EU TMT & Privacy Bulletin - May 2011

Sections of this issue:

Privacy & Data Protection

• Agreement to address privacy concerns over use of smart tags

ISP-Liability & Media Law

• L'Oréal v. eBay and Scarlet Extended v. Sabam: Advocates General give their view on the obligations that can be imposed on ISPs in the battle against online IP infringements

Contracts & E-Commerce

• The French Competition Authority raises concerns over Google's dominant position on the online advertising market
• Commission publishes Green paper on online gambling in the Internal Market

Electronic Communications & IT

• EU telecom reform directives obtain direct effect

---

PRIVACY & DATA PROTECTION

Agreement to address privacy concerns over use of smart tags

On April 6, 2011, the European Commission has signed a voluntary agreement with industry, civil society, ENISA (European Network and Information Security Agency) and privacy and data protection watchdogs in Europe to establish guidelines for all companies in Europe to address the data protection implications of smart tags prior to placing them on the market.

Radio frequency identification (RFID) is a technology that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency portion of the electromagnetic spectrum to uniquely identify an object, animal, or person. RFID is coming into increasing use in industry as an alternative to the bar code. The advantage of RFID is that it does not require direct contact or line-of-sight scanning. Smart tags are used for electronic vehicle registration, payments by mobile phones, transportation payments, etc. They bring many potential advantages for businesses, public services and consumer products, for instance in terms of efficiency of production and distribution processes.

The smart tags do, however, involve privacy risks. For instance, because the owner of a product will not necessarily know about the presence of a tag which can be read at a distance, it would be possible to gather (sensitive) personal data about this individual without his consent. Also, if an item is paid for by credit card, it would be possible to indirectly identify the purchaser by reading the globally unique ID of that item. In addition, the smart tag remains functional when the tagged products are purchased and taken at home so that they could be used for surveillance and other purposes, unrelated to their initial purpose, such as checking the data subject's location.

On April 6, 2011, the European Commission has signed a voluntary agreement with industry, civil society, ENISA (European Network and Information Security Agency) and privacy and data protection watchdogs in Europe to establish guidelines for all companies in Europe to address the data protection implications of smart tags prior to placing them on the market.

This agreement is part of the implementation of a Commission Recommendation adopted in 2009 that inter alia indicates that when consumers buy products with smart tags, they should be deactivated automatically, immediately and free of charge unless the consumer agrees explicitly that they are not.

Under the agreement, companies will carry out a comprehensive assessment of privacy risks and take measures to address the risks identified before a new smart tag application is introduced onto the market. This will include the potential impact on privacy of links between the data collected and transmitted and other data. This is particularly important in the case of sensitive personal data such as biometric, health or identity data.

The PIA Framework establishes for the first time in Europe a clear methodology to assess and mitigate the privacy risks of smart tags that can be applied by all industry sectors that use smart tags.

In particular, the PIA framework will not only give companies legal certainty that the use of their tags is compatible with European privacy legislation but also offer better protection for European citizens and consumers.

Links: For more information, see:
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/418&format=HTML&aged=0&language=EN&guiLanguage=en

For more information, contact: Frederik Van Remoortel.

---

ISP-LIABILITY & MEDIA LAW

L'Oréal v. eBay and Scarlet Extended v. Sabam: Advocates General give their view on the obligations that can be imposed on ISPs in the battle against online IP infringements

In the ongoing discussions on the protection of IP rights in an online environment, new input has been given by the Advocates General in two high profile cases pending before the Court of Justice of the European Union (CJEU). In the L'Oréal and others v. eBay-case, Advocate General Jääskinen considers that eBay is generally not liable for trade mark infringements committed by its users on its electronic marketplace. However, if eBay has been notified of the infringing use of a trade mark, and the same user continues or repeats that infringement, eBay can be held liable for it. In the Scarlet Extended v. Sabam and others-case, Advocate General Cruz Villalón states in his Opinion that a measure ordering an ISP to install a system for filtering and blocking electronic communications in order to protect IP rights in principle infringes fundamental rights.

L'Oréal and others v. eBay

Background

L'Oréal and others accuse eBay of being involved in trade mark infringements committed by sellers on its internet marketplace. The UK High Court, before which the dispute is pending in the UK (cf. our Newsletter of June 2009), found that trademark infringements were indeed committed by sellers and eBay members by offering L'Oréal-branded goods for sale that were put on the market outside the European Economic Area and/or by offering counterfeit L'Oréal goods.

However, the High Court found that eBay was not itself liable for trademark infringement by the users of its website. Therefore, the High Court referred the case for a preliminary ruling to the CJEU over the question as to which kinds of injunctions can be imposed on an ISP, such as eBay, in order to prevent further trademark infringement (the High Court also referred other questions to the CJEU, but we will focus on the ISP liability-related matters in this article).

