Leaked documents concerning the Copyright Directive show that France, Spain and Portugal have joined forces in the Council of the European Union to attack the cornerstones of internet freedom in Europe.

The documents show that the three countries propose elevating fighting copyright violations to a special status – above combating terrorism, child abuse and serious online crime. This would put our fundamental rights on the line, and create legal chaos for service providers in Europe.

No more hosting services

Under existing rules, internet hosting companies are not liable for unauthorised content uploaded by their users, unless they fail to act quickly to remove that content, once they are informed about it. The proposal is to leave that law in place, but redefine the services provided by hosting providers so that pretty much nobody is covered by that legislation (the e-Commerce Directive).

How is this done?

Firstly, the leaked document says that any company that allows users to upload content that could be copyrighted or subject to any property right (“other subject matter” such as, choreography, for example) is performing an act of “communication to the public”.

This means that the service provider is performing an activity that requires authorisation by rightsholders – unless at all times the provider can be sure that nothing that is, or could conceivably be, subject to a property right is being uploaded.

Specifically, the proposal is that companies “that store works or other subject-matter uploaded by their users and are actively involved in providing access to the public to such contents” should no longer be considered hosting companies, even if this is pretty much the definition of hosting. This means that hosting services (that optimise the content they store in any way) would need to carry out constant monitoring of everything that is uploaded to their services – and delete anything that might create a risk – as they will be directly liable for anything their users do.

Mandatory surveillance of all uploads

Having already made it virtually impossible to provide a hosting service without being licensed by all relevant collective rights management groups (film, audio, image, etc), the three countries go further: They demand that larger providers (those that store an undefined “significant” amount of material) should not only have to monitor everything that is being uploaded, but should also be required to “prevent the availability” of content that is identified by rightsholders (by using content identification and upload filtering). This would be flanked with an additional obligation to inform the multitude of rightsholders “on the functioning” of those measures.

Redress mechanisms?

A patently inadequate and complicated complaints mechanism is proposed in order to make the proposal seem balanced. Under this mechanism:

a user could complain to the provider who filtered out the content, who would process the complaint and;

pass it on to the rightsholder (who asked for the filtering to happen) who would process the complaint within a “reasonable” period of time and;

inform the provider, who would inform the user who may or may not be happy with the outcome, but has no more redress.

The rightsholders would have no liability for false claims of ownership.

It seems irrelevant to the French, Spanish and Portuguese that the European Court has ruled that it is unacceptable to impose a filtering obligation on providers if that filtering:

is of all electronic communications passing via its services; (as in this case)

applies indiscriminately to all its customers; (as proposed in this case)

is done as a preventive measure; (as proposed in this case)

is done exclusively at the provider’s expense; (as proposed in this case ) and

is done for an unlimited period; (as proposed in this case)

The Court also ruled against filtering by social media in the Netlog/Sabam case.

Another related leak from the Estonian Presidency reveals that it is letting the three countries set their agenda without interference. It seems that the Estonian Presidency is, again, choosing political expediency over the rights of European citizens and the free and open internet – and the Estonian ethos of a well-regulated, digital-friendly society. We have prepared a document to show how carefully the Estonian Presidency is following the three countries that are proposing these extreme measures.

Duty of care

But France, Spain and Portugal’s approach to the Copyright Directive also risks creating chaos for another reason – clarity. The legal basis of the Directive in this case is to harmonise the EU single market. Once adopted, it has to be “transposed” into national law, leaving Member States considerable flexibility about how this is done. Directives need to be very clear to avoid divergent implementations in different Member States.

Directives consist of articles and explanatory “recitals”. The recitals proposed by the three countries are remarkable by any stretch of the imagination. The three countries propose enhancing this harmonisation by suggesting to the 27 Member States (and their 27 judicial systems) that they can “expect” companies under their jurisdiction to enact an undefined “duty of care”. This would cover internet companies that are – and are not – communicating to the public and internet companies that are – or are not – covered by Article 14 (hosting services) of the E-Commerce Directive. The 27 Member States and their court systems, when implementing the Directive, would create and interpret the “expectation” of this “duty” that would encourage companies to implement undefined “appropriate and proportionate tools” to protect “works or other subject matter” when their services are “impacting” on the exploitation of copyrighted works.

These missing definitions and vague language (“significant”, “expect”, “duty”, “prevent”, “impacting”) would result in 27 different national laws (interpreted by 27 national court systems) in the EU on how this “duty of care” would be implemented. The only point of consistency would be that this would apply only to copyrighted content (and, of course, “other subject matter”). As a reminder: Content that is considered less important by the EU Council, like terrorism (nothing similar was approved in the terrorism Directive adopted earlier in 2017) or child exploitation (nothing similar was approved in the child exploitation Directive adopted in 2011) would not be subject to this unclear “duty” and existing rules would continue to apply.

This proposal is great news – but only for a few!

It is great news for service providers outside the EU that can take over the EU hosting market once EU companies are driven out;

and it is great news for repressive regimes that are already pointing to EU policy and practices to justify their internet crackdowns.

Yet, it is less good news for fundamental rights, privacy, freedom of expression, European companies, victims of repressive regimes, or the rule of law.

Leaked document: Amendment from ES, FR, PT to the recitals 37, 38, 39 and Article 13 on the value gap

http://statewatch.org/news/2017/oct/eu-copyright-dir-WK-10644-17.pdf

Comparison: Spain, Portugal and France’s demands – Estonian Presidency document

https://edri.org/files/copyright/20171026-comparedtexts.pdf

Leaked document: Presidency Flash – Copyright Working Party 17/18 October 2017

http://statewatch.org/news/2017/oct/eu-copyright-Pres-Council-Agenda-WK-11269-17.pdf

Copyright reform: Document pool

https://edri.org/copyright-reform-document-pool/

(Contribution by Joe McNamee, EDRi)