 25 November 2015, the European Parliament and the Council adopted Regulation (EU) No. 2015/2120 (Open Internet Regulation).19
The Open Internet Regulation aims, first of all, to safeguard net neutrality. Within the EU, all internet traffic will be treated equally, subject to some specific public-interest exceptions (e.g., those concerning network security and child pornography). Providers of internet access services must abstain from any discrimination, restriction or interference, irrespective of the sender and receiver, the content accessed or distributed, the applications or services used or provided, or the terminal equipment used.20 Blocking, throttling, degradation or discrimination of internet traffic by ISPs is prohibited. Internet access providers can still adopt different traffic management measures without being discriminatory, but only for ‘objectively different categories of traffic’ (e.g., services like e-medicine), rather than for commercial reasons.21
Traffic management measures that do not comply with the above requirements are allowed only under three specific exceptions: compliance with EU or national legislation that requires, for example, blocking of specific content, applications or services; protection of the integrity and security of the network; and prevention of network congestions that are temporary or occur in exceptional circumstances.
For a limited number of services, such as high-quality voice calling on mobile networks, linear (live) broadcasting IPTV services with specific quality requirements and real-time health services (e.g., remote surgery), for which an assured level of access is indispensable to deliver the service, the Regulation allows for the provision of ‘fast lanes’ provided that network capacity is sufficient.22
In addition, the Regulation provides for the end of roaming charges from 15 June 2017 through a gradual one-year phase-out process.
ii Universal service
Under EU law, telecoms operators should provide to all citizens a basic set of fixed network electronic communications services irrespective of end-users’ location and profitability. Access to broadband internet has traditionally been considered outside the scope of universal service at the EU level.23 However, on 19 January 2016 the European Parliament welcomed a review of the Universal Service Directive to ensure the requirements of high-speed broadband internet access are fit for purpose to reduce the digital divide.24
The Commission’s major contribution to achieve the goal of ‘broadband for all’ is the adoption of:
- a a 2010 Broadband Communication outlining a common framework within which EU and national policies should be developed to lower the costs of broadband deployment throughout the entire EU territory;
- b a 2010 Recommendation on next-generation access networks (NGA Recommendation);
- c a 2013 Recommendation on non-discrimination obligations and costing methodologies for access services (Access Recommendation); and
- d 2013 guidelines for the application of state aid rules relating to the rapid deployment of broadband networks.25
On 11 June 2015, the EU Court of Justice (CJEU) issued a judgment clarifying the scope of the Universal Service Directive.26 It remarked that the Directive expressly enacts an obligation to guarantee the connection at a ‘fixed location’ to a public communications network. However, ‘mobile’ communication services are excluded from the minimum set of universal services defined by the Universal Service Directive.
In the framework of the proposal for an Electronic Communications Code, the Commission proposed modernising the EU universal service rules. Pursuant to Article 79 of the Code, Member States would be under an obligation to provide affordable access to basic broadband and voice communications services at least at a fixed location. Broadband would be ‘defined by referring to a functional internet access connection defined on the basis of a minimum list of online services available to end-users', such as email, social media, instant messaging, calls and video calls.27
iii Restrictions on the provision of service
The Commission adopted the NGA Recommendation on 20 September 2010.28 The NGA Recommendation seeks to provide NRAs with guidance to promote a common approach when deciding whether to impose obligations on incumbents in connection with NGA networks.
The scope of the Recommendation primarily covers remedies to be imposed on operators deemed to have significant market power.29 However, where it is justified on the grounds that duplication of infrastructure is economically inefficient or physically impracticable, NRAs may also impose obligations of reciprocal sharing of facilities on non-dominant undertakings, which would be appropriate to overcome bottlenecks in the civil engineering infrastructure and terminating segments.
The proposed European Electronic Communications Code reaffirms these principles, including the obligation for operators with significant market power to grant access to civil infrastructure, such as poles and ducts.30
After a long debate with BEREC and NRAs, the Commission published a recommendation on access remedies on 11 September 2013.31 The Access Recommendation relies on two pillars: ensuring equivalence of access and setting out a harmonised costing methodology.
As to the first pillar, the Commission suggests that equivalence of input (EoI) (i.e., the supply to competitors of the same access services enjoyed by the vertically integrated company’s downstream units) is in principle ‘the surest way’ to avoid non-price-related discrimination.32
As to the second pillar, according to former Commissioner Kroes, there is a ‘need to lift price regulation of high-speed networks where it is not warranted, and make regulation of copper prices stable and consistent across the EU’33 to guarantee market stability and regulatory consistency, thus favouring broadband investments. Therefore, the Commission suggested the adoption of a common costing methodology (called ‘bottom up – long run incremental cost +’) that, for copper-based local loop unbundling services, should have led to monthly tariffs within the price band of €8 to €10 per line.34
To enhance regulatory stability and market consistency, the Commission recommended that, once they have set tariffs within the mentioned price band, NRAs should not modify the costing methodology (and hence the tariffs) without a market-analysis procedure, and should avoid undue price fluctuations by ensuring stable access prices over at least two review periods (i.e., about six years).
The Commission has extensively relied on the Access Recommendation’s principles to criticise NRA proposals that were inconsistent with the above-mentioned principles.35
The European Electronic Communications Code proposed by the Commission also makes reference to the costing methodology set out in the Access Recommendation.36
Monitoring and control of content
The Electronic Commerce Directive37 explicitly sets out that no ‘intermediary’ should be obliged to engage in monitoring activities of a general nature (‘mere conduit’ rule).38 This was confirmed in the 2009 reform of the regulatory framework (see, in particular, Recital 30 of Directive 2009/136).
