Strasbourg, 20/01/2022 – Today, the EU Parliament will formally adopt its position on the Digital Services Act (DSA). The Parliament approved language aimed at protecting end-to-end encryption and, in a major victory, added a right to use and pay for digital services anonymously wherever feasible. Still, the Pirates in the European Parliament ultimately decided to oppose the package. Indiscriminately collecting the mobile phone numbers of all uploaders to adult platforms corrupts the right to anonymity and endangers the safety and lives of sex workers in the European Union: a red line for European Pirate Party MEPs.
With amendment 291 letter (a)[1], Parliament seeks to require users to disclose their mobile phone numbers to porn platforms before they may upload content or post comments. This provision violates the fundamental rights to privacy and data protection. In a letter to lawmakers, the EU Sex Workers’ Rights Alliance (ESWA) emphasized that “due to the stigmatised and criminalised nature of adult sexual content producers and other types of sex work, the safety of their data is of utmost importance as any data.” Data leaks would “pose a direct threat to the real-life (offline) safety and wellbeing of sex workers“.[2]
While we recognise the honourable intentions of the amendment, Pirates will not support a proposal that threatens the safety of a group of persons who are already stigmatised. Nor can we support creating a precedent for eliminating anonymous publishing as an acceptable means of deterrence.
Pirates successfully advocated for digital rights
In other regards, Pirate Party Members of the European Parliament made major contributions to improving user privacy. For the first time, users would be able to generally opt out of pervasive surveillance online and the creation of personality profiles for commercial purposes in their apps, which would also spare them from the time-consuming consent banners. Refusing consent would become as easy as giving it. Online platforms would need to give fair access options also to users who refuse to be pervasively tracked.
Furthermore, the end-to-end encrypted services that are essential to communicating securely would be shielded against interferences by EU Member States. National data retention or identification requirements would be excluded. As proposed by MEPs and the LIBE Committee, platform terms and conditions that do not comply with freedom of speech, media freedom or other fundamental rights will be void. And in a major last-minute victory, Parliament now wants users to be able to use and pay for digital services anonymously wherever possible.
Pirate Party MEP Patrick Breyer, Civil Liberties, Justice and Home Affairs (LIBE) rapporteur for the Digital Services Act and digital rights activist, comments:
“Parliament’s backing for a right to use and pay for digital services anonymously is a major victory for protecting our privacy and safety online. Only last year, over 500m mobile phone numbers leaked from Facebook/Meta. We cannot accept that every year, data leaks expose millions of EU citizens’ data to cyber criminals.
“In the upcoming trilogue negotiations, we shall fiercely defend our successes in protecting our privacy and freedom of expression online, including the Parliament’s intention to exclude mandatory error-prone upload filters, to protect effective encryption and to reject national indiscriminate identification obligations and data retention requirements.
“Yet, many of the LIBE Committee‘s recommendations were not adopted.[4] As a result, ‘illiberal’ EU governments will be able to spy on our online activities and censor content, including content hosted abroad in liberal democracies, without requiring a court order. And the decision fails to fundamentally tackle the monopolies and surveillance capitalist business model of big tech, exposing us to the harms of mud-slinging algorithms and corporate censorship, including by way of error-prone upload filter algorithms and AI.”
MEP Mikuláš Peksa, Chairperson of the European Pirate Party and DSA rapporteur to the Committee on Economic and Monetary Affairs (ECON), comments:
“Users will now be able to ban all websites from using targeted advertising that uses their personal data with a single click in their browser, ending the endless clicking of consent. Platforms will also no longer have to mandatorily filter any content when uploading. But at the same time, there will be a mechanism for people to report objectionable or illegal posts. Our main goal is to protect the interests of individual users and smaller players by clearly defining their rights. From our point of view, letting the authorities in each member state decide about banning ,,illegal” content is a colossal mistake which will fragmentise the market and allow authoritarians like Viktor Orbán to control the online space and oppress the opposition.”
Next, the European Parliament will need to negotiate a deal with the less progressive EU Member States, led by the French government. Trilogue negotiations will take place behind closed doors. Pirate Party MEP Patrick Breyer will participate on behalf of the LIBE Committee.
Some insights into the content of the DSA mandate:
- Upload filters
Parliament has learned from the protests against article 13/17 of the Copyright in the Digital Single Market directive and rules out new filtering obligations in the Digital Services Act. However, the promise to ban the “voluntary” use of error-prone filters by internet platforms is not kept. In practice, therefore, nothing will change.
- Digital privacy and data security
Government authorities will be able to request pervasive records on a person‘s online activities without a court order. On the other hand, the right to secure encryption would be guaranteed. And service providers could not be obliged by national legislation to generally and indiscriminately retain personal user data.
The newly introduced right to use digital services anonymously would read: “Without prejudice to Regulation (EU) 2016/679 and Directive 2002/58/EC, providers shall make reasonable efforts to enable the use of and payment for that service without collecting personal data of the recipient.” A recital would explain: “In accordance with the principle of data minimisation and in order to prevent unauthorised disclosure, identity theft and other forms of abuse of personal data, recipients should have the right to use and pay for services anonymously wherever reasonable efforts can make this possible. This should apply without prejudice to the obligations in Union law on the protection of personal data. Providers can enable anonymous use of their services by refraining from collecting personal data regarding the recipient and their online activities and by not preventing recipients from using anonymizing networks for accessing the service. Anonymous payment can take place, for example, by paying in cash, by using cash-paid vouchers or prepaid payment instruments.“
- Surveillance advertising
The systematic monitoring and creation of personality profiles of internet users for advertising purposes is not to be banned. However, for the first time, users could generally opt out in the browser (“do not track”) and then also to be spared from annoying consent banners. Refusing consent would need to be just as easy as giving it (ban on “dark patterns”). Users who refuse to being tracked would still have access. Alternative access options would have to be fair and reasonable both for regular and for one-time users, such as options based on tracking-free advertising. Targeting individuals on the basis of their political opinion, health status, sexual preferences or religious belief would be banned.
- Freedom of information
Authorities could require the (cross-border) removal of internet publications without a court order – even if they are completely legal in the country of publication. This means that in future Orban can have content deleted throughout the EU, on the basis of his own laws. The promised ban on network-level blocking is not part of the position. Internet platforms will not need to ask users before removing their content. At least, according to the Parliament, automatic suspension of users who have allegedly repeatedly violated copyright or other laws would not be mandated.
- Timeline algorithms and user choice
Digital corporations will continue to be allowed to decide on their own what appears in the timelines of users and what does not. Users are not given a right to opt out of the commercial recommender algorithms or use external algorithms of their own choice.
[1] https://www.europarl.europa.eu/doceo/document/A-9-2021-0356_EN.pdf
[2] https://www.patrick-breyer.de/wp-content/uploads/2022/01/20211112_Sex_Workers_Alliance_MEP_Letter.pdf
[3] Implementation of the recommendations of the LIBE Committee (green: implemented, red: not implemented): https://www.patrick-breyer.de/wp-content/uploads/2022/01/2022_01_LIBE-DSA-colour-coding-final.pdf
0 comments on “Digital Services Act: Decision in part strengthens, in part threatens privacy, safety and free speech online”