Opinion of Advocate General Jääskinen of December 9, 2010

Firstly, Advocate General Jääskinen refers to Articles 12, 13 and 14 of Directive 2000/31, providing the so-called "safe harbor" for intermediaries. The Advocate General states that these limitations of liability aim at enabling the provision of information society services without the risk of legal liability which the service provider cannot prevent beforehand without losing the economic and technical viability of the business model.

Secondly, the Advocate General expresses his doubts as to the interpretation given by the Court in the Google France and Google-case according to which an information service provider storing information at the request of its client is exempted from liability for this information only if it remains neutral in relation to the hosted data. According to the Advocate General, the neutrality-test may well be the right test for 'mere conduit' and 'caching' providers, but not for 'hosting' providers. It would be surreal, says the Advocate General, that if eBay intervenes and guides the contents of listings in its system with various technical means, it would by that fact be deprived of the protection of Article 14 regarding storage of information uploaded by the users.

With regard to eBay's obligations in relation to future infringements, the Advocate General recalls that the hosting provider has to act expeditiously to remove or to disable access to illegal information upon obtaining actual knowledge of the illegal activity or information.

As to the interpretation of 'actual knowledge', the Advocate General finds it to be obvious that a mere suspicion or assumption regarding the illegal activity or information does not suffice. Hence, in the case of an alleged trade mark infringement, the object of knowledge must be a concluded or ongoing activity or an existing fact or circumstance. Secondly, the requirement of actual knowledge seems to exclude construed knowledge. It is not enough, says the Advocate General, that the ISP ought to have known or has good reasons to suspect illegal activity.

With regard to the scope of injunctions against ISPs, the Advocate General therefore concludes as follows:

Given the requirement of proportionality, an injunction against the intermediary to prevent any further infringements of a trade mark would be excluded. What is crucial, is that the intermediary can know with certainty what is required from him, and that the injunction does not impose impossible, disproportionate or illegal duties like a general monitoring obligation. An appropriate limit for the scope of injunctions may be that of a double requirement of identity, meaning that an injunction could be given against an intermediary to prevent the continuation or repetition of an infringement of a certain trade mark by a certain user. In other words, exemption from liability does not apply in cases where the hosting provider has been notified of infringing use of a trade mark, and the same user continues or repeats the same infringement.

Scarlet Extended v. Sabam and others

Background

On January 28, 2010 the Court of Appeal of Brussels decided to refer two preliminary questions to the CJEU in the case of internet access provider Scarlet against collecting society Sabam. Scarlet was previously ordered by the President of the Court of First Instance of Brussels to make it impossible for its customers to send or to receive in any way, by means of peer-to-peer software, files containing musical works from Sabam's repertoire. For Scarlet, this implied implementing at its own expense and in respect of all its subscribers a preventive filtering and blocking measure.

The Court of Appeal asked the CJEU (i) whether such filtering and blocking measure was in line with EU legislation and, if so, (ii) whether the national courts should apply the principle of proportionality when assessing a request for an injunction against an ISP.

Opinion of Advocate General Cruz Villalón of April 14, 2011

In his Opinion of April 14, 2011, the Advocate General first analyzed the court order and the system that had to be implemented by Scarlet in order to comply with this order.

According to the Advocate General, the system must be capable of filtering all data communications passing via Scarlet's network in order to detect data which involve a copyright infringement. As a result of such filtering, the system must, secondly, block communications which actually involve copyright infringement, either at the point at which they are requested or at the point at which they are sent.

Advocate General Cruz Villalón considers that the court order thus constitutes a general obligation for Scarlet and would have a lasting effect for an unspecified number of persons. The court order applies in abstracto and as a preventive measure, meaning that a finding of an actual infringement would not first have been made. Also, it would make Scarlet responsible for the cost of installing the filtering and blocking system.

The Advocate General considers that the installation of such filtering and blocking system is a restriction on the right to privacy of communications, the right to protection of personal data and the freedom of information.

Although these rights can be restricted, such restrictions must be in accordance with a national legal basis that is accessible, clear and predictable. According to the Advocate General, it cannot be held that the obligation on ISPs to install the filtering and blocking system at issue, entirely at their own expense, was laid down expressly, and in clear, precise and predictable terms, in Belgian law and more precisely in Article 87 of the Copyright Act of 30 June 1994 (which implements article 8.3. of Directive 2001/29/EC and article 11 of Directive 2004/48/EC).

In addition, Advocate General Cruz Villalón states that neither the filtering system, which is intended to be applied on a systematic, universal, permanent and perpetual basis, nor the blocking mechanism, which can be activated without any provision being made for the persons affected to challenge it or object to it, are coupled with adequate safeguards.

The Advocate General therefore concludes that EU law precludes a national court from making an order, on the basis of the Belgian statutory provision, requiring an internet service provider to install, in respect of all its customers, in abstracto and as a preventive measure, entirely at the expense of the internet service provider and for an unlimited period, a system for filtering all electronic communications passing via its services in order to identify the sharing of electronic files containing a musical, cinematographic or audio-visual work in respect of which a third party claims rights, and subsequently to block the transfer of such files, either at the point at which they are requested or at the point at which they are sent.

Conclusion and next steps

Both Opinions constitute important contributions to the debate on the role of ISPs and the obligations that can be imposed on them in the fight against online IP infringements.

Although the Advocates General's Opinions are not binding on the CJEU, they are often endorsed in the final rulings of the Court.

Links:

• Opinion of Advocate General Jääskinen, delivered on 9 December 2010, Case C-324/09
• Opinion of Advocate General Cruz Villalón, delivered on 14 April 2011, Case C-70/10

For more information, contact: Karel Janssens.

---

CONTRACTS & E-COMMERCE

The French Competition Authority raises concerns over Google's dominant position on the online advertising market

In a recent report, the French Competition Authority has concluded that Google holds a dominant position on the advertising market linked to search engines. While no abuse has been found, the Authority considers that competition law can impose limits to Google's actions and provide a response to the competitive concerns raised by different intervenients.

At the end of 2010, the French Competition Authority published the results of an inquiry relative to the operation of competition in the online advertising sector. This inquiry was conducted in the course of 2010 after a referral by the Minister for Economy, Finance and Employment, who had received complaints from many actors, such as competing search engines, advertisers, internet site editors and the press. Some of them consider that they have been a victim of unfair and even illegal actions by Google.

Google holds a dominant position on the online advertising market linked to search engines

In its report of December 2010, the French Competition Authority defines the relevant market as the online advertising market linked to search engines. The Authority maintains a distinction between on the one hand traditional offline advertising (including television) and on the other hand online advertising. The report concludes that within this online advertising market, a specific market for search-related advertising should be delimited, as there are noteworthy distinctions between display and search advertisement. Search-related advertising allows for very fine-tuned targeting of the potential customer and makes it possible to approach this customer when he is actively searching and therefore closer to the purchase.

The Authority subsequently established that Google holds a dominant position on this relevant market. Some of the arguments raised over Google's dominance include market shares of 90 percent, a profit margin of 35 percent, and an impressive record in retaining users. The entry barriers also appear to be high because of the high fixed entry-costs, with Google spending three billion EURO per year in development. Finally, the Authority mentions that due to the fact that Google holds a highly efficient algorithm, market entry is also made difficult as competitors would find it hard to emulate the accuracy of Google's search results.

It is however noted in the report that the dominant position of Google results from a great deal of innovation, supported by significant and continuous investments. The Authority stresses that one should be cautious of disrupting this innovation process and that only the abusive exercise of such market power could be sanctioned.

The Authority has examined the competitive operation of the online advertising market and identified several types of practices that could be qualified as an abuse of dominant position

After an analysis of the competitive situation on the relevant market and the practices of Google on this market, the French Competition Authority identified (i) possible exclusionary conduct intended to discourage, delay or eliminate competitors through procedures that do not consist of merit-based competition (e.g. artificially high entry barriers, excessive exclusivity clauses in terms of their field, duration or scope, technical obstacles etc.), and (ii) possible operational abuses, whereby the search engine apparently imposes exorbitant conditions on its partners or customers, treats them in a discriminatory manner or refuses to guarantee a minimum degree of transparency in the contractual relations that it establishes with them.

The Authority notes that its report is drafted on a consultative basis and makes no decision as to the legality of such practices. Taking into account the fact that the market is still in its infancy and in order not to disrupt the process of innovation, the Authority concludes that regulatory intervention is for the time being not advisable. Nevertheless, the Authority states that in certain cases, competition law should be used to tackle Google's actions and to provide a response to the competitive issues pointed out by the actors. In this regard the Authority explicitly refers to its Navx-decision with regard to Google's opaque and discriminatory practices concerning its Adwords service. In this decision, the Authority ordered the search engine to implement a series of urgent interim measures, that were then confirmed and clarified as part of a commitment procedure. The report also refers to the investigation that was initiated in November 2010 by the European Commission regarding whether Google has lowered the ranking of unpaid search results by competing services which offer specialized so-called "vertical searches", i.e. searches within a particular category, such as price comparisons. Google is also suspected of having given preferential placement to its own vertical services. Recently the Commission concluded its public consultation, after receiving a wealth of submissions in its investigation of Google, including three complaints referred from the German and the Italian competition authorities and 500 responses to a round of questionnaires on the search-advertising firm's business practices.