The interpretation of the mere conduit rule was probed in two cases before the CJEU, which concerned the possible responsibility of Scarlet (an ISP) and Netlog (a social networking website) for exchanges of allegedly unlawful content by its users.39 In essence, according to the CJEU, the EU framework does not require a hosting service provider to filter all information stored by users as a preventive measure.
However, the Court left open the question on the admissibility of injunctions against specifically determined copyright-infringing practices.
On 27 March 2014, the CJEU held that an ISP may be ordered to block its customers’ access to a copyright-infringing website (UPC Telekabel ).40 The CJEU provided guidance on the correct interpretation of Article 5, Paragraphs 1 and 2, Letter b), and 8, Paragraph 3, of the EU Copyright Directive,41 as well as some of the fundamental rights enshrined in EU law. Specifically, the Court held that Member States must ensure a fair balance among the fundamental rights at stake. Therefore, the fundamental rights concerned do not preclude an injunction on two conditions: that the measures taken by the ISP do not unnecessarily deprive users of the possibility of lawfully accessing the information available; and that those measures have the effect of preventing unauthorised access to the protected material or, at least, of making it difficult to achieve and seriously discouraging users from accessing the material that has been made available to them through breach of the intellectual property right.
In September 2016, the CJEU ruled on another case concerning the liability of free Wi-Fi network providers for copyright infringements committed by its users (Mc Fadden).42 The CJEU stated that under the ‘mere conduit’ rule, the provider of a free Wi-Fi connection cannot be held responsible for the download of unlawful content by its users. However, the copyright holder can seek an injunction ordering such open Wi-Fi to be protected with a password, as this would prevent future infringements by requiring users to reveal their identity.
Another crucial aspect concerning the role of ISPs relates to the ‘right to be forgotten’. On 13 May 2014, the CJEU held that, by searching systematically for information published on the internet, indexing websites, and recording and making them available, the operator of a search engine is ‘processing’ personal data within the meaning of Article 2(b) of Directive 95/46/EC (Google Spain).43
The Court did not describe such processing as unlawful, but clarified that even initially lawful processing of accurate data may become incompatible with the Directive ‘where those data are no longer necessary in the light of the purposes for which they were collected or processed […] in particular where they appear to be inadequate, irrelevant or no longer relevant, or excessive in relation to those purposes and in the light of the time that has elapsed’.44
Privacy and data retention45
As regards privacy, under the EU Data Protection Directive,46 the transfer of personal data from the EU to a country outside the EU or EEA may only take place if that third country ensures an adequate level of protection of the data. Article 25(6) of the Data Protection Directive enables the European Commission to adopt a decision on whether ‘a third country ensures an adequate level of protection […] by reason of its domestic law or of the international commitments it has entered into […] for the protection of the private lives and basic freedoms and rights of individuals'. In 2000, the Commission had adopted a decision on the adequacy of the protection provided by the Safe Harbor privacy principles with regard to the US (the Safe Harbor Adequacy Decision).47 On 6 October 2015, the CJEU invalidated the 2000 Safe Harbor Decision.48
At the beginning of February 2016, the Commission put forward a successor agreement (known as the EU–US Privacy Shield).49 As in the case of the former Safe Harbor Agreement, the Privacy Shield is intended to enable personal data of EU citizens to be transmitted to and processed in the United States. The final draft of the Privacy Shield, which was adopted by the Commission on 11 July 2016 by majority vote of the Member States, includes privacy principles that stipulate improved data protection requirements compared with the Safe Harbor with which US companies must comply if they want to be certified under the Shield. Following criticism of the first draft of the Privacy Shield, the Commission has endeavoured in a revised draft to assuage in particular the concerns expressed recently by the Article 29 Working Party, which comprises representatives from national data protection authorities in Europe.
On 12 July 2016, the Commission adopted the Privacy Shield Adequacy Decision,50 certifying that this measure ensures an adequate level of protection for the transfer of personal data in the US. On 16 September 2016, Digital Rights Ireland brought an action for annulment before the CJEU against the Commission’s adequacy decision,51 challenging in particular the legality of the mass recording of personal data by US public authorities, which remains possible under the Shield.
As regards data protection legislation, on 27 April 2016, the European Parliament and the Council adopted the General Data Protection Regulation (EU) No. 2016/67952 together with the Police and Criminal Justice Data Protection Directive (EU) No. 2016/680.53 The General Data Protection Regulation will apply from 25 May 2018; Member States should implement the Directive on data protection by 6 May 2018.
The Council and the Parliament made important changes to the Commission’s proposal, remarking that, inter alia:
- a data protection is not an absolute right and must be weighed against other fundamental rights;54
- b data portability is restricted to data provided by the individual and does not apply if it adversely affects the rights and freedoms of others;55
- c automated decision-making, including profiling, is permitted for fraud and tax evasion monitoring and prevention purposes, and to ensure the security and reliability of a service provided by the controller;56 and
- d sanctions are to be proportionate.57
The new rules principally advantage small and medium-sized enterprises, reducing unnecessary administrative requirements such as notification requirements for companies. The right to be forgotten has been reinforced, and a right to data portability facilitates transfer of personal data between service providers. Furthermore, the Regulation provides that market operators established outside Europe will have to apply the same rules when offering services in the EU, and it brings forward a ‘one-stop shop’ for companies and users, who will only have to deal with one single supervisory authority, facilitating cross-border operations and business in the EU.
