The 13th edition of EuroDIG, the pan-European Internet governance event, is taking place from 28-30 June 2021 online. You can expect sessions debating ways to improve the environmental impact of ICT, discussions on recent regulatory proposals such as the NIS 2 Directive, DSA and DMA, talks on content moderation, dealing with fake news, creating fair algorithms, lessons learned from the pandemic, and more. RIPE NCC staff at the event will be live-blogging key moments. Come back to this page for regular updates on the issues, arguments and ideas discussed over the course of the meeting.
29 June 2021, 19:00 CEST
Day 2: See you in Trieste?
Concluding a few days of discussions, Krzysztof Szubert, High Representative of the Prime Minister for European Digital Policy, Poland, pointed to a few key issues Europe should work on:
- Innovate; develop and deploy new technologies
- Take advantage of the opportunity data brings (while also managing data fairly)
- Do more to help start ups scale, in order for Europe to compete globally
- Develop and support venture capital markets and co-investment funds to increase investment in digital tech
With these final remarks I leave you to reflect on all that was said at EuroDIG (or read on if you've found yourself here after the event). The organisers and hosts alike are looking forward to welcoming us in person in Trieste next year. Let's keep fingers for that and until then - stay safe!
29 June 2021, 18:00 CEST
Day 2: Competition in the Digital World
Some three decades ago, when the Internet was beginning to enter the commercial sphere, open standards let competition thrive. Society immensely benefitted from this competition and the innovations it brought. As companies began to close off their advancements through trademarks and copyrights the markets consolidated. It happened in the telecom world, but also with email providers, search engines, browsers, social media platforms, instant massaging apps and so on. We are now in a situation where dominant market players have reached a critical mass that allows them to stay on top not due to offering a superior product, but just by making it impossible for smaller players to scale, or even enter.
To bring competition back to the digital world we need to solve two problems. First: how to do this on legal level? What sort of legislation can establish and enforce competition rules? Second: how to do this on a technical level? What would interoperability between platforms look like?
The EU is working on an answer to the first problem with its Digital Markets Act proposal, which focuses on gate-keepers. It would set a list of dos and don'ts for these companies that would make enforcement much easier. For example, gatekeepers would not be able to treat their own services and products more favourably in rankings on their own platform; they cannot forbid a company that offers services via their platform from also using another platform to do so; they cannot automatically sign end users to other services they provide. The proposal recognises that courts move slow, which might give a digital company enough time to establish a dominant position, which can then be difficult to undo. This is why the rules will be applied ex-ante, meaning preemptively, rather than after the fact.
We discussed if the right way forward is to have legislation or rather softer codes. A combination of both might be the solution. On the one hand, we need clear rules (i.e. laws) that would ensure enforcement and punishment for non-compliance, as dominant players have no incentive to open up without a hard push. On the other hand, industry could help in developing codes about the details of how the laws can be applied on a technical level.
29 June 2021, 13:00 CEST
Day 2: The EU's Cybersecurity Plans
During the focus session on the NIS 2 Directive we heard from Bart Groothuis - the MEP in charge of negotiations in Brussels. Just to recap, the proposal aims to replace the 2016 NIS Directive by increasing the security and reporting requirements, strengthening supervision and enforcement and harmonising sanctions across the EU. It also includes a number of additional industries that fall in its scope. Mr. Groothuis explained that seeing the rapid increase of cybersecurity incidents in Europe and around the globe, he hopes to reach an agreement on the Directive as soon as possible, ideally by the end of the year.
He outlined a number of points he would like to see reflected in the final version. Firstly, he was wants companies to think ethically and be proactive - plan where cyberattacks might come from and how to thwart them. Secondly, he would like to encourage data sharing - of the right data and in the right context - as well as doing so without the fear of liability looming around the corner. Thirdly, he wants to incourage CSERTs to share information among each other, but also with CSERTs outside of Europe as well as with other entities and sectors. Finally, he aims to make the legislation manageable and operable. For example, he believes that mandatory sharing of incidents is doable, however mandatory sharing of threats is more abstract and theoretical therefore assessing if a company has fulfilled such a requirement is not straightforward.
One of the amendments Mr. Groothuis already submitted was to exclude the root zone from the Directive, which is in line with RIPE NCC's contribution submitted in response to the open consultation.
