Thinking about platform regulation, i found this section from Wednesdays edition of The Interface newsletter insightful (it discusses the issue in the context of the debate of Section 230 in the US but this is equally relevant in the context of the Digital Services Act in the EU):

As it so happens, there’s a sharp new report today out on the subject. Paul Barrett at the NYU Stern Center for Business and Human Rights looks at the origins and evolution of Section 230, evaluates both partisan and nonpartisan critiques, and offers a handful of solutions.

To me there are two key takeaways from the report. One is that there are genuine, good-faith reasons to call for Section 230 reform, even though they’re often drowned out by bad tweets that misunderstand the law. To me the one that lands the hardest is that Section 230 has allowed platforms to under-invest in content moderation in basically every dimension, and the cost of the resulting externalities has been borne by society at large. Barrett writes (PDF):

Ellen P. Goodman, a law professor at Rutgers University specializing in information policy, approaches the problem from another angle. She suggests that Section 230 asks for too little — nothing, really — in return for the benefit it provides. “Lawmakers,” she writes, “could use Section 230 as leverage to encourage platforms to adopt a broader set of responsibilities.” A 2019 report Goodman co-authored for the Stigler Center for the Study of the Economy and the State at the University of Chicago’s Booth School of Business urges transforming Section 230 into “a quid pro quo benefit.” The idea is that platforms would have a choice: adopt additional duties related to content moderation or forgo some or all of the protections afforded by Section 230.

The Stigler Center report provides examples of quids that larger platforms could offer to receive the quo of continued Section 230 immunity. One, which has been considered in the U.K. as part of that country’s debate over proposed online-harm legislation, would “require platform companies to ensure that their algorithms do not skew toward extreme and unreliable material to boost user engagement.” Under a second, platforms would disclose data on what content is being promoted and to whom, on the process and policies of content moderation, and on advertising practices.

This approach continues to enable lots of speech on the internet — you could keep those Moscow Mitch tweets coming — while forcing companies to disclose what they’re promoting. Recommendation algorithms are the core difference between the big tech platforms and the open web that they have largely supplanted, and the world has a vested interest in understanding how they work and what results from their suggestions. I don’t care much about a bad video with 100 views. But I care very much about a bad video with 10 million. So whose job will it be to pay attention to all this? Barrett’s other suggestion is a kind of “digital regulatory agency” whose functions would mimic some combination of the Federal Trade Commission, the Federal Communications Commission, and similar agencies in other countries.

It envisions the digital regulatory body — whether governmental or industry-based — as requiring internet companies to clearly disclose their terms of service and how they are enforced, with the possibility of applying consumer protection laws if a platform fails to conform to its own rules. The TWG emphasizes that the new regulatory body would not seek to police content; it would impose disclosure requirements meant to improve indirectly the way content is handled. This is an important distinction, at least in the United States, because a regulator that tried to supervise content would run afoul of the First Amendment. […]

In a paper written with Professor Goodman, Karen Kornbluh, who heads the Digital Innovation and Democracy Initiative at the German Marshall Fund of the United States, makes the case for a Digital Democracy Agency devoted significantly to transparency. “Drug and airline companies disclose things like ingredients, testing results, and flight data when there is an accident,” Kornbluh and Goodman observe. “Platforms do not disclose, for example, the data they collect, the testing they do, how their algorithms order news feeds and recommendations, political ad information, or moderation rules and actions.” That’s a revealing comparison and one that should help guide reform efforts.

Nothing described here would really resolve the angry debate we have once or week or so in this country about a post that Facebook or Twitter or YouTube left up when they should have taken it down, or took down when they should have left it up. But it could pressure platforms to pay closer attention to what is going viral, what behaviors they are incentivising, what harms all of that may be doing to the rest of us.

With the DSA consultation closed there is now the predicatble onslaught of statements, position papers and other writings (here is a highlights reel from Euractiv. While it will take some time to properly analyse all of the responses to the consultation this paid-for opinion piece by EDiMA caught my eye today.