The adoption of the Data Protection Regulation, which replaces Directive 95/46/EC, also affects the ePrivacy Directive,58 which is lex specialis for the electronic communications sector. The review is overdue, because most of the articles of the current Directive apply to traditional telecoms companies but not to the growing number of OTT providers (that is, providers using the internet to deliver content).59
Thus, on 10 January 2017, the European Commission presented a proposal for a ‘Regulation concerning the respect for private life and the protection of personal data in electronic communications’ (ePrivacy Regulation) aimed at repealing the current ePrivacy Directive. The new ePrivacy Regulation is discussed in more detail in Section VI.
On 6 July 2016, the Parliament and the Council approved the Network and Information Security (NIS) Directive (EU) No. 2016/1148,60 also known as the Cybersecurity Directive, which was developed within the framework of the Commission’s EU Cybersecurity Strategy.61 The Directive aims to ensure a high common level of network and information security across the EU through a set of wide-ranging measures that will generate cooperation and information-sharing mechanisms, and set minimum requirements for a broad scope of public and private players.62
Free flow of data and cloud computing
The DSM strategy calls for a ‘European free flow of data initiative’ to promote the free movement of data and encourage innovation in the EU while protecting personal data.63
In April 2016, the Commission launched the European Cloud Initiative,64 which includes a series of initiatives concerning the certification of cloud services, the switching of cloud service providers and the development of a European Open Science Cloud for European researchers. The Cloud Initiative also provides for the creation of a European data infrastructure. On 16 February 2017, the European Parliament adopted by a large majority a resolution on the European Cloud Initiative.
This is considered a key initiative, as estimates of the cost of an incomplete DSM for cloud computing are between €31.5 billion and €63 billion per year.65 On the other side, cloud computing can potentially contribute a total of €450 billion to the EU’s GDP between 2015 and 2020, as well as leading to the creation of an additional 1 million jobs and 300,000 companies in the EU throughout all sectors of the economy.66
On 10 January 2017, the Commission adopted a communication on ‘Building a European data economy’67 aimed at identifying unjustified restrictions on the free movement of data, such as data location restrictions.
In September 2017, the Commission adopted a proposal for a Regulation on the free flow of non-personal data in the EU.68 The proposal aims to achieve a more competitive and integrated internal market for data storage and other processing services and activities so as to unlock the potential of new digital technologies (e.g., cloud computing, big data, artificial intelligence and the internet of things). The new Regulation would address certain obstacles preventing the free movement of data within the EU for companies, public administrations and citizens. Inter alia, the proposal would remove unjustified or disproportionate national rules that hamper or restrict companies in choosing a location for storage or processing of their data; ensure that competent authorities have access to data stored or processed in another Member State to perform their tasks in line with their regulatory mandate, just as they do when the data are stored in their own territory; and encourage the development of self-regulatory codes of conduct to make it easier to switch cloud service providers (for example, by informing users about the terms and conditions under which they can port data outside their IT environments).
IV SPECTRUM POLICY
The DSM strategy considers a European spectrum policy to be necessary to boost investment, as some countries were slow in allocating the 800MHz band used for mobile communications, and lagged behind in rolling out 4G technology for mobile networks as a result.69 On the other side, some Member States have already outpaced EU regulation (e.g., Germany started auctioning spectrum from the 700MHz band for mobiles in May 2015).
On 9 June 2015, the Commission presented the outcome of a public consultation on the September 2014 Pascal Lamy report concerning the UHF band.70 The report discusses how the scarce spectrum resource in the UHF broadcasting band should be used in future. The results of the consultation suggest that there is general backing for spectrum-efficient technologies for digital terrestrial TV equipment.
Accordingly, on 2 February 2016 the Commission presented a proposal for a Decision of the Parliament and the Council on the use of the 470–790MHz frequency band in the Union.71 On 17 May 2017, the Parliament and the Council adopted such decision,72 stating that Member States have to allow the use of the 700MHz frequency for wireless broadband electronic communications services by 30 June 2020.
The Commission also proposed measures to improve spectrum management across the EU in the framework of the new Electronic Communications Code. This objective should be achieved by giving preference to the use of radio spectrum under general rather than individual authorisations, by granting long-term licences (at least 25 years) and by coordinating the timing of assignments of spectrum across the EU.73
The AVMSD provides for a minimum harmonisation of certain aspects of national legislation related to audiovisual media services (e.g., advertising, protection of minors and promotion of European works) with a view to facilitating the circulation of audiovisual services in the internal market on the basis of the country-of-origin principle. According to this principle, audiovisual media service providers must abide only by the rules of the Member State with jurisdiction over them.
The AVMSD applies to all audiovisual media services, whether linear (traditional television) or non-linear (VOD), irrespective of the technology used to deliver the content (the principle of technological neutrality).74
The Commission’s DSM strategy envisages a ‘regulatory fitness evaluation’ of the AVMSD to gauge whether it still represents a satisfactory regulatory regime, taking account of technological advances, and whether it is effective in attaining its objectives. Namely, the evaluation will assess the current material and geographical scope of the Directive as well as the system of graduated regulation (i.e., the difference in regulatory treatment between linear and non-linear services).
In May 2016, the Commission announced a proposal to amend the existing AVMSD that aims, inter alia, to introduce a uniform regulatory framework for TV broadcasters and VOD service providers. The proposal includes a liberalisation of rules for traditional services, stricter rules for non-linear services, changes in the definition of audiovisual media services (including video-sharing platforms) and geographical scope.75
VI THE YEAR IN REVIEW
i End of roaming charges
On the basis of the Open Internet Regulation, which amended Regulation (EU) No. 531/2012 with regard to roaming on networks within the EU, as of 15 June 2017 roaming charges no longer apply in the EU.76 Under the ‘roam like at home’ rules, users pay domestic prices for calls, SMS and mobile internet while travelling in another European country. Nevertheless, providers must be able to charge customers in accordance with a ‘fair use policy’, which prevents abusive or anomalous usage of regulated retail roaming services by roaming customers.77 If a provider is unable to recover the costs of providing roaming services due to the terms of the Regulation, the company can request authorisation to employ a surcharge.78
ii The proposed ePrivacy Regulation
On 10 January 2017, the Commission published a proposal for a new ePrivacy Regulation,79 which would repeal the current ePrivacy Directive and provide a new set of rules for the protection of privacy in the electronic communication sector.