Even though the French competition authority made it clear that it currently has no intention to open additional proceedings against Google, it has by drafting this report fired a clear warning shot at the company.

References and links:
http://www.autoritedelaconcurrence.fr/pdf/avis/10a29.pdf

---

CONTRACTS & E-COMMERCE

Commission publishes Green paper on online gambling in the Internal Market

In our newsletter of April 2010, we announced that Internal Market Commissioner Michel Barnier planned a European-wide dialogue in view of reaching a political agreement with regard to the regulatory framework on betting and gaming. On March 24, the European Commission published its 'green paper on online gambling in the Internal Market', a first step in this direction.

Purpose and contents of the green paper

The announced green paper on online gambling in the Internal Market is now a fact. Its purpose is to 'launch an extensive public consultation on all relevant public policy challenges and possible Internal Market issues resulting from the rapid development of both licit and unauthorized online gambling offers directed at citizens located in the EU'. In other words, at this stage, the Commission merely seeks to gather information from the various Member States on how they view the societal and public risks associated with both legal and 'unauthorized' online gambling, as well as on which regulatory and technical means these Member States use, or could use, in order to protect consumers, preserve public order and prevent fraudulent activities.

The paper goes on to describe and/or ask questions with regard to the following topics :

• the current market situation, recent developments and challenges with regard to online gambling in the EU (annual revenues, categories of transmission channels/devices, dominant markets, stakeholders, etc.);
• the applicable Treaty rules and the evolution of the Court of Justice's case law;
• the secondary EU legislation relevant to online gambling;
• the key conceptual/organizational, societal, public order and economic/good causes policy issues associated with an efficient and fair regulation of online gambling, namely :
  • definition of gambling
  • licensing requirements (white listing or double licensing regime)
  • related services (commercial communications, sales promotions, direct marketing, sponsorship)
  • public interest objectives (consumer protection, prevention of fraud and money laundering, financing of benevolent and public interest activities, etc.)
  • enforcement and related matters.

Timeline and next steps

Member States, the European Parliament, the European Economic and Social Committee and all other interested parties are invited to submit their views on the suggestions set out in the green paper. Such contributions should be sent to the Commission by July 31 2011 at the latest (by mail or email at markt-gambling@ec.europa.eu) and will then be published on the internet. The Commission will also organize consultations of national authorities and targeted stakeholder meetings and expert workshops.

On the basis of the conclusions drawn from the results of this consultation, the Commission will consider the next steps to be taken in follow-up to this green paper.

Analysis and conclusion

Although many – if not all – private stakeholders hoped that the Commission would soon be taking a European-wide regulatory initiative, this green paper unfortunately does not seem to be it. Indeed, the Commission states that the present consultation 'should help identify if the current rules applicable to online gambling services at EU level are fit to ensure the overall coexistence of the national systems and determine if greater cooperation at EU level might help Member States to achieve more effectively the objectives of their gambling policy'.

This national-oriented instead of pan-European approach is unfortunate, as the Commission itself states in its green paper that the differing models of national regulatory framework could only coexist well in the past 'given the relatively limited possibilities of selling gambling services across borders in the past'. This is no longer true, as the online gambling market is the fastest growing segment of the overall gambling market, with annual revenues in excess of EUR 6,16 billion in 2008, now estimated at EUR 9,08 billion in 2011. In this model, the further coexistence of, on the one hand, restrictive, strictly controlled monopoly or even prohibitive models and, on the other hand, 'private licensed operator' models seems impossible. This is amply demonstrated by the fact – also mentioned in the green paper - that in 2006, out of 14, 823 active gambling sites in Europe, more than 85% operated without any license. This incompatibility between contradicting regimes in cyberspace, the increasingly important "grey market" and the number of preliminary rulings referred to the Court of Justice of the European Union concerning the compliance of national gambling regulations with Treaty provisions clearly show the urgent need for Union regulation.

References: Green paper on online gambling in the Internal Market

---

ELECTRONIC COMMUNICATIONS & IT

EU telecom reform directives obtain direct effect

As discussed in our newsletters of February 2010 and December 2009, Directives 2009/136/EC and 2009/140/EC amending the existing regulatory framework for the telecommunications sector were adopted at the end of 2009. These directives, which contain provisions increasing the powers of the Commission in the field of telecommunications regulation and strengthening consumer protection, had to be implemented by the Member States by 25 May 2011 at the latest. In the absence of such timely implementation, certain of the new provisions will now have direct effect in the Member States.

For more information, contact: Karel Janssens.