By Joe McNamee

After one year of negotiations, a second element of the telecoms regulation was also agreed by the EU Council: arbitrary, ad hoc law enforcement by internet companies. The Council has decided that this is something that internet companies may do, may not do and may do (Council text, pdf).

When the European Commission proposed its draft Regulation on a Telecoms Single Market in September 2013, it decided that it would be a good idea to allow internet companies to decide (or not) to block unspecified content to “prevent or impede” undefined “serious crime”. In order to excuse this reckless, potentially counterproductive meddling with the policing of serious criminal activity, it explained that such activities could be to address problems “including” child pornography.

As such arbitrary interferences with communications are in direct and obvious breach of our rights and freedoms (“Any limitation on the exercise of the rights and freedoms recognised by this Charter must be provided for by law”, EU Charter of Fundamental Rights), the European Parliament did the only thing it could – and deleted this provision in April 2014.

On January 20, the Latvian Presidency of the EU, seeking to do carry out its function in a balanced, legal and reasonable way, noted both the legal limitations of such an approach (“this request appears to raise certain legal issues relating to the Charter of Fundamental Rights”) and the lack of support for the measure among Member States. It promised to add “appropriate text” if the legal issues could be resolved and if Member States supported such measures.

Then, however, things went horribly wrong. The UK kept insisting on the provisions being in the text, while other countries wanted the provisions being kept out. The deadlock was blocked when, behind the scenes, Sweden took incoherent, incomprehensible proposals about unspecified “measures” from the UK and presented them as their own. As time was running out, the Latvian Presidency felt that it had no option other than to include everyone’s contradictory proposals – meaning that the agreed text now says that internet providers can and can not block and filter traffic outside the rule of law.

The Article in the draft legislation is very clear:

comply with legal obligations to which the internet access service provider is subject

The explanatory “recitals”, which are supposed to clarify this text, allow everything and nothing. Recital 7 is a baffling salad of disconnected provisions:

Providers of internet access service may be subject to legal obligations requiring, for example, blocking of specific content, applications or services or specific categories thereof.

So far so clear… legal obligations to block content. This obviously does not need to be clarified, but okay… Then…

Those legal obligations should be laid down in Union or national legislation (for example, Union or national legislation related to the lawfulness of information, content, applications or services or legislation related to public safety), in compliance with Union law […]

It is strange that the Council feels the need to explain what “legal obligations” are, but okay…and then…

[…], or they should be established in measures implementing or applying such legislation, such as national measures of general application […]

So a measure applying such national measures? Does that include measures taken in the absence of a legal obligation to do so? As these “measures” or listed separately to court orders or decisions of a public authorities, this appears to be the case. This interpretation is reinforced by the next part of this surreal stream of consciousness, which explains that ISPs will have to comply with court orders or “other measures” which are, for example, court orders, but could also mean orders by public authorities and/or something else.

[…] courts orders, decisions of public authorities vested with relevant powers, or other measures ensuring compliance with such legislation (for example, obligations to comply with court orders or orders by public authorities requiring to block unlawful content).

The next sentence of recital 7, then says the direct opposite since Article 52 of the Charter of Fundamental Rights does not allow restrictions outside the rule of law:

The requirement to comply with Union law relates, among others, to the compliance with the requirements of the Charter of Fundamental rights of the European Union in relation to limitations of fundamental rights and freedoms.

If internet providers are only allowed to block, as the Charter says, this is “provided for by law”, what is the rest of the text for? The answer, sadly, is that this is legal text that is actively and deliberately drafted to be so unclear that it generates enough uncertainty to allow what the European Charter of Fundamental Rights prohibits.

The agreed text also says that “parental controls” are permitted. The only problem here is that there was never any doubt that parental controls are permitted because any service that actually offers control to parents would not in any way contradict the definition of “internet access service”:

“internet access service” means a publicly available electronic communications service that provides access to the internet, and thereby connectivity to substantially all* end points of the internet, irrespective of the network technology and terminal equipment used;

Which either means that the 28 legal experts that are negotiating a key piece of European legislation of global significance do not know what parental controls are, or they are trying to sneak in additional optional restrictions that can be imposed by internet companies and neither they or we can guess what these might be.

This ridiculous mess is a major problem for two reasons. Firstly, it represents an agreement of the EU Council to circumvent the primary law of the European Union, to the detriment of the rule of law, freedom of communication and privacy. Secondly, it undermines the implementation of net neutrality, because it will lead to a situation where internet access providers will be asked (for public policy reasons) to block and filter internet traffic and asked not to interfere with internet traffic for their own business purposes.

*No, we don’t know what “substantially all” means either.