The proposed Regulation would apply not only to traditional telecom operators, but also to OTT service providers (such as Whatsapp, Facebook and Skype) that currently do not fall within the scope of the ePrivacy Directive. It would also apply to non-EU operators that provide services to users located in the EU.
The new rules place great emphasis on end-users’ consent. Service providers must obtain users’ consent to process electronic communications content and metadata, such as data on location of a phone call. The Regulation would introduce more user-friendly methods to obtain such consent (e.g., appropriate settings of a browser or other application). The proposed Regulation also addresses the privacy concerns raised by tools that allow tracking of the online activities of users, such as cookies, by requiring a clear affirmative action to express consent to the their use.80
In April 2017, the Article 29 Working Party (the independent advisory body on data protection and privacy) and the European Data Protection Supervisor released their opinion on the proposal, advocating for more effective rules such as a general prohibition on tracking practices and privacy by default settings for software and applications.
iii The e-commerce sector enquiry
In the framework of the DSM strategy, in May 2015 the Commission started a sector inquiry into e-commerce. A preliminary report released in September 2016 found potential competition concerns, including in relation to geographic sales restrictions, bans on sales via marketplaces such as eBay and Amazon, geo-blocking, exclusivity of rights and content, bundling of online rights in licensing and the long duration of some licensing agreements. The Commission concluded that these restrictions ‘may, under certain circumstances, make cross-border shopping or online shopping in general more difficult.’
On 10 May 2017, the Commission adopted the final report on the e-commerce sector inquiry.81 With regard to consumer goods, the Commission noted that the development of e-commerce has an impact on both consumers’ choice (by increasing price transparency and competition) and the behaviour of manufacturers and retailers (which increasingly sell their products directly to consumers through online shops). However, the final report lists a number of business practices that may limit online competition, such as restrictions on retailers to sell on online marketplaces (platform bans) and geographic sales restrictions to limit online cross-border sales (including through geo-blocking measures, which prevent access to a certain website from abroad).
As to digital content, according to the final report the main competition concern lies in contractual restrictions included in licensing agreements: 59 per cent of digital content providers have agreed with right holders to apply geo-blocking measures, impeding access to their content from other Member States. The excessive duration of licensing agreements (10 or 20 years on average) also constitutes a barrier to entry for new operators.
iv Geo-blocking and the regulation on cross-border portability of online content services
Geo-blocking may discriminate customers by denying them access to internet content on the basis of their location. In the framework of the DSM strategy, on 25 May 2016 the Commission adopted a proposal for a regulation on geo-blocking and other forms of discrimination based on nationality, residence or place of establishment,82 which targets unjustified geographically-based restrictions to cross-border trade. The proposal introduces a ban for traders on blocking or limiting customers’ access to a website on the basis of their residence, and allows re-routing to a different version of the website only if the customer has given prior consent. It also prohibits customers’ discrimination relating to payments.
Geo-blocking measures also affect the portability of online services: users who have subscribed to certain online content (such as music, films, e-books or videogames) in their country are often denied access to the same content while travelling in another Member State. To address this issue, in December 2015 the Commission adopted a proposal for a new regulation aimed at ensuring that subscribers to online content services in the EU have the right to access and use these services while temporarily present in another Member State (e.g., in the case of holidays, business trips or learning periods).83 On 14 June 2017, the Parliament and the Council adopted the Regulation on cross-border portability of online content services,84 which will apply from March 2018.
v Merger and antitrust control in telecommunication markets
The significant number of mergers involving telecommunications operators authorised by the Commission in the period under investigation confirms the consolidation trend in the electronic communications sector.
In October 2016, the Commission authorised the acquisition of TDC Sweden, a Danish telecommunications group active in Sweden, by Tele2, a company that offers telecommunications services such as fixed telephony and internet access in Sweden and other EU countries. Even though the transaction would have given rise to horizontal overlaps in various markets (including retail fixed telephony, internet access, mobile telecommunications and IT services), the Commission concluded that the parties’ combined share would have been below 20 per cent on most markets and a sufficient number of alternative providers would remain post-transaction.85
On 14 March 2017, the Commission cleared under the simplified procedure the acquisition of the global media provider Time Warner by the telecom operator AT&T. The Commission concluded that the proposed acquisition would not have raised any competition concerns, as there were no overlaps between the parties’ activities in the EEA.86
On 5 May 2017, the Commission approved the acquisition of joint control of Telxius (a company providing infrastructure services through its telecom infrastructure assets) by the US investment firm KKR and the Spanish telecommunications operator Telefónica. The Commission concluded that the proposed acquisition would not have raised competition concerns because it did not create horizontal overlaps between the companies’ activities, and the overlaps between KKR and Telxius’ activities on related markets were limited.87
On 30 May 2017, the Commission cleared the acquisition of the Italian telecommunications operator Telecom Italia by the French group Vivendi, subject to commitments.88 The main competition concern related to the horizontal overlap in the market for wholesale access to digital terrestrial networks for the broadcast of TV channels. Telecom Italia was active in this market through its subsidiary Persidera, while Vivendi held a significant minority stake in Mediaset, which is also active in the above-mentioned market. According to the Commission, post-transaction, Vivendi would have had an incentive to raise prices charged to TV channels for wholesale access to digital terrestrial television networks. The benefits of such a strategy would have been obtained either directly through Persidera or indirectly via the minority shareholding in Mediaset, since other players active in the market concerned did not represent a viable alternative for TV channels. In light of the above, the decision conditioned the approval of the transaction on the divestment of Telecom Italia’s stake in Persidera.
