Embed Size (px)
Citation preview
1
ISP SeminarsBelgrade
19 FebruaryJoe McNameeEuroISPA Secretariat
2
Introduction
• Part 1 - EuroISPA and the role of ISPAs
• Part 2 - Licencing and Authorisation
• Part 3 - Illegal or harmful content
• Part 4 - Law enforcement needs/requirements
• Part 5 - National Regulatory Authorities
• Part 6 - Summary
3
Part 1
EuroISPA and the Role of ISPAs
4
Introduction to EuroISPA• EuroISPA was born on 6 August 1997 in Brussels
• Pan European association of ISP associations in EU Member States.
• Grown from 6 to 9 members since its inception.
• Represents an estimated 800 ISPs across the European Union.
• Put simply, it is the largest ISP Association in the world.
5
Aims• Protect and promote European interests within global
Internet.
• Deliver benefits of new technologies to individuals whilst meeting legitimate concerns of parents and weaker members of society.
• Encourage development of free and open telecommunications market.
• Promote the Interests of our Members and provide common services to them.
6
AEPSI
AFA
AIIP
ISPA AT
ECO
ISPAI
NLIP
ISPA UK
Members & Partners
APIA - Asia & Pacific Internet Association
IIA - Australian Internet Industry Association
CAIP - Canadian Association of Internet Providers
HKISPA - Hong Kong Internet Service Providers
AssociationTELESA - Telecom Services Association, Japan
ISPA SA - Internet Service Providers Association
South AfricaECOMLAC - Latin America and Caribbean
Federation for Internet and Electronic Commerce
Full Members International Partners
Associate MemberLINX - London Internet Exchange
US ISPA - United States Internet Service Providers Association
AEPSI
AFA
AIIP
ISPA AT
ECO
ISPA IE
NLIP
ISPA UK
7
Achievements• EU E-Commerce Directive – EuroISPA was a major force in
ensuring the removal of ISP liability for illegal content when a ‘mere conduit’
• Closely involved in discussions about liability for caching and hosting
• EU Copyright Directive - EuroISPA successfully lobbied to defend caching.
• Spam – pressure from EuroISPA persuaded the European Commission to include opt-in in the first draft of the new Telecoms Data Protection Directive
• Cookies – EuroISPA was asked by other high-profile industry members to make a presentation on this subject to the European Parliament
• COCOM - Observer member of EU Communications Committee
8
Achievements (cont)• Blocking – EuroISPA’s role was fundamental in the European
Parliament’s adoption of a statement denouncing the use of blocking.
• Participation in ICRA/INCORE• Co-ordinated industry consultations with European Commission
in advance of ITU meetings on peering
• Lobbied successfully for the .EU TLD
• Its members are active participants in WorldISPA• EuroISPA was asked by the European Commission to play a
major role in the EU industry consultations on cybercrime.• Addressed inaugural meeting of “E-ping!”, an Internet group for
MEPs, along with EU Commissioner Erkki Liikanen.