In it EDiMA (the trade association representing internet platforms in the EU) is unsurprisingly arguing that everything is fine and that the EU legislator must leave the key principles of the e-Commerce Directive intact. Among the key pillars of the the ECD that EDIMA wants to preserve is the prohibition of general monitoring obligations in Article 15 ECD:

The Prohibition of a General Monitoring Obligation means that service providers cannot be forced to monitor every action of their users, protecting the fundamental rights of European citizens.

Now it is good thing that tech platforms care about the fundamental rights of European citizens, but this is a fairly hypocritical position for an organisation representing platforms whose entire business models are build on permanently monitoring the behaviour of their users.

While EDIMA is correct to point out that we would all be worse off should EU member states be allowed to require online services to monitor their users, the fact that they do so without being required is just as problematic for the fundamental rights of European citizens.

In the context of the discussion about a possible Digital Services Act, this means that in addition to preserving the prohibition on a general monitoring obligation we will also need to think about measures that prohibit general monitoring by platforms of their users (as part of their business models). I doubt, that once such measures are on the table we will hear EDiMA invoke the fundamental rights of European citizens.

Today the German Council presidency hosted a conference on “Datenökonomie, KI und geistiges Eigentum”. On the occassion of the event a number of the participating academics have issued a memorandum on the future of the creative ecosystem in Europe (titeled “Copyright Law 2030”) which tries to shift the very practical (cough - DSM directive - cough) discussion of the last few years towards a more fundamental discussion about the future of the EU copyright system. As part of this the authors make a number of important observations:

Relief from false expectations: As a society, we need to develop an understanding of copyright’s core tasks: Copyright law must create the proper incentives and provide access rules that, jointly, promote creativity and protect authenticity and that are sensitive to social communication practices. It is not the purpose of copyright law to protect business models.

Plurality of governance instruments. Large parts of copyright law’s current regulatory content could be left to the market and to technology (governance by technology). However, this would require an appropriate legal framework (governance of technology). Copyright law is an integral part of this framework. Thus, regulators should always inquire whether copyright law is the right means to achieve their desired objective; copyright law’s regulatory deficits shall not be tolerated with reference to other regulatory instruments.

Develop a new architecture. The copyright law of the 21st century must learn from past experience but should not stick to the instruments and solutions applied in the analogue age. Digital, internet-based uses require modified (sector-specific) regulation. One possible solution is a shortened term of protection; any renewal could be subject to fees and registration. This would incentivise right holders to evaluate the subject-matter’s economic potential and would strengthen the public domain. Publicly controlled registers could relieve the system and foster exploitation and accessibility in the interest of both stakeholders and the general public. At the same time, authors’ moral rights should be strengthened in the digital context.

Unfortunately their ideas for how any of this could be achieved (their “Theory of Change”) is rather naïve. Being academics, the authors, in an act of visionary wishfull thinking, propose that policy makers should, for once, listen to the academics.

Visionary thinking. Any modern copyright law must take into account trends and scenarios of the near future. To this end, the European academic community should work together and submit joint proposals – proposals which may put the existing European or international legal framework up for discussion. The institutions of the European Union and its Member States should promote this research programme and pay attention to its results.

This is of course not how things work in the real world and so it is high time we develop a more realistic theory of change.

The Kluwer Copyright blog has published a “Third take on the Hungarian implementation of of Article 5 of the DSM directive” which feels a bit like a response to my earlier observations on the topic. This “third take” is authored by David Ujhelyi, the head of department at the Ministry of Justice, i.e one of the drafters of the law.

In response to my criticism of the procedure that lead to the introduction of the new exception, Ujhelyi makes an effort to stress the legal basis of the new law and its necessity in light of the pandemic. Reading the post it is fascinating to realize that that if one completely removes the political context (the quasi-authoritarian rule established by Orban) the actions of the Hungarian givernement are a perfectly rational response by a government responding to the pandemic.

Tonight dutch social media are in minor frenzy because of a relatively minor update to Facebook’s community standards that has added “Caricatures of black people in the form of blackface” to its list of banned dehumanizing comparisons, generalizations, or behavioral statements (in written or visual form). While this will seem like a sensible update in most parts of the world, a substantial portion of dutch society sees this as an attack on its national culture, because in the their view racists stereotypical depictions of people of colorin the form of “Zwarte Piet” are part of dutch national heritage. As a result there is much complaining about corporate censorship and the outsize power of social media platforms.