The Commission also investigated whether the relationship between Vivendi’s activities in Italy in advertising, music, TV and mobile gaming and Telecom Italia’s activities in fixed and mobile telecommunications raised competition concerns. In this respect, the Commission concluded that Vivendi would not have had the ability or incentive to exclude competitors from the markets concerned.
The Commission also scrutinised concentrations in the TV sector. In particular, on 7 April 2017, the Commission unconditionally approved the acquisition of the pay-tv operator Sky by 21st Century Fox, a global media firm based in the US. The Commission found that the companies concerned are active in different markets in five EU countries (Austria, Germany, Ireland, Italy and the UK), but compete with each other only to a limited extent, mainly in the markets for the acquisition of TV content and for the wholesale supply of basic pay-TV channels. The Commission concluded that the transaction would have led to only a limited increase in Sky’s existing share in the above-mentioned markets. The Commission’s scrutiny focused on three key points: whether, as a result of the transaction, (1) Fox would have been able to prevent or limit the access of Sky’s competitors to its film and other TV content, (2) Sky would have an incentive to stop buying TV content from Fox’s competitors and (3) Sky would be able to prevent competing channels from accessing its platform. Eventually, the Commission ruled out all the above-mentioned risks.89
However, under Article 21 of the EU Merger Regulation, Member States are allowed to block mergers at the national level, despite the Commission’s approval, to protect other legitimate interests such as media pluralism. On 16 March 2017, the UK Secretary of State for Culture, Media and Sport issued a European intervention notice requiring the competent UK authorities to investigate whether the transaction could give rise to public interest concerns on media plurality grounds (due to the increasing influence of the Murdoch family over the media sector in the UK). On 20 September 2017, the UK Secretary of State for Digital, Culture, Media and Sport referred the transaction to the Competition Markets Authority for a Phase 2 investigation on public interest grounds.
On the procedural side, in October 2016 the Commission launched a public consultation concerning the possible introduction into the EU merger control procedure of complementary thresholds based on the value of the transaction rather than exclusively focused on companies’ turnover.91 This would allow the Commission to assess certain high-value transactions, especially in the digital sector, which do not have to be reported to the Commission because of the low turnover of one of the parties.92 The consultation closed in February 2017. The majority of stakeholders did not consider it necessary to introduce new value-based thresholds.93
As to antitrust enforcement, in June 2017 the Commission concluded its long-lasting investigation in the Google Search case. The Commission imposed on Google the highest fine ever imposed under EU antitrust rules (€2.42 billion) for having abused its dominance as a search engine to promote its own comparison shopping service in search results to the detriment of competitors.94
According to the Commission, Google would be dominant in each national market for general internet searches throughout the EEA (i.e., 31 EEA countries) due to the very high shares (exceeding 90 per cent in most EEA countries) it has consistently held since at least 2008, and the presence of high barriers to entry, in part because of network effects.
The Commission contested that Google would have abused its dominant position by giving prominent placement to its own comparison shopping service, whose results would have been displayed at the top of the search results (or sometimes in a reserved space on the right-hand side), above the results that its generic search algorithms consider most relevant. Thus, according to the Commission, Google’s comparison shopping service is not subject to its generic search algorithms. On the other hand, rival comparison shopping services are subject to generic search algorithms, including demotions (which lower an entry’s rank in Google’s search results).
In assessing the impact of the contested practice, the Commission took into account the fact that, according to empirical studies and surveys, consumers generally click far more on search results at or near the top of the first search results page than on results lower down the first page, or on subsequent pages. In the Commission’s view, as the success of comparison shopping services mostly relies on user clicks and traffic, the contested conduct would have limited other companies’ ability to compete on the merits and to innovate, thus depriving consumers of genuine choice and the full benefits of innovation.
In September 2017, Google filed an appeal against the decision before the General Court, which is currently pending.
The Commission is still investigating other practices implemented by Google. In particular, in 2016 the Commission adopted statements of objections concerning the Android mobile operating system95 and the AdSense search advertising service.96 In the first case, the Commission argues that Google would have breached EU competition rules by:
- a requiring tablet and smartphone manufacturers to pre-install Google Search and Google’s Chrome browser, and requiring them to set Google Search as default search service on their devices, as a condition to licence certain Google proprietary apps;
- b preventing manufacturers from selling smart mobile devices running on competing operating systems based on the Android open source code; and
- c giving financial incentives to manufacturers and mobile network operators on condition that they exclusively pre-install Google Search on their devices.
In the second case, the Commission alleges that Google would have prevented third-party websites from sourcing search adverts from other ad search providers through clauses providing for exclusivity, quantity requirements and preferred placement. Both cases are still pending.
VII CONCLUSIONS AND OUTLOOK
Among the various legislative proposals delivered by the Commission in 2016,97 only the Regulation on cross-border portability of online content services was adopted in 2017 and will apply from early 2018. The remaining proposals are currently undergoing the scrutiny of the Parliament and the Council, and will most likely be adopted in the course of 2018. Nevertheless, important events have characterised the European TMT sector in 2017, including the end of roaming charges from 15 June, the Commission’s proposal for an ePrivacy Regulation and the adoption of the final report on the e-commerce sector enquiry, on the basis of which the Commission has already launched three separate antitrust investigations.
Competition enforcement in the period concerned was undoubtedly marked by the Commission decision in the Google Search case, which imposed an impressive fine on Google for alleged search bias. The Commission decision raises a number of delicate issues, including the scope and limits of the search neutrality principle, the risk that aggressive antitrust intervention in certain high-tech sectors may negatively affect technological development, and the choice and implementation of the appropriate remedy.
Finally, it can be reasonably expected that Brexit will have a significant impact on the European TMT sector. The UK was one of the Commission’s main ally in the implementation of the DSM strategy. Brexit could also lead to fragmentation of the regulatory framework in the TMT sector if the UK will start introducing regulations diverging from EU legislation. This might also create obstacles and additional costs for TMT operators, which will have to comply with both EU and UK rules if they are active in both territories.
1 Marco D’Ostuni is a partner, Gianluca Faella is counsel and Manuela Becchimanzi is an associate at Cleary Gottlieb Steen & Hamilton LLP.
2 A Digital Single Market Strategy for Europe – COM(2015) 192 final (available at http://ec.europa.eu/priorities/digital-single-market/docs/dsm-communication_en.pdf).
3 See Sections II, III, V and VI.
4 See final report on the e-commerce sector enquiry (available at http://ec.europa.eu/competition/antitrust/sector_inquiry_final_report_en.pdf); Commission decision of 6 May 2015 initiating an inquiry into the e-commerce sector pursuant to Article 17 of Council Regulation (EC) No. 1/2003 (HT.4607), C(2015) 3026 final (available at http://ec.europa.eu/competition/antitrust/ecommerce_decision_en.pdf). According to the Commission, there ‘seem to be several reasons for the trend of trade between Member States relating to the e-commerce sector, including language barriers, consumer preferences and differences in legal frameworks between Member States. There are also indications that undertakings active in the e-commerce sector may be engaged in anticompetitive agreements, concerted practices or abuses of a dominant position’ (Point 3).
5 See Section III.iv.
6 See Directive 2001/29/EC of 22 May 2001, OJ 2001 L 111/16.
7 See Directive 2002/21/EC of 24 April 2002, OJ 2002 L 108/33.
8 See Regulation (EC) No. 1211/2009 of 25 November 2009, OJ 2009 L 337/1.
9 Proposal for a Regulation of the European Parliament and of the Council establishing the Body of European Regulators of Electronic Communications (BEREC) – COM(2016)591 (available at https://ec.europa.eu/digital-single-market/en/news/proposed-regulation-establishing-body-european-regulators-
10 See Directive 2009/140/EC of 25 November 2009, OJ 2009 L 337/1.
11 See Directive 2009/136/EC of 25 November 2009, OJ 2009 L 337/1.
12 See State of the Union 2016: Commission paves the way for more and better internet connectivity for all citizens and businesses (available at http://europa.eu/rapid/press-release_IP-16-3008_en.htm).
13 Proposal for a Directive establishing the European Electronic Communication Code – COM(2016) 590 final (available at https://ec.europa.eu/digital-single-market/en/news/proposed-directive-establishing-
14 See Regulation laying down rules on the exercise of copyright and related rights applicable to certain online transmissions of broadcasting organisations and retransmissions of television and radio programmes – COM(2016) 594 (available at https://ec.europa.eu/digital-single-market/en/news/proposal-regulation-laying-down-rules-exercise-copyright-and-related-rights-applicable-certain); Regulation on the cross-border exchange between the Union and third countries of accessible format copies of certain works and other subject-matter protected by copyright and related rights for the benefit of persons who are blind, visually impaired or otherwise print disabled – COM(2016) 595 (available at https://ec.europa.eu/digital-single-market/en/news/proposed-regulation-cross-border-exchange-between-union-and-third-
countries-accessible-format); Directive on copyright in the Digital Single Market – COM(2016) 593 (available at https://ec.europa.eu/digital-single-market/en/news/proposal-directive-european-parliament-
and-council-copyright-digital-single-market); Directive on certain permitted uses of works and other subject-matter protected by copyright and related rights for the benefit of persons who are blind, visually impaired or otherwise print disabled and amending Directive 2001/29/EC on the harmonisation of certain aspects of copyright and related rights in the information society – COM(2016) 596 (available at https://ec.europa.eu/digital-single-market/en/news/proposal-directive-permitted-uses-works-and-other-
15 See Directive 2010/13/EU of 10 March 2010, OJ 2010 L 95/1. On 25 May 2016 the Commission announced a proposal to amend the existing Audiovisual Media Services Directive (see footnote 75).
16 The respective competences of the Commission and NCAs to assess mergers are defined on the basis of the turnover of the undertakings concerned (See Article 1.2 of Council Regulation (EC) No. 139/2004 (Merger Regulation), OJ 2004 L 24/1–22). However, a Member State may also review a concentration that falls within the competence of the Commission and adopt the measures needed to protect certain legitimate interests, including the plurality of the media (see Article 21.4 of the Merger Regulation).
17 Article 5 of the Authorisation Directive.
18 See, e.g., the CJEU Judgment of 17 December 2015, C-454/13, Proximus, Paragraph 19.
19 See Regulation (EU) No. 2015/2120 of 25 November 2015, OJ 2015 L 310/1.
20 Regulation (EU) No. 2015/2120, Article 3.
21 Regulation (EU) No. 2015/2120, Paragraph 9.
22 The Regulation also includes a number of transparency measures for providers to ensure customer awareness of open internet access, and provides that national regulatory authorities have to monitor providers’ compliance with the minimum service quality standards. Regulation (EU) No. 2015/2120, Articles 4 and 5.