Continuing the discussion, Robert Schischka, Austrian CSERT, explained that in the current proposal a small DNS resolver is in the same bucket and has to follow the same obligations as a large one. This would force market consolidation or might lead to small ISPs tagging their products for private users only, both of which would limit connsumer choice. Mr. Groothuis agreed and explained he has put an amendment to address this as well.
Next the conversation veered into Whois. Mr. Schischka explained that correct data in Whois is more critical for trademarks, copyright and hate speech cases rather the cybercrime. He also suggested it would be more useful to differentiate between private use on the one hand and commercial or political use on the other, instead of differentiating between private person and legal entity.
The focus session continued into five breakout rooms, feedback from which included the need for better explanations of the interplay between NIS 2 and other regulations such as, but not limited to, the GDPR, more clarity on the role of different entities and so on. Following EuroDIG, the organisers will publish all key messages, first for comment, and then as a resource for all.
29 June 2021, 18:30 CEST
Day 1: Where Content Moderation Meets Infrastructure
I suppose another session on content moderation was to be expected - given the EU’s major proposals on the topic that are currently being debated, it’s understandably a major theme at this year’s EuroDIG. This time, the discussion focused on content moderation on the Internet infrastructure level and the question of where censorship begins. It took the form of another panel with experts from government, academia and industry weighing in.
The hot topics centred on transparency and proportionality, and ensuring that regulation isn’t used as a blunt instrument that ends up causing unintended consequences. Some interesting points were raised around how different platforms have chosen to block certain content (such as far right-leaning political groups) without a clearly defined policy in place, and that more transparency around how these decisions are made is needed. In terms of proportionality, the panelists largely agreed that there should be different thresholds at different layers of the Internet and highlighted the importance of targeting the right service providers to ensure that core infrastructure isn’t targeted when, for example, a single website needs to be blocked. They also noted that a platform that inadvertently hosts one problematic image out of a million, for example, should be treated differently than one that hosts a much higher percentage of problematic content.
Finally, similar to the earlier session on digital service regulation, there was general agreement that more clarity is needed around some of the key aspects of the DSA and DMA in terms of how to encourage more transparency and ensure proportional measures are taken against service providers at different layers of the Internet’s infrastructure.
29 June 2021, 17:30 CEST
Day 1 Keynotes: Roberto Viola (European Commission) and Patrick Penninckx (Council of Europe)
Keynote speeches can feel a little old-fashioned in multistakeholder events like EuroDIG, especially in the current remote format; however, they can provide useful insights into the perspectives driving some of the more influential actors in the space. In the European context, the European Commission and the Council of Europe clearly qualify as influential actors, so it was a useful interlude amongst the more interactive sessions that allowed us to hear from these two organisations.
At a time when the European Union focus has been on a few specific legislative proposals currently making their way through the institutional process (NIS 2, the Digital Services Act, the Digital Markets Act, to name a few), it was interesting to hear Mr Viola adopting a more holistic, positive tone in discussing the Commission’s “Digital Compass” project. Described as a “navigational map” for the coming ten years of digital development, it focuses on the broader aim of ensuring that Member States can realise the potential benefits of the Internet and digital technologies in relation to sustainability, decentralisation, and social interaction. The RIPE NCC is planning to provide our own input to the current open consultation on the “Digital Compass”, but as legislators work to ensure the Internet’s benefits are shared by all (and its risks managed effectively), a multistakeholder approach to developing that legislation (where necessary) is vital. With that in mind, the Commission’s support of EuroDIG and the participation of various European parliamentarians is very positive to see.
Patrick Penninckx used the opportunity of his keynote to reinforce the Council of Europe's support for EuroDIG, the Internet Governance Forum, and other regional/national platforms that can complement and support the multistakeholder community. Among his suggestions was a note that, as the importance of youth participation in EuroDIG has been recognised in recent years, so too should the voices of older generations. It will be interesting to see how this can be reflected in EuroDIG’s approach, but like the Commission, the Council of Europe is clearly focused on the fact that no group in society is unaffected by the governance decisions currently being made in relation to the Internet.
29 June 2021, 15:30 CEST
Day 1: How Best to Regulate Digital Services?