While it is true that this is yet another demonstration of the power to shape political discourse that social media platforms have amassed, (reminiscent of the way that Apple and Google settled the discussion about exposure notification apps by virtue over tehir power over the mobile phone operating systems) this is hardly something that the Dutch can legitimately complain about. They have only themselves to blame as they have had ample time to realize that their cherished, and deeply racist “Zwarte Piet” has been well past its expiration date.

With today’s decision by Facebook (which means that publicly funded programming featuring racist stereotypes produced by the national public broadcaster will have to be removed from Facebook going forward) and the cancellation of this year’s Sinterklaas parades because of the CODID-19 emergency it seems increasingly likely that the days of Zwarte Piet as an official sanctioned form of cultural expression are finally numbered.

I completely missed this when it happend in January of this year, but it turns out that the NPO (the Dutch public broadcaster) has stopped selling targeted advertising on its web properties and has instead switched to contextual advertising. Bravo!

Now Wired reports on this change in an excellent long read that captures the NPO’s decisin making process that started with 90% of online visitors opting out of third party trackers and points to a future of online advertising that is sustainable both in terms of user privacy and economic returns for publishers:

If privacy wins out, however, and if NPO’s experience is any guide, then the future of digital publishing could be one in which a lot of money shifts back to the organizations producing the articles people want to read and the videos they want to watch. If advertisers start paying to appear in a certain context rather than to target a certain user, it will advantage publishers whose content is actually good—and put out of business the long tail of low-quality or outright fraudulent sites that currently soak up much of the money spent on automated programmatic advertising.

It seems like everyone has a to have a take on TikTok these days, including David C Lowery over at The Trichordist who chimes in to argue that along with the US treasury getting ‘key money’ songwriters should also get tehir share of the spoils of a forced sale of the platform:

Songwriters have been forced to finance the hyper growth of the social media phenomenon. So why shouldn’t they be rewarded like any other venture capitalist? Further why should the venture capital firms like SoftBank be rewarded for knowingly financing an apparent criminal RICO racket. Give songwriters their share. […] Given the scale of the apparent willful infringement and the rumored $30 Billion price tag for TikTok. Two billion dollars is quite reasonable.

Lowery argues that songwriters have seen no income from TikTok (while music publishers and record labels have managed to make deals). And while it seems that this description is largely accurate, it is also worth noting that in the EU collective management organisations representing songwriters are still in the negotiations with TikTok. As the IPkat notes:

The music industry and collecting societies for rights in musical works have been trying to negotiate agreements with TikTok, threatening legal action against the social media platform for copyright infringement in the absence of such an agreement. They want to see songwriters, composers, musicians and artists directly remunerated for the use of their songs on the social media platform by way of royalty payments.

Last year, ICE (a joint venture representing the digital music rights of PRS in the UK, GEMA in Germany, and STIM in Sweden) attempted to reach an agreement with TikTok that ended up being referred to the UK’s Copyright Tribunal in July 2019. However, by December 2019, the dispute was withdrawn from the tribunal, as the parties announced that they would be entering into arbitration to agree the terms of a licensing deal that would include retrospective use of copyright material on TikTok. The outcome of the arbitration is yet unknown.

It will be interesting to see which approach will result in songwriters getting paid. My money is on the EU collecting societies, rather than on President Trump suddenly starting to care about poor songwriters.

In the meanwhile the IPkat entertains the question if TikTok videos qualify as parodies and are thus covered by the - now mandatory - parody exception:

This Kat is wondering if the videos created on TikTok are parodies? In the UK the government guidelines say that a parody for the purpose of the copyright exception is “a comedian may use a few lines from a film or song for a parody sketch.” They UK law states: “Fair dealing with a performance or a recording of a performance for the purposes of caricature, parody or pastiche does not infringe the rights conferred by this Chapter in the performance or recording.” Does a 13 second sound clip, used for the purpose of a musical-meme qualify?

Does a 13 second sound clip, used for the purpose of a musical-meme qualify? This Kat consulted Sabine Jacques’ book on Parody; where she says “a parody is something distinct from a mere re-working or altered copy. A parody communicates a new distinctive message from the earlier work it reproduces, and typically results in the creation of a new expression which may be eligible for copyright protection.”

We know that, at least under Chinese copyright law, these videos can be eligible for copyright protection. Perhaps some of the videos uploaded to TikTok might be considered a parody – for example, when a user creates a funny lip-syncing video using a sound clip from a reality TV show, to create a new scene. However, when users simply copy a dance routine to a song, this Kat is of the opinion that this is simply a re-working and does not create a new distinctive message. Therefore, whilst it is possible that some of the user’s videos fall within the parody exception, probably most of them do not. In any event, it would seem that even if the users’ videos were considered parodies, that TikTok’s use of the sound clips still require a copyright licence.

As i have argued elsewhere, it seems to me that the pastiche exception would be a much better fit for the creative practices that have developed on TikTok. In a recent paper Prof Martin Senftleben has argued that the various definitions of “pastiche” are a surprisingly good fit for what is happening on TikTok:

The Merriam-Webster English Dictionary defines “pastiche” as “a literary, artistic, musical, or architectural work that imitates the style of previous work.” It also refers to a “musical, literary, or artistic composition made up of selections from different works.”69 Similarly, the Collins English Dictionary describes a “pastiche” as “a work of art that imitates the style of another artist or period” and “a work of art that mixes styles, materials, etc.”

As Senftleben outlines in his paper, a remunerated pastiche exception could serve as a way to ensure that creators remain free to post to TikTok while at the same time making sure that songwriters, composers, musicians and artists would be remunerated for the use of tehir works on TikTok (and other platforms). Seems to me that such an approach is much preferable to the current state of affairs described above.

Back to work after the summer break. My first (real!) meeting of the day was at Waag to provide input for their research on the possibility of building an “Online European Public Space”". The three person meeting was held in the Theatrum Anatomicum which Waag has configured as a socially distanced meeting room, which, ironically, made me think of this work (credited to Colin Lyons), which i had come across online during my vacation:

Context: Rembrand’s Anatomy Lesson of Dr. Nicolaes Tulp depicts the Waag’s Theatrum Anatomicum.

Ben Thompson has a publicly available follow-up post that expands the yesterdays analysis into a model of “four internets” (US, China, EU and India) in which he doubles down on his criticism of EU style internet regulation:

Europe, through regulations like GDPR and the Copyright Directive, along with last week’s court decision striking down the Privacy Shield framework negotiated by the European Commission and the U.S. International Trade Administration (and a previous decision striking down the Safe Harbor Privacy Principles framework), is splintering off into an Internet of its own.

This Internet, though, feels like the worst of all possible outcomes. On one hand, large U.S. tech companies are winners, at least relative to everyone else: yes, all of the regulatory red tape increases costs (and, for targeted advertising, may reduce revenue), but the impact is far greater on would-be competitors. To put it in allegorical terms, the E.U. is restricting the size of the castle even as it dramatically increases the moat.

E.U. citizens, meanwhile, are likely to see their data increasingly protected from the U.S. government, which is a win; other protections, meanwhile, seem unlikely to be particularly effective or outweigh the general annoyance and loss of relevance that comes from endless permission dialogs and non-targeted content. Moreover, per the previous point, the number of alternatives to established incumbents are likely to decrease, particularly relative to the U.S.

It also seems unlikely that European competitors will fill in the gap. Any company that wishes to achieve scale needs to do so in its home market first, before going abroad, but it seems far more likely that Europe will make the most sense as a secondary market for companies that have done the messy work of iterating on data and achieving product-market fit in markets that are more open to experimentation and impose less of a regulatory burden. Higher costs mean you need a greater expectation of success, which means a proven model, not a speculative one.

Worst of all, at least from the E.U.’s perspective, is that this approach doesn’t really have any upside for European governments. That’s the thing with rule by regulation: without a focus on growth it is harder to create win-win situations.

Again what this misses is that Europe might be shifting away from a model where the online services dominate the online space. This criticism only holds when one assumes that the online space is one that must be treated as a market where growth is the primary objective. In the concluding sentence of the post, Thompson correctly observes that…

What differs Europe’s Internet from the U.S., Chinese, or Indian visions is, well, the lack of vision. Doing nothing more than continually saying “no” leads to a pale imitation of the status quo, where money matters more than innovation.

which makes it clear that his analysis should not be read as a criticism of regulation but as a reminder of the need for a more ambitious vision for a Shared Digital Europe.

Not entirely unexpected Ben Thompson has a slightly different view on the Schrems II ruling [subscribers only] that i discussed here last week. His analysis places the ruling in the context of the larger more regulation benefits dominant players that can more easily shoulder the cost of regulatory compliance argument (that also constitutes the core of his criticism of the GDPR):

Speaking of Facebook, many of the usual suspects are hailing [Schrems II] as a loss for the social network in particular, which makes sense given that the underlying case was explicitly about Facebook’s transfer of data. It seems pretty obvious, though, that the implications are going to be similar to GDPR: pain on an absolute basis for Facebook and other Internet giants, but far greater pain on a relative basis for basically everyone else, including would-be competitors.

Even once SCCs are knocked out, though, the solution for a company like Facebook is pretty obvious: simply build out data centers in the E.U. that import algorithms and machine learning models from the U.S., while doing all data processing locally. Sure, this is going to be more expensive and less effective than treating all Facebook data the same, but Facebook can afford it — as can Google, Microsoft, Amazon, Apple, etc. Things will be much more difficult for smaller sized companies; expect increased reliance on the big cloud providers to offer geographic data management as a service.

Still, while this is obviously another reason for the U.S. to consider its own national privacy law (which, notably, is the best way to address The TikTok War), the biggest losers are likely to be European citizens. Not only will this ruling reduce the likelihood of services entering the E.U. market, but another casualty will be companies considering opening E.U. offices, or hiring E.U.-based personnel. Is it really worth it to run a separate data center for that free-lancer in Belgium, or that five-person team in Berlin — not to mention the increased legal risk that comes with local operations for sales and services from the U.S.? If you’re not a big company, it’s increasingly hard to see how the E.U. is worth the trouble; perhaps E.U.-based companies will pick up the slack.

So what Thompson is missing here is that from the EU perspective this outcome looks more like a feature than a bug. In the long term a EU digital strategy cannot be based on foreign “services entering the E.U. market”, but must be based on EU services operating from a strong home market (even with the UK gone, the EU still has a population of 445 million). Having strong privacy rules in place and requiring an equal level of protection from government surveillance for anyone touching personal data from EU data subjects can (and should) be a competitive advantage. Especially since nothing in the Schrems II ruling should prevent EU based services from processing data from outside of the EU in the EU even it comes from countries where government surveillance is rampant.

It will probably take some time before the significance of todays CJEU ruling in Schrems II case will become apparent. With the court invalidating the Privacy Shield and stipulating requirements for the Standard Contractual Clauses that are very hard to fulfil for US companies (in its ruling, the court has already more or less concluded that the US doesn’t fulfil them) there seem to be 3 basic options:

1. The Commission will simply ignore the ruling and it will be business as usual
2. The platform companies will push for fundamental reforms of the US surveillance system (as Schrems seems to hope)
3. We will see a further splintering of the internet with US platforms moving parts of their operations to Europe and separating them from the rest of their operations.

It seems to me that the third option is the most interesting here, because it would increase Europe’s regulatory leverage over the digital space. This would of course come at the cost a further splintering of the Internet as a truly global communications platform (although we need to be carefull here not to conflate the dominant platform intermediaries with “the Internet” as such). This sprintering fits into a bigger pattern that is already well underway and may fundamentally undermine the US hegemony in the online environment. Over on stratechery Ben Thompson describes this pattern in the context of the discussion about the US possibly banning TikTok:

First, if it becomes generally acceptable for nation-states to block apps, Facebook is one of the biggest losers. Currently the service is dominant almost everywhere but China, which means it has a lot more to lose the more splintered the Internet becomes. This is something for the U.S. to think about more broadly: the dominance of U.S. Internet companies all around the world is a real strategic advantage, and banning TikTok may win a battle and lose a war.

As expected, the French Senate voted last night to give the French government the power to implement the provisions of the DSM directive by way of ordnance/decree. This authorisation measure is part of a larger legislative package that seeks to implement a number of different EU Directives into French law.

While the addition of this authorisation measure was to be expected, another addition of to the law comes as a bit of a surprise: Against the advice of the government, the Senate also adopted an amendment that introduces sweeping provisions requiring the interoperability of online platforms.

While there is a lot of talk about interoperability in policy circles these days, legal requirements for interoperability of online platforms do not exist yet. Instead many observers expect such requirements to become part of the Digital Services Act that is slowly taking shape in Brussels.

Yesterdays surprise vote in the Senate has the potential to dramatically change the landscape here. The measures adopted yesterday would give French regulators broad powers to enforce interoperability of online platforms including the power to require platform operators to “implement technical interoperability standards identified by the authority”.

Should the text adopted by the Senate indeed become law (which seems likely at this point as the final vote in the National Assembly will be a simple yes/no vote that does not allow for further amendments of the text), France might have just supercharged the discussion about platform interoperability without anyone noticing.

For the fourth of our ongoing series of Open Future Sessions¹ we were joined by Renata Avila who gave a presentation on openness, Big Tech and capitalism for which she had provided us with the following teaser:

“YES! It is a bird, it is a plane, it is Big Tech! Together, we will reverse engineer the term and what it means when we discuss it. It is important to understand the power architecture and which ones are the truly blockers of an open future. And why”.

This turned out to be an extremely insightful presentation that kickstarted a discussion on how to measure the adverse affects technology companies have on “openness” where openness. At some point during the discussion Renata described the current situation as one in which “the remote control has been removed and now it is the system that feeds us”.

As someone who grew up without remote controls (and largely without television) it is a very strange idea that a remote control could might be a signifier of a healthy media diet.

It increasingly looks like the French government has taken inspiration from the Hungarian government’s approach to implement the Copyright Directive: As previously reported by NextImpact (and after a brief period of uncertainty caused bet the appointment of a new government), the new government has now tabled an amendement to the so called “Ddadue” law that would give it the power…

… to take by ordinance any measure of a legislative nature designed to:

[…] (b) To amend the provisions of the Intellectual Property Code with a view to transposing into French law Articles 2-6 and 17 to 23 of Directive 2019/790 of the European Parliament and of the Council on copyright and related rights in the digital single market and amending Directives 96/9/EC and 2001/29/EC, and by making the adaptations and material, legal and editorial corrections and adjustments made necessary by the Directive in this Code;

Once adopted (the first reading in the Senate is scheduled for tomorrow evening, but it is unclear to me if and how this would also need to go to the Assemblee Nationale) this would allow the government to implement Article 17 of the Directive without any further parliamentary scrutiny. While manoeuvre seems to be primarily designed to speed up the national implementation of the provisions of the DSM directive¹, it is still a very worrying sign, that the French government is willing to sidestep parliament for a legislative project that directly touches on various types of fundamental rights.

The existing French implementation proposal lacks a number of the user rights safeguards required by Article 17 of the directive and adopting this flawed text without parliamentary scrutiny and ahead of the European Commission’s implementation guidance would further weaken its legitimacy.

Article 14 of the DSM directive (“Works of visual art in the public domain”) is my favorite part of the directive. Not only because i carry a certain amount of responsibility for the very existence of this Article, but also because it pretty much undisputedly fixes something that was broken and restores a certain amount of order to the universe.

Unfortunately we had to wait until yesterday to see how Member States affected by the new provision would implement it. The new German implementation proposal is the first one that contains a provision in line based on Article 14¹:

§ 68 Vervielfältigungen gemeinfreier visueller Werke

Erlischt das Urheberrecht an einem visuellen Werk, so erlischt auch der Schutz von Vervielfältigungen dieses Werkes durch verwandte Schutzrechte nach den Teilen 2 und 3.

This is short and sweet and does the job. It also leaves no ambiguities with regards to the application in time: Staring on the 7th of June 2021 there will be no more rights in reproductions of works of visual art in Germany anymore.