23 See Directive 2002/22/EC of 7 March 2002, OJ L 108. See Commission Communication of 23 November 2011, COM(2011) 795 final, available at http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2011:0795:FIN:EN:PDF. In March 2014, the Commission started the fourth review of the scope of universal service. In July 2014, BEREC provided a report including the views of NRAs. See http://berec.europa.eu/eng/document_register/subject_matter/berec/reports/4479-ec-questionnaire-on-the-implementation-and-application-of-the-universal-service-provisions-8211-a-synthesis-of-the-results.
24 See European Parliament resolution of 19 January 2016 on Towards a Digital Single Market Act (2015/2147(INI)) Paragraph 56 (www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN &reference=P8-TA-2016-0009).
25 Communication from the Commission, EU Guidelines for the application of State aid rules in relation to the rapid deployment of broadband networks (2013/C 25/01).
26 Case C-1/14, Base Company NV and Mobistar NV v. Ministerraad.
27 See Proposal for a Directive establishing the European Electronic Communication Code, p. 11.
28 Commission Recommendation of 20 September 2010, OJ 2010 L251/35.
29 For more details on the applicable remedies, see this chapter in the fourth edition of this publication.
30 See Article 70 of the Proposal for a Directive establishing the European Electronic Communication Code.
31 Commission Recommendation 2013/466/EU of 11 September 2013 on consistent non-discrimination obligations and costing methodologies to promote competition and enhance the broadband investment environment, OJ L 251. The measure follows Commissioner Kroes’ policy statement of July 2012 (available at http://europa.eu/rapid/press-release_MEMO-12-554_en.htm?locale=en).
32 The EoI model ensures that the incumbent’s and competitor’s downstream access product use exactly the same physical upstream inputs (e.g., same tie-cables, same electronic equipment, same exchange space). Conversely, the equivalence of output ensures that the access products offered by the incumbent to alternative operators are comparable to the products it provides to its retail division in terms of functionality and price, but they may be provided by different systems and processes.
34 BEREC issued its Report on the Regulatory Accounting in Practice 2013, according to which data from NRAs generally confirmed the trend toward an increasingly consistent approach to regulatory accounting obligations among NRAs. The Report on the Regulatory Accounting in Practice 2016 confirms the high degree of consistency among the approaches of NRAs.
35 See for example the recommendation issued against Italy on 11 December 12013.
36 See Paragraph 179 of the Proposal for a Directive establishing the European Electronic Communication Code.
37 Directive 2000/31/EC.
38 See Section 4, Articles 12 to 15.
39 Cases C-70/10, Scarlet Extended v. SABAM; and Case C-360/10, Sabam v. Netlog NY. For more details on these Judgments, see this chapter in the seventh edition of this publication.
40 Case C–314/12, UPC Telekabel Wien GmbH v. Constantin Film Verleih GmbH and Wega Filmproduktionsgesellschaft mbH.
41 Directive 2001/29/EC, OJ 2001 L 167, p. 10.
42 Case C-484/14, Mc Fadden v. Sony Music.
43 Case C-131/12, Google Spain SL, Google Inc/Agencia Española de Protección de Datos, Mario Costeja González, Paragraphs 28 and 41. For more details on these Judgments, see this chapter in the seventh edition of this publication.
44 The Directive grants individuals the right to obtain from the controller ‘rectification, erasure or blocking’ of personal data (Article 12(b)) and to object to processing on ‘compelling legitimate grounds’ (Article 14). The Court affirmed that these rights can also be invoked against search engines since ‘it is the search engine operator which determines the purposes and means of that activity and […] must, consequently, be regarded as the ‘controller’ in respect of that processing pursuant to Article 2(d)’ (Paragraph 33).
45 On protection for children, see this chapter in the fourth edition of this publication.
46 Directive (EC) No. 1995/46 of 24 October 1995, OJ L281/1 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
47 Commission Decision of 26 July 2000 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the Safe Harbor privacy principles and related frequently asked questions issued by the US Department of Commerce.
48 Case C-362/14 Maximillian Schrems v. Data Protection Commissioner. For more details on this Judgment, see this chapter in the seventh edition of this publication.
49 In the meantime, Article 26 of Data Protection Directive applies. The latter provides for some alternative grounds on which specific data transfers may take place absent an Article 25 adequacy decision. In particular, transfers may be carried out where the entity responsible for determining the purposes and means of the processing of personal data adduces appropriate safeguards, including contractual clauses binding the exporter and the importer of the data.
50 Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU–US Privacy Shield.
51 Case T-670/16, Digital Rights Ireland v. Commission.
52 Regulation (EU) No. 2016/679 of 27 April 2016, OJ 2016 L 119/1.
53 Directive (EU) No. 2016/680 of 27 April 2016, OJ 2016 L 119/1.
54 See recital 4 of Regulation (EU) No. 2016/679 of 27 April 2016, OJ 2016 L 119/1.
55 See Article 20 of Regulation (EU) No. 2016/679 of 27 April 2016, OJ 2016 L 119/1.
56 See recital 71 of Regulation (EU) No. 2016/679 of 27 April 2016, OJ 2016 L 119/1.
57 See recital 152 of Regulation (EU) No. 2016/679 of 27 April 2016, OJ 2016 L 119/1.
58 Directive (EU) No. 2002/58 of 12 July 2016, OJ 2002 L201/1.
59 Commission’s DSM strategy, Pillar II, Action 12.
60 Directive (EU) No. 2016/1148 of 6 July 2016, OJ 2016 L194/1.
61 Joint communication on cybersecurity strategy of the European Union – JOIN(2013) 1 final (available at www.europarl.europa.eu/meetdocs/2009_2014/documents/join/com_join (2013)0001_/com_join(2013)
62 Paul Waszin, Nauta Dutilh, ‘Network and information security NIS: EU Strategy and Directive’ (available at www.lexolosv.com/librarv/detail.asox?s=fbOffQ7d-09c8-4add-aa58-7daf780eSd6f).