9
Areas of interest• 1) Local access transmission network and competition
concerns (including IP connectivity / peering)
• 2) Legal liability for harmful or illegal content
• 3) Treatment of personal data and interception
• 4) Research & development / technical development
• 5) Network security
• 6) Maximising business opportunities
10
Organisational Structure• Democratic
• Each member has equal voting rights
• Regular Council meetings determine policy
• Rotating Presidency
• Permanent secretariat in Brussels, which is empowered to convey agreed EuroISPA policy
11
National ISPAs• Primary point of contact for national authorities
• Primary point of contact for press enquiries
• Create agreed policy for ISP industry nationally on relevant subjects
• Communicate with government and lobby at all levels
• Act as spokesman for the national ISP industry
• Participate in government consultation of industry
• Coordinate information sharing on current issues with members
• Communicate information on legislative developments to ISPs
• Represent national ISP interests on an EU level within EuroISPA
12
Central EuropeIt is important for EuroISPA to have Central European ISPA
Members:
• To ensure that we are properly representing both current and future EU Member States
• To help accession countries avoid the problems we experienced in liberalisation
• To ensure that Central European ISPs have a strong voice in the EU
13
Part 2
Licensing
14
Authorisation 2002/20/ECNew Directive aims to:
• Harmonise the approach to licencing and authorisation across all EU Member States
• Reduce bureaucracy - Under the old regime up to 18 different types of licence and up to 49 types of document required
• Reduce costs - excessive fees sometimes charged• “No objective justification for splitting up authorisations in
ever so many service categories”• Reduce barriers to the single market
15
Authorisation (cont)New Directive:• Creates a single market by simplifying and harmonising
authorisation rules• Proposes general authorisations rather than specific ones• Charges for authorisations must only be as high as needed
to maintain the system• No decision required from administrative authorities -
undertakings only required to notify intention to provide services
• Companies may ask government for a declaration indicating that the company has interconnection and rights of way priveleges
16
Any deviation away from the EU approach risks:
• Additional bureaucracy, delays and costs for ISPs• Creating barriers to cross-border trade• Creating a situation which will have to change again to
comply, if necessary, with the acquis communautaire• Not be “future proof” - convergence will open new business
opportunities and fragmented licencing regimes will close them again (for example, voice services)
Authorisation (cont)
17
Part 3
Illegal and Harmful Content
18
Introduction
• Data protection: the obligations of ISPs• Law enforcement: the obligations of ISPs• The problem of the ISP ‘in the middle’• The legal framework to the rescue?• Conclusion: every option is the wrong one
19
Data Protection• The protection of consumer’s private data
– is a legal and moral obligation of ISPs,
– is a prerequisite for keeping customers’ trust and staying in business.
• ISPs have every incentive to take every possible measure to
protect consumer’s personal data, however...
20
Law enforcement
• ...ISPs also have moral and legal obligations to aid law enforcement in the combat and prevention of cybercrime.
• BUT: Law enforcement officials may consider data protection a secondary concern, and often make demands on ISPs that effectively assume data protection violations by the ISPs.
21
The problem:
• ISPs’ responsibilities to the consumer (its clients)
• ISPs’ responsibilities to help fight cybercrime
CONFLICTING DEMANDS on ISPs: what to do?
22
Answers from the legal framework ?• The legal environment in which ISPs find themselves with
respect to these two issues is VERY complex and, at times, arbitrary:– 95 Data Protection Directive
• Implementation– E-commerce Directive
• Implementation– New Communications Package (forthcoming)– National sets of laws, regulations UNCERTAIN LEGAL FRAMEWORK
23
Conclusions• ISPs are stuck in a trap with the demands of consumers,
data protection authorities and reputation on the one hand…
• …and the demands of law enforcement officials on the other.
• The problem is compounded for ISPs operating in more than one Member State as data protection attitudes, laws and practices vary considerably from state to state.
24
Part 4
Law Enforcement Needs andRequirements
25
Data RetentionMuch misunderstanding about the current situation• The new telecoms-specific directive does NOT IMPOSE
mandatory data retention• There is no harmonised system within the EU - Austria, for
example, has no retention and no plans for retention• The Danish and Belgian presidencies tried and failed to
move the subject forward in a harmonised way• The Cybercrime Convention only mandates data
preservation• EU ISPs prefer preservation as it is more targeted, less
intrusive, less costly
26
Data Retention (2)• Belgium pushing a data retention law for almost two years• Denmark tried for “binding rules should be established on the
approximation of Member States' rules on the obligation of telecommunications services providers to keep information concerning telecommunications in order to ensure that such information is available when it is of significance for a criminal investigation”
• UK permanently pushing for EU mandatory data retention• Ireland plans to introduce mandatory data retention but does
not know what data, for how long or why the data should be kept.
27
Data RetentionThere are numerous legal safeguards
European Convention on Human Rights - Article 8 (Right to respect for private and family life), Article 10 (Freedom of Expression
The Treaty on European Union - Article 6
The Danish Presidency Conclusions of December 2002 call for extensive discussion with industry before proceeding with any more extensive measures
However, Spain, Denmark and others already have data retention, although still don’t know what data, for how long or even why.
