How the EU is rerouting the Information Superhighway

The internet was largely an American invention. Many of the companies that have come to dominate how much of the world uses it are also made in America.

There are a lot of reasons for that — cultural, economic, political, technical — but the net effect has been to give the whole gestalt of the internet a distinctly American air, from its governance, to its commercial and economic arrangements, to its libertarian-cum-libertine ideology.

That never sat well with the world’s more authoritarian regimes, such as China and Russia, which from the start sought ways to wall their societies off from its influence. But neither has it sat well with many of the world’s more market-oriented and democratic societies such as those that make up the European Union.

Over the past four years or so, however, the EU has found a way to use its combined market power to impose a more European sensibility on how the internet — or at least internet companies — operate.

The EU’s Digital Single Market strategy, adopted in 2015, provided the roadmap. But much of the fuel came from European distaste for how the mostly American technology giants that dominate commercial activity on the net were running things and their presumption in imposing their methods on Europeans.

The aim of the DSM was to give the EU the same heft in global digital markets that it had achieved in the market for physical goods through its customs union and by enabling the free flow of goods throughout the 315 million person bloc.

One of the first real fruits of the DSM strategy was the adoption in 2016 of the General Data Protection Regulation (GDPR), which took effect in May 2018. The rules required that nearly every internet company that operates within the EU and collects even the most basic data on its European users, from the smallest website to the largest platforms, would have to meet much stricter standards for how they managed, transferred and disclosed the data they collect.

The GDPR forced major operational changes on American companies like Facebook, Google and Amazon, which have built their businesses on collecting vast amounts of data on their users and then doing pretty much whatever they wanted with it, generally without disclosing what they were doing.

Equally important, however, has been GDPR’s impact outside the EU, including in the U.S. Faced with the potential expense of maintaining two different internal data-management systems, most U.S. companies chose to alter their processes worldwide to more closely conform with the EU standards. The GDPR, in other words, quickly became something of a global baseline for how internet companies collect and use personal data regardless of where those companies are headquartered.

Another effect of GDPR has been to embolden regulators and legislators in the U.S. and elsewhere to take data privacy far more seriously and begin to turn their scrutiny to Facebook, Google and other web giants. Just this week, the Federal Trade Commission settled its investigation into YouTube’s handling of data it collects on children by imposing a $170 million fine on the company and forcing substantial operational changes on how it uses those data.

In an interview published this week by Willamette Week, Oregon senator Ron Wyden (D) went so far as to suggest Facebook CEO Mark Zuckerberg ought to face prison time for lying repeatedly about how the company uses the data it collects.

When it comes to data privacy, U.S. regulators and lawmakers are increasingly taking their lead from Europe.

EU Copyright Directive

A similar dynamic is now emerging with respect to the relationship between online platforms and copyright owners.

In the wake of the adoption of the WIPO Copyright Treaties in 1996, most countries adopted some form of safe harbor for online service providers, such as those set out in Section 512 of the U.S. Digital Millennium Copyright Act.

The harbors shielded service providers from liability for copyright infringement committed by their users so long as they followed strict procedures for removing infringing content from their platforms once notified by the copyright owner.

The provisions allowed user-generated content platforms such as YouTube, Facebook, Instagram and Twitter — again, mostly American — grow to enormous size and global power. But creators and rights owners have long complained bitterly that the cumbersome, post hoc procedures for notice-and-takedown made protecting their copyrights from infringement virtually impossible, leading to an enormous “value gap” between rights owners and platform providers.

With the passage of its Directive of Copyright in the Single Digital Market earlier this year the EU aims to close that gap by draining much of the safe harbors.

Under the directive, which won’t be fully implemented until 2021, online service providers (with some exceptions) will not be able simply to wait to be notified of infringing content and removing it after the fact. Instead they will now have to take proactive steps to prevent infringing content from being uploaded to their platforms in the first place, and ensuring that content that gets removed cannot be reposted.

It also requires search engines and news aggregators (looking at you, Google) to obtain licenses from publishers before displaying snippets of their news stories in search results.

The net effect will be to invert the current burden of proof. Instead of requiring rights owners to police the millions of hours of music and video that gets uploaded to platforms like YouTube every day, looking for unauthorized uses of their content, or allowing search engine from diverting eyeballs and advertising from publishers, the new rules will compel online service providers to police and monitor their own platforms on behalf of rights owners and to obtain licenses before displaying their content.

As with GDPR, the EU Copyright Directive is likely to produce echoes in the U.S. and elsewhere. In order to comply with the new rules, user upload platforms are expected to deploy some sort of content filtering system analogous to, if not quite as capable as YouTube’s Content ID system. Once those tools are in place in Europe, the pressure on the platforms, both internally and externally, to deploy them to the U.S. and elsewhere will only increase.

Pro-filtering sentiment is already growing in the U.S., in fact, as seen in a recent letter from a bipartisan group of lawmakers to Google CEO Sundar Pichai urging YouTube to expand access to its Content ID system to a wider group of copyright owners.

Rights owner groups in the U.S. have stepped up their public campaign to revise the current DMCA safe harbors to put greater responsibility for policing infringement on platform providers, and have seized on growing antitrust scrutiny of the major technology giants — again, coming in the wake of similar moves by EU regulators — to argue that their dominance leaves rights owners at a disadvantage in negotiating licensing agreements.

Major news media organizations in the U.S. have begun to explore how to extend the EU Copyright Directive’s licensing requirement for search engines to the U.S., huddling with their European counterparts to strategize.

As with filtering, their complaints are finding more fertile ground in the U.S. on the heels of the EU developments. In June, the House of Representatives began hearings on the growing influence of Google, Facebook, Amazon and Apple, focusing in part on their impact on the news media.

The fact that the technology platforms that will be most heavily impacted by the EU’s Copyright Directive are the same, American-made platforms most affected by GDPR is very likely not a coincidence.

Both initiatives stem from a desire among EU policymakers to push back against the prevailing American-derived paradigm of internet governance and regulation. Increasingly, Europeans see American internet companies as a kind of colonizing force that is disrupting European culture and cultural industries, and they seem increasingly prepared to use the EU’s market power to try to rewrite the rules.

Given the enormous scale and influence of the tech giants the EU alone may not be able to achieve all of its goals. But their efforts increasingly are finding allies in North America and around the world, and some of those allies are beginning to follow the EU’s lead.