The European Commission’s two major legislative proposals around regulating digital services - the Digital Services Act (DSA) and Digital Markets Act (DMA) - are wide-ranging proposals with the potential to affect a huge number of actors in the digital sphere in myriad ways, so it was no wonder that the double session on “Digital services regulation - opportunities and challenges” was just as sprawling.
The session included questions from participants alongside remarks from a large panel that included government, civil society and industry representatives who offered their own perspectives on the positive aspects and foreseen challenges posed by the DSA and DMA. In general, the proposals were welcomed across the broad range of stakeholders and seen as necessary in updating the E-Commerce Directive of 2000, as the digital landscape has grown and evolved in ways that could never have been imagined 20 years ago. Participants applauded the preservation of some of the E-Commerce Directive’s key principles, including its country-of-origin principle, limited liability for intermediary service providers, and the ban on general monitoring obligations.
However, many of the panelists pointed out that the implementation will be extremely tricky and that there are different ways to achieve the European Commission’s goals. There was a general call for more clarity on a number of aspects, including the extent of due diligence required and thresholds for complying with takedown requests. There was also the question of how this new legislation would work in conjunction with existing reporting channels and takedown procedures - many of which, as was pointed out - already do an excellent job of catching illegal content.
Participants also discussed the need to support smaller players, who might not have the same legal resources to meet the proposals’ requirements as the dominant platforms, along with the desire to promote European alternatives to those platforms and to expand consumer choice. Another major discussion point was the extraterritorial nature of the Digital Services Package and exactly how it would be enforced with those offering services within the EU, but who are headquartered elsewhere. As the European Commission was involved in the panel discussion, it seemed like useful feedback for them to hear directly from those stakeholders who will be most affected by the proposals and, hopefully, to further clarify those aspects that remain ambiguous.
The RIPE NCC has been quite active in providing feedback on the DSA. We hosted an open community discussion of our own last July, submitted a response to the European Commission’s open consultation last September and another response to the Commission adoption of the proposal in March. You can find a full list of the RIPE NCC’s responses to consultations on our website.
29 June 2021, 12:00 CEST
Day 1: How to Green ICT?
More than half of global GDP already has some connection to the Internet and four billion people around the globe are actively using platforms (influenced by less than 20 companies) to consume and converse. ICT is influencing all three aspects of sustainability: economic, social and environmental. The impact - both the positive and the negative - is high on the agenda for regulators, industry and consumers alike. During the session we discussed the current state of such impact and what we can do in the future to make sure ICT develops in the direction that benefits not just profits, but people and planet.
We acknowledged that there is currently a rather large attitude-behaviour gap. On the one hand an overwhelming majority of consumers say that they want to buy sustainable, ethically sourced products that do not harm the environment. On the other hand we see only a small minority that go through the effort to research or pay the higher price for such products. At the moment, the tech industry is part of the problem, but can also be part of the solution, by empowering users with the information they need to make an informed decision. This information should also be used by investors as well as by public procurement, both of which have substantial influence on the markets and as such have a very important role to play in driving change.
There was broad agreement on the panel that lack of consistent and comparable data was the single largest impediment to progress. As the saying goes, you can't manage what you don't measure. We as society need to demand a global standard framework of disclosures which would make possible for interested parties to assess the net impact of products and compare them across the board.
Next to this, participants pointed to the lack of high-quality IT skills in the public sector compared to the private sector especially in developing countries where the salary difference is substantial. There are also currently no large IT companies leading the way with honest and impactful sustainability efforts.
Voluntary agreements put forth by the ICT industry are not ambitious enough (or at all). At the same time they go unchallenged by governments and civil society as the latter two lack staffing or priority. Participants spoke of the need to:
- Develop a common data core to inform, raise awareness, and serve as a rational basis for legislation
- Audit and assure company sustainability reporting (just like financial reporting is) to avoid greenwashing and allow transparency
- Mandate long-term software support for products
- Guarantee the right to repair affordably and by extension - design products having the right to repair in mind
- Standardise connectors and plugs to avoid vendor lock-in, increase competition and prevent having to re-purchase items such as power chargers and adapters
- Put legal barriers and economic incentives for companies to avoid exports of e-waste and instead recycle in the country producing the waste
All these seem like ambitious goals, but we need to start somewhere right? Do you think there are ways you can contribute, in your day job or otherwise?