No coherence from countries regarding the costs of mandatory data retention
28
Cybercrime ConventionWide-ranging, covering copyright, child pornography, interception, illegal access to equipment, etc•Requires expedited preservation of stored computer data•Expedited preservation and storage of traffic data•Interception of content data
BUT
"computer data" means any representation of facts, information or concepts in a form suitable for processing in a computer system, including a program suitable to cause a computer system to perform a function
"traffic data" means any computer data relating to a communication by means of a computer system, generated by a computer system that formed a part in the chain of communication, indicating the communication’s origin, destination, route, time, date, size, duration, or type of underlying service.
29
Illegal ContentE-Commerce Directive crucial for establishing basic limits for
liability• Article 12 - Establishes the principle of “mere conduit”• Article 13 - Clarifies the situation for technical copies held on
ISP networks• Articles 14 - Limits liability for hosting providers• Article 15 - Removes the right for governments to require
“general” monitoring by ISPs• The Directive also, with some exceptions, establishes a
“country of origin” rule for electronic transactions.
30
Illegal Content (2)Copyright Directive:• Permits temporary technical copying• Allows countries to establish exceptions to general
reproduction right for private copying• Gives rightsholders the right to file for injunctions to prevent
infringements• Was the subject of huge lobbying effort by rightsholders• After years of lobbying on the E-Commerce and Copyright
Directives…• New “Copyright Enforcement” Directive puts everything on
the line yet again
31
Harmful Content• EuroISPA has been closely involved in ICRA - the Internet
Content Rating Association• National ISPAs have supported the setting up of national
hotlines for illegal material• EuroISPA has supported the setting up of INCORE - the
European hotlines network• EuroISPA has consistently argued for improving end-user
control as much as possible due to the practical and technical difficulties created by nationally-imposed filtering initiatives
32
SPAM• EuroISPA lobbied for four years for an opt-in requirement in
EU law• This was finally achieved in May 2002 and comes into force
in October 2003• This is one of EuroISPA’s most significant achievements,
gained against lobbying from all other sectors of industry• Clear legal framework ensures that spammers suffer and not
ISPs.• Current situation means that it is not clear who is a spammer
and consumers lose confidence in e-commerce
33
Access & InterconnectionGoverned by the new regulatory framework which governs…
• Access and Interconnection• Universal Service• Data Protection• Radio Spectrum• Authorisation• Local Loop Unbundling
34
Access & InterconnectionThe new framework…• establishes a harmonised framework for regulation of electronic
communications networks and services• sets basic requirements for national regulatory authorities• establishes policy objectives and principles for NRAs• sets rules for facilities sharing and collocation• defines a new concept of “significant market power” (hugely
contentious - a Commission Recommendation 12 Feb tries to clarify this.
• EuroISPA fought hard and succesfully to have key ISP markets (call termination, wholesale bitstream, etc) included in the recommendation
• creates the EU Communications Committee
35
Access & Interconnection (2)• Access & Interconnection now generally governed by
competition law• New Directive establishes specific ex ante regulations for
bodies with “significant market power”• NRAs must establish which markets need to be regulated
under the new framework• Commission producing Recommendation shortly as guidance
for NRAs• EuroISPA has been very active in ensuring that key ISP
interests such as bitstream access are included in the Recommendation
36
Part 5
National Regulatory Authorities
37
National Regulatory Authorities• Member States should guarntee the independence of the
national regulatory authority or authorities (rec 12 Framework)• NRAs must use their powers impartially and transparently• NRAs and competition authorities should share information• Should ensure there is no restriction or distortion of competiton• Encourage efficient use of numbering resources• Should work towards improving the functioning of the single
market• Promote the interests of consumers such as through universal
service obligations
38
National Regulatory Authorities (2)
In practice, regulators have been hampered by a number of factors:
• Lack of independence (Belgium)• Lack of political will (Ireland)• Too much pressure to justify itself (UK)• Difficult legal situation (Germany)• Generally, appeals procedures which are long and expensive make NRAs’ tasks much more difficult
39
Summary• Huge range of issues need to be addressed for ISPs• Illegal and harmful content, data protection, universal
service, access/interconnection, etc• Huge lobbying forces exist which wish to increase ISP
liability and obligations and reduce their rights• Concerted action by ISPs at a national and international level
is essential to ensure a dynamic and successful ISP market
40
Thank you for your attention
