Creating Coherence in EU Internet Regulation – by Andrej Savin


photo: Andrew Hart (CC BY-SA 2.0)

The internet presents regulators with an amorphous web of technical and legal issues with no simple solution. Andrej Savin, Associate Professor at Copenhagen Business School, says that the EU needs to develop a fluidity of process in order to tackle the big issues and cultivate the right legal tools to regulate effectively.

Two divergent trends in modern digital economy distinguish this decade. On one hand, the increasing broadband penetration, the move to mobile Internet and the high usage of digital services mark society’s ever greater dependency on information and communication technologies. On the other hand, massive surveillance and data breaches, controversies over net neutrality and the right-holders’ demands for tighter enforcement of Intellectual Property rights increase demands for regulation. The EU as a regulator had gradually taken over very large sections of the digital economy and now stands challenged to fulfil demands of divergent stakeholders.

It has taken up the challenge. The 20-year-old Data Protection Directive is in the process of being revised, Copyright reform is ongoing, new net neutrality rules are pending and consumer laws have already been reviewed. There is no need to underestimate the importance of these moves nor to be cynical about the gradual improvements they have introduced or likely will in the near future. The new data protection regime, if and when it passes, will be more attuned to the subtleties of data use in the modern world and provide more specific answers to the complicated questions that arise from modern communication technologies.

The antiquated fictional “consent” from the old regime will become clearer; privacy “by design and by default” will bring measurable improvements; the “right to be forgotten” may change the ways in which information on-line is corrected. The new copyright package, although progressing slowly and still in the early stages, will bring some flexibility to the exceptions arena and these will be more suitable to the realities of modern Internet. Although it is uncertain what form the final net neutrality rules will take, it is almost certain that at least a very basic neutrality guarantee will be introduced.

In spite of these improvements, however, it must be asked whether any of these reforms go deep enough. The EU regulatory framework remains split between telecommunications and content. The two have been gradually merging for a long period. There is currently no answer to this challenge other than to keep applying both frameworks. This may be both the most logical and the most cost-effective solution at present but it will not solve the new problems brought about by the Internet of Things.

The introduced Net Neutrality may solve the immediate threat (real or imagined) of unwarranted throttling of services but will contribute little or nothing to the real challenge of overseeing the Internet Backbone and maintaining its efficiency. Neither will it address the fact that EU telecommunications services lag behind those of rivals.

The data protection reform does not address the fundamental question – and that is the fact that we have no regulation of on-line identity. This is the source of a large number of problems, as modern identity does not lend itself to the binary anonymous/identified approach of the Directive. At the same time, it is unlikely that the copyright reform will be able to address the fundamental questions without it also being initiated at a national level; this, in turn, seems unlikely to happen in the short term.


The European Union has limited competences and is subject to procedures that result in delays as proposed laws move between the Council and the Commission. Moreover, most EU laws come in the form of minimum harmonization, with the Member States maintaining significant freedom to develop their laws. This is particularly obvious in e-commerce and copyright regulation.

The problems, however, are not procedural but substantive. They have nothing to do with how fast the new laws can be drafted or how efficiently the administration will move. They are caused by deeper uncertainties, which the Internet did not introduce but has accentuated. These can be reduced to three principle issues.

The first is about whether telecommunications networks ought to be regulated and to what extent. This question brings with it not only the basics of telecommunications laws but also privacy, commerce, jurisdiction and intellectual property. The second is about the nature of regulation of the user-generated, decentralized creativity that has marked the Internet so far. The third is ostensibly about privacy but in reality is about identity; this has hitherto been taken by the regulators in the palatable binary form of anonymous/identified but which, on the Internet, takes a much more complex form.

All three questions have a simple public face which mask deeper implications. The telecommunications question is publicly shown in the form of the net neutrality debate but which, however, only covers the “last mile” and not the rest of the Internet. The copyright debate takes place mostly in the simplified form of “piracy” and whether and how to fight it, but this hides the more pressing question of how regulation can stimulate creativity. The third comes in the form of government/corporate surveillance and how to reduce it but obscures the more serious question of managing identity, which is the actual cause of most privacy breaches.

The EU has both the ability and the opportunity to rise to the three challenges outlined above. Its actions so far, however, have been limited and spurred by public pressure, not a desire to introduce a coherent vision. The net neutrality intervention came about as a result of enormous public pressure. The copyright reform initiative came as a consequence of pressing practical difficulties not addressed since 2001. The privacy reform came naturally – as a consequence of the Directive’s age.

The EU needs regulation that enables it to keep developing, decreases fragmentation and encourages innovation. The digital society laws it has now are akin to an old mobile telephone, the new generation of which slightly changes the design but keeps the inner electronics untouched. What is needed is regulation that is fluid, more flexible and more prepared to introduce original solutions. This means a more focused Digital Agenda, less full harmonization and more reliance on controlled self-regulation.


8443549087_cc3761dfe5_oAndrej Savin works as Associate Professor at Copenhagen Business School. He obtained his PhD from University of Cambridge in 2000 and continued to work as lecturer there until 2007 when he moved to Denmark. Andrej Savin’s primary research has focused on Internet law in general and electronic commerce in particular. He has looked into the development of legislation concerning Information and Communication Technology in the EU and its Member States and conducted comparative studies looking at American cyberlaw. He is the author of EU Internet Law (Elgar 2013) and co-editor of Research Handbook of EU internet Law (Elgar 2014).

, , , , ,


Subscribe to our RSS feed and social profiles to receive updates.

No comments yet.

Leave a Reply

%d bloggers like this: