Before we start, a small note from your editor, as this is my last issue. I want to thank all my readers for their continuous support. It has been an exciting personal and professional journey, and I hope our paths will cross again. Do not hesitate to get in touch via your social media of preference or at the next Brussels gathering. Don’t be a stranger! |
|
All eyes on COREPER, from a convention to a declaration |
|
“We support the text with strict conditions.” -Spokesperson of the French Permanent Representation to the EU. Story of the week: The Committee of Permanent Representatives (COREPER) will adopt the AI Act this afternoon. No drama is expected, with France having followed Germany and Italy in dropping its reservations on the text. Expect (probable) unanimous support, with a few declarations for the record. Still, Paris has put forth some conditions, namely ensuring that the EU regulation does not hamper the development of competitive AI models, balances transparency and protection of trade secrets, avoids making the high-risk obligations overburdening for companies and a reassessment of the threshold and criteria used to designate AI models with systemic risks. France’s support was somewhat inevitable to avoid certifying its isolation after Germany and Italy dropped their opposition to the text. However, the French conditions indicate that passing the law will be only the beginning. Lobbying will continue in the implementation phase, as the Commission will have to adopt around 20 delegated or implementing acts and at least six guidelines. The EU executive rushed to establish the AI Office even before the regulation was adopted because it must deliver the codes of conduct for General Purpose AI models within nine months from the law’s entry into force. But, as usual, resources will be a problem. The Commission counts on putting 20 people from DG CNECT, plus 80 temporary staff members or seconded national experts. Expect countries like France and Germany to embed their officials in the Office that will police their start-ups. Don’t miss: Last week, the negotiations on the world’s first treaty on Artificial Intelligence failed to solve the thorny issue of whether private companies should be covered. The last chance to reach a consensus is now at the plenary in March, as the treaty is due to be endorsed at the ministerial level in May, and there might technically not be the time for an extension. Meanwhile, the latest draft, seen by Euractiv, further watered down an already weakened text to the point it now resembles more a declaration than a convention. With a tug-of-war between the US and other observer countries on one side and the EU represented by the Commission on the other, hardly anyone is defending the original text. However, the disproportionate influence that the observer countries have had in shaping the world’s first AI treaty can only be explained by political dynamics internal to the Council of Europe, as the United States might sign the convention, but it is close to impossible they will ever ratify it. Much has to do with the upcoming elections of the body’s secretary general, as one of the candidates is from the same nationality as the chair of the AI Committee. Read more. Also this week: Amazon abandoned its project to acquire iRobot as the EU was about to block the deal. The European Court of Justice found the indiscriminate retention of convicts’ data illegal. Germany is set to miss the 17 February deadline for the DSA implementation. EU policymakers again failed to agree on the Platform Workers Directive and reverted to ‘shared principles’. The negotiations on the Gigabit Infrastructure Act are set to conclude on Monday, but for the telcos, the law is “a good idea gone wrong.” Before we start: If you just can’t get enough tech analysis, tune in on our weekly podcast. |
|
No initiative in sight. The UK government decided not to implement a broad copyright exception for AI training on Wednesday, according to Politico. The decision follows previous plans to allow AI companies to use copyrighted content for training, also without a license, which was now blocked with the decision. The British were planning on a voluntary, industry-led solution to solve the issue of copyrights. Bard and breach of criminal law. A complaint was filed on Monday to Ireland’s Data Protection Commission as an open letter against Alphabet’s plans to introduce its Bard AI into Android’s Messages app and to intercept hundreds of billions of confidential communications to train its AI. Among other things, in several member states, this “constitutes a breach of criminal law for the interception of communications content”, Legal Consultant Alexander Hanff wrote on LinkedIn. Let’s start from scratch. An influential French think tank suggested creating an independent AI authority rather than assigning this task to the privacy regulator CNIL. For the Institut Montaigne, the new authority would complement the Commission’s AI Office in its regulatory work on AI systems. EU’s brink of opportunity. Amazon Web Services monitored a 32% increase in AI adoption among European businesses during 2023, possibly injecting €600 billion in gross value added into Europe’s economy by 2030. The report emphasises Europe’s digital skills gap and company access to the latest technologies by looking at the critical issues that need to be tackled to unlock AI’s full potential. |
|
Amazon-iRobot merger no more. E-commerce giant Amazon has given up on its bid to acquire the smart vacuum cleaner manufacturer iRobot, as the Commission was about to block the merger due to concerns it would restrict competition in the product’s market. The two companies have signed a termination agreement that resolves all outstanding matters from the transaction, including the previously agreed-upon termination fee of Amazon paying iRobot. “This outcome will deny consumers faster innovation and more competitive prices, which we’re confident would have made their lives easier and more enjoyable,” said David Zapolsky, Amazon SVP and General Counsel. Read more. DG COMP a side dish? At Cristina Caffarra’s seminal conference this week, Olivier Guersent, the EU’s top bureaucrat for competition policy, dismissed its area of expertise as a mere ‘side dish’. The French officials mentioned that the green and digital transitions necessitate massive public investments, which should be limited in areas of market failure. He also admitted that DG COMP’s thinking has evolved in the past years, notably from Facebook’s WhatsApp acquisition, as the anti-competitive practices of online platforms have also grown in sophistication. Not alone anymore. The head of the other major European antitrust regulator, Bundeskartellamt’s Andreas Mundt, indicated that for them, competition policy “was never about price, always about power.” Still, he highlighted how competition is no longer the only kid on the block, as new regulations have been passed to scrutinise foreign subsidies and foreign direct investments. Meanwhile, he reminded us how abuse cases have become the most common type in digital enforcement but that antitrust regulators still have to understand how to account for data as a currency in their assessments. |
|
Cybersecurity scheme adopted. On Wednesday, the European Commission adopted the European cybersecurity certification scheme, the EU’s first cyber scheme to certify ICT products under the Cybersecurity Act. The first phase of the EUCC implementation, lasting approximately one year, will focus on establishing public and private Conformity Assessment Bodies. Read more. New ETSI report. The European Telecommunications Standards Institute (ETSI) published a new technical report on Wednesday about “Implementing Design Practices to Mitigate Consumer Internet of Things-Enabled Coercive Control”, addressing the safeguarding of individuals from coercive control via the misuse of consumer Internet of Things devices. |
|
Indiscriminate data retention. On Tuesday, the European Court of Justice ruled that law enforcement agencies cannot indiscriminately store biometric and genetic data on those who committed criminal offences until their death. The judgement follows a case in Bulgaria about an entry in police records of a person who offered a false or incomplete testimony as a court witness. This resulted in a one-year suspended sentence, after which the person was legally rehabilitated. Read more. Garante vs OpenAI. Italy’s data protection authority, Garante, concluded its investigation into OpenAI’s ChatGPT, which led the regulator to temporarily ban the chatbot last year. The Garante found several breaches of data protection rules and notified the AI company. “OpenAI may submit its counterclaims concerning the alleged breaches within 30 days,” Garante’s post, published on Monday, reads. The authority will “take account of the work in progress within the ad-hoc task force set up by the European Data Protection Framework (EDPB) in its final determination on the case.” GDPR enforcement failure? On Sunday, on Data Protection Day, Noyb published a survey, reporting that 74% of experts say Data Protection Authorities would still find ‘relevant violations’ at most companies regarding the General Data Protection Regulation (GDPR). Max Schrems called this “extremely alarming” and added that “such figures would be unimaginable if it were a matter of complying with tax law or fire safety regulations. Non-compliance only seems to be the norm regarding users’ personal data.” French health data on a US cloud. On Wednesday, the French data protection authority CNIL authorised Health Data Platform’s public interest group to store its data on Microsoft’s cloud service Azure for three years. However, in its decision, the CNIL states it is concerned that health data might be accessed by US authorities and repeated in its official decision that it has long been advocating “to use a service provider exclusively subject to European law.” Breton answers. Commissioner Thierry Breton answered a question from Parliament on Tuesday about Meta’s pay or consent feature, emphasising that “the processing of personal data for personalised advertising must comply” with the GDPR. Don’t adopt it yet. According to a European Data Protection opinion published last Wednesday, the proposal for amending the temporary derogation for combating online child sexual abuse material. According to the document, it should not be adopted “until the necessary safeguards and all the outstanding missing elements […] are introduced in the legal framework”. |
|
TTC in Washington. On Tuesday, the fifth meeting of the EU-US Trade and Technology Council was held in Washington. Following the last meeting, the EU and the US welcomed the International Guiding Principles on AI, the voluntary Code of Conduct for AI developers adopted in the G7. They agreed to continue the cooperation on international AI governance. Participants also showed interest in continuing to increase bilateral trade and investment and cooperation on economic security and emerging technologies. The next and final meeting will be in April. MEPs vs EU-Japan deal. In a letter sent by several Green MEPs to Commissioner Valdis Dombrovskis last Thursday, seen by Euractiv, the MEPs expressed their concerns on the review of the EU-Japan Economic Partnership Agreement, especially on the ‘landmark deal’ at the High-Level Economic Dialogue on cross-border data flows. |
|
Amazon Ads changes. Amazon announced changes to its advertising business to comply with the DMA. Advertisers and publishers with campaigns in the EU will have access to expanded reports on pricing information starting 6 March. This will include data “on the fees paid by the advertiser and received by the publisher for ads shown on third-party websites and apps”. Moreover, Amazon is updating how advertising customers can measure performance, and changes were made to the advertising choices available to customers. Some action soon. Still, at Caffarra’s conference, Alberto Bacchiega, DG COMP’s director for digital platforms, warned that some gatekeepers are not complying with the DMA and that the Commission might have to take action soon. What everyone is wondering is where the EU executive will hit first. Previous experience with the DSA suggests they will have a rather visible target that is a relatively low-hanging fruit. Hold your horses. The DMA’s rapporteur, Andreas Schwab, criticised the lack of leadership in competition enforcement at the EU level in the past years and called for a proactive approach in the DMA for areas with growing potential for abuses, like cloud and AI. However, Guersent made clear DG COMP wants full compliance from the existing gatekeepers before moving into new areas. |
|
Germany set to miss deadline. As February’s deadline to implement the Digital Services Act is fast approaching, Berlin is lagging in doing its homework for Europe’s brand-new content moderation regulation. Germany is working on the national law to implement the DSA and set up the regulator. Still, as in several other European countries, Berlin is set not to meet the deadline. The new authority is also set to face significant resource constraints, given the tight budgetary situation in Germany. Read more. What’s next? Euractiv understands that the Commission is due to publish its guidelines on elections and the implementing act on trusted flaggers shortly. Meanwhile, the delegated act on the access for researchers had to be delayed, as member states are late in appointing their Digital Services Coordinators and a fully functioning Board is needed for this type of secondary legislation. Age verification task force. On 23 January, the Commission hosted its first meeting of the Task Force on Age Verification under the DSA, where member states could present national approaches to age verification and discuss the Task Force’s overall tasks. A follow-up meeting will occur on 17 February, when the DSA enters into force. DSA database launched. On Thursday, the Commission launched its user interface of the DSA Transparency Database and a new interactive dashboard. Users can use filters while looking for data to make the navigation easier. |
|
PWD’s comatose state. On Tuesday, EU policymakers fell short of approaching their positions on the Platform Workers Directive. Now, a text on mere ‘shared principles’ is expected. These include that the legal presumption must improve the working conditions, it must be included in the national system, the final decision must based on the national definition of a worker taking EU Court precedence into account, and there must be a rebuttal system. The part on algorithm management was maintained as per December’s provisional deal. The revised COREPER mandate is expected on 7 February, a day before the next trilogue. |
|
Rosy outlook for Europe’s quantum tech. With insights from HSBC, Dell, Federal Reserve, Citi and Moderna, the ‘State of Quantum 2024’ report reveals that Europe was the only region that saw consistent growth in venture capital investment into companies related to quantum technologies. The report notes that while the United States saw a dramatic drop in investments after an initial boost, Europe is set to enjoy steady growth. Read more. AI meets Chips. With advanced semiconductor chips fuelling AI capabilities, independent market researcher IDTechEx predicts that chip sales, rental of chips via cloud services, and use of chips for the acceleration of machine learning will rise to $300 billion by 2034, “at a compound annual growth rate of 22% from 2024 to 2034″. Boosting chip production. According to the Wall Street Journal, the US government plans to subsidise leading chip manufacturers to the tune of billions. The measures are aimed at boosting the production of modern chips but are also meant to be a signature economic initiative of the Biden administration as the presidential elections approach. Cloud debate surfaces again. A French bill regulating private consulting companies when supporting public policies was discussed at the National Assembly on Thursday. MP Anne Le Hénanff (Horizons, Renew Europe) notably tabled amendments to extend the obligation to store public administration data on sovereign clouds to consulting firms. These amendments have been suggested while the European Commission still blocks the major digital bill SREN because it would create overlaps with EU legislation. The consulting bill will now head towards inter-institutional negotiations, while the SREN law should resume negotiations at the end of March. Neuralink places its implant in its first human patient. On Monday, Elon Musk’s startup Neuralink placed one of its implants into a patient’s brain for the first time to develop a brain-machine interface. Although Neuralink is under a US federal investigation for bad animal treatment of its animal patients, resulting in hundreds of deaths, the Food and Drug Administration green-lighted the first human experiment in May 2023. This test is not the first of the genre, with several researchers and companies already working on brain implants for paraplegics showing good results. |
|
Grooming removed. During the meeting of the Parliament’s Committee on Civil Liberties, Justice and Home Affairs on Wednesday, MEPs adopted a draft position to extend the temporary rules to allow the detection of online child sexual abuse material (CSAM), until May 2025. While the legal basis for providers to detect grooming was rejected, the amendment to remove the definition of grooming passed the vote. As reported last week by Euractiv, the first trilogue of the temporary regulation is planned for next Thursday, where the definition of grooming will likely come up. In the unlikely case that it would not, Euractiv understand that Courts would apply the definition of grooming from Article 6 of the EU’s Directive 2011/92. EPP for online child protection. Also on Wednesday, a hearing by the European People’s Party took place in the Parliament, touching on CSAM, as well as other online dangers, such as cyberbullying or violent online content, such as animal cruelty videos, content on the Ukrainian war, or videos about Hamas hostages. Participants also criticised the DSA and social media platforms for not being effective enough in preventing children from seeing such material. Meanwhile in the US. On the same day, Meta boss Mark Zuckerberg apologised to those families whose children were harmed due to social media during a US Senate hearing. Zuckerberg and the bosses of TikTok, Snap, X, and Discord were questioned by senators about their actions to protect children online. |
|
I swear it’s safe. According to a Wall Street Journal article published on Tuesday, TikTok spent $1.5 billion building an operation to convince American lawmakers that the app is safe. Executives of TikTok promised to parcel out American user data and use the help of engineers and third parties to verify that there is no interference from China, where ByteDance, the social media app’s parent company, is located. |
|
GIA: a good idea gone wrong. This is, in essence, what telecom operators associations ECTA, ETNO, GIGAEurope and GSMA said on Thursday in a joint statement in a last bid to put pressure on EU lawmakers negotiating in their third and most probably last political trilogue next Monday. Telecom operators are particularly adamant in insisting that the tacit approval principle should remain in the text. It is indeed considered by the industry to be the core evolution of the act from the 2014 Broadband Cost Reduction Directive. Here, they side with the MEPs’ view. Yet, the text concludes that unless this principle is retained in the act, the EU industry would be better off with 2014’s rule, in a critique against the Parliament’s proposition to abolish intra-EU communication fees. Read more. Moving on from the senders-pay. Laure de la Raudière, the president of French telecom regulatory authority Arcep, acknowledged in an interview on Tuesday to the mic of BFM Business that other EU countries do not support the senders-pay principle. She also said that she did not notice any market failure from Big Tech on broadband use. Instead, she submitted the idea to “encourage accountability” of Big Tech on their environmental impact. Explaining that end nodes account for 80% of the environmental impact of digital, she pointed out that Big Tech should be held accountable for pushing citizens to use metaverse applications of very high-definition movies, which encourage people to renew their endpoints, leading to a more significant environmental impact. De la Raudière concluded that there should be a thorough analysis of possible side effects but that a new environmental tax should be considered. New CMA investigation. The British Competition and Markets Authority formally investigated Vodafone’s merger with British telecommunications and internet service provider Three. The investigation will examine the deal’s impact on consumers, businesses, and competition. |
|
R2Repair deal. The Parliament and the Council reached a political agreement on the ‘right to repair’ bill on Thursday, agreeing on rules that clarify the obligations of manufacturers and encourage consumers to choose to repair their products. For example, consumers must be informed about when a manufacturer must repair. |
|
What else we're reading this week |
|
Dear Taylor Swift, we’re sorry about those explicit deepfakes (MIT Technology Review) Meta to deploy in-house custom chips this year to power AI drive – memo (Reuters) Microsoft says AI is getting deployed ‘at scale’ (BBC) |
|
Alina Clasen and Théophane Hartmann contributed to the reporting. [Edited by Nathalie Weatherald] |
|
Thanks for reading. Be sure to spread the word and come and say hello on X. |
|
|
|
|