63 Commission’s DSM strategy, Pillar III, Action 14.
64 See the Digitizing European Industry Q&A of 19 April 2016, available at http://europa.eu/rapid/press-release_MEMO-16-1409_en.htm.
65 European Parliament Research Service, Mapping the cost of Non-Europe, 2014–19.
66 The International Data Corporation, Uptake of Cloud in Europe: Follow-up of IDC Study on Quantitative estimates of the demand for Cloud Computing in Europe and the likely barriers to take-up, 2015.
67 See Communication on Building a European Data Economy (available at https://ec.europa.eu/digital-
68 Proposal for a Regulation on a framework for the free flow of non-personal data in the European Union – COM(2017) 495 final (available at http://ec.europa.eu/transparency/regdoc/rep/1/2017/EN/COM-2017-495-F1-EN-MAIN-PART-1.PDF).
69 Commission’s DSM strategy, Pillar II, Action 9.
70 Summary report, Brussels, 9 June 2015 DG CONNECT/B4.
71 Proposal for a Decision on the use of the 470-790MHz frequency band in the Union – COM(2016) 043
final (available at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM%3A2016%3A43%3 AFIN); see also the Commission press release available at http://europa.eu/rapid/press-release_IP-16-207_en.htm.
72 Decision of the European Parliament and of the Council of 17 May 2017 on the use of the 470-790MHz
frequency band in the Union (available at http://data.consilium.europa.eu/doc/document/PE-5-2017-
73 See Articles 48, 49 and 53 of the Proposal for a Directive establishing the European Electronic Communication Code.
74 Article 1(1)(a) and the explanatory note provided by the Commission.
75 Proposal for a Directive amending Directive 2010/13/EU on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services in view of changing market realities – COM(2016) 287 final (available at https://ec.europa.eu/transparency/regdoc/rep/1/2016/EN/1-2016-287-EN-F1-1.PDF).
76 Regulation (EU) 2015/2120, Paragraph 21.
77 Regulation (EU) 2015/2120, Paragraph 22.
78 Regulation (EU) 2015/2120, Paragraph 23.
79 See Proposal for a Regulation on Privacy and Electronic Communications (available at https://ec.europa.eu/digital-single-market/en/news/proposal-regulation-privacy-and-electronic-communications).
80 See Recital 24.
81 See Final report on the E-commerce Sector Inquiry COM(2017) 229 final (available at http://ec.europa.eu/competition/antitrust/sector_inquiry_final_report_en.pdf).
82 See Proposal for a Regulation of the European Parliament and of the Council on addressing geo-blocking and other forms of discrimination based on customers’ nationality, place of residence or place of establishment within the internal market, COM(2016) 289 (available at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52016PC0289).
83 See Regulation of the European Parliament and of the Council on ensuring the cross-border portability of online content services in the internal market COM (2015) 627 final (available at https://ec.europa.eu/transparency/regdoc/rep/1/2015/EN/1-2015-627-EN-F1-1.PDF).
84 See Regulation of the European Parliament and of the Council (EU) 2017/1128 of 14 June 2017on cross-border portability of online content services in the internal market (available at http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L:2017:168:FULL&from=EN).
85 Case M.8131, Tele2 Sverige/Tdc Sverige.
86 Case M.8323, AT&T/Time Warner.
87 Case M.8427, KKR/Telefónica/Telxius.
88 Case M.8465, Vivendi/Telecom Italia.
89 Case M.8354, Fox/Sky.
90 IP/17/1369 (available at http://europa.eu/rapid/press-release_IP-17-1369_en.htm).
91 See the questionnaire for evaluation of procedural and jurisdictional aspects of EU Merger Control (available at http://ec.europa.eu/competition/consultations/2016_merger_control/consultation_document_en.pdf).
92 Such as the Facebook/WhatsApp acquisition, which did not have to be notified because of WhatsApp’s low turnover, but was reviewed by the Commission following a referral under Article 4(5) of the EU Merger Regulation.
93 See the Summary of replies to the Public Consultation on Evaluation of procedural and jurisdictional aspects of EU merger control (available at http://ec.europa.eu/competition/consultations/2016_merger_control/summary_of_replies_en.pdf).
94 Case No. 39740, Google Search. See also press release IP/17/1784 (available at http://europa.eu/rapid/press-release_IP-17-1784_en.htm).
95 IP/16/1492 (available at http://europa.eu/rapid/press-release_IP-16-1492_en.htm).
96 STATEMENT/16/2535 (available at http://europa.eu/rapid/press-release_STATEMENT- 16-2535_en.
97 Notably, in 2016 the Commission drafted proposals on a directive on contracts for the supply of digital content – COM(2015) 634; a directive on contracts for the online and other distance sales of goods – COM(2015) 635; a regulation on the cross-border portability of online content services in the internal market – COM(2015) 627; an amendment to the existing Audiovisual Media Services Directive – COM(2016) 287; a regulation on addressing unjustified geo-blocking and other forms of discrimination based on place of residence or establishment, or nationality; a new framework for digital copyright; and a Code on Electronic Communications (COM(2016) 289).