Gerard de Graaf, a European Commission veteran, played a crucial role in forging two landmark tech regulation bills, the Digital Services Act and the Digital Markets Act. Now he has moved to California to help enforce them.

“We make no apology,” he said, arguing that the new regulations will break open entrenched market positions. “The criticism often is that we regulate and kill innovation. But if markets are not competitive, when it is very hard to dislodge the leading company, they tend to become less and less innovative,” he said. “Why would you innovate when you can make a lot of money off of the old mousetrap?”

Speaking to Eileen Donahoe, Executive Director of the Global Digital Policy Incubator at Stanford University, De Graaf insisted that the regulations were not anti-American. Instead, he said they address common concerns about the ills plaguing the Internet.

“Tech platforms brought great benefits, but we all know at the same time, tech produce negative effects, the spread of disinformation, illegal content, terrorism material, child sexual material, unsafe products, counterfeit products,” he said.  “Everybody agrees that these issues need to be addressed.”

Both the US and Europe “see largely eye to eye” on the objective of “keeping the Internet safe.” Europe’s Digital Services Act addresses this challenge. De Graaf insisted that all companies – “not just US companies, but European companies, and companies from China and Japan” must comply.

It’s similar to bank regulation, he insisted. “Nobody asks whether banks should be regulated,” he explained. Internet platforms occupy a similarly essential role in economies and they “must accept responsibility.”

Get the Latest
Get regular emails and stay informed about our work

The Digital Markets Act targets the largest platforms and is “intended to reign in anticompetitive” behavior. While acknowledging that most of these “gatekeepers” are American, he insisted that many American companies were pushing for the regulation to open up competition.  “Companies are so dependent on large gatekeepers” that it throttles innovation, he insisted. “If you want to be successful on Google Play and Apple iOS, good luck.”

Some critics have suggested that the Digital Markets Act could end up locking in gatekeeper positions. Large tech companies proved able to navigate Europe’s privacy rules, the General Data Protection Regulation, because they enjoyed direct contact with consumers. De Graaf insisted that the result this time would be different.

Europe has often set the global standard on tech regulation. Many countries, from Japan to India, copy-pasted large parts of the continent’s privacy regulations. De Graaf said he expects the same with the Digital Services and Markets Acts. 

“A lot of countries have come to us asking questions,” including Japan, Korea, Australia, and the US. All are interested in “taking elements from the European regulations,” he said, pointing to “a lot of bills on the Hill” that aim to regulate Internet platforms.

Bill Echikson is the Acting Director of CEPA’s Digital Innovation Initiative and editor of Bandwidth.

CEPA Forum 2022
Meeting the Moment: Allies at a Crossroads
Learn More

Telecommunication companies (telcos) argue that big tech companies consume a disproportionate amount of bandwidth. They cite a recent report by Axon Partners arguing that data growth generated by apps and streaming services make “little or no economic contribution to the development of national telecom networks.”

The European Commission appears sympathetic. On September 9, European Commissioner Thierry Breton said a consultation on the issue will be opened early next year. In recent interviews, Breton has signaled that he wants to introduce legislation, saying “it is necessary to reorganize the fair remuneration of the networks.”

Yet reorganization makes no sense. Data growth represents an opportunity, not a problem, for telcos concludes my recent study.  An Internet tax fee would harm rather than promote infrastructure investment, reducing innovation in content and applications. It would compromise the Commission’s vision for digital transformation, which aims by 2030 for 75% of European companies to be using cloud technology, artificial intelligence, and big data.

Here’s why.

Additional traffic costs range from approximately zero for fixed line access to low and declining for mobile networks – otherwise increased traffic could not have been accommodated.  At the same time, demand for data drives telco revenues, promoting fixed access subscriptions and encouraging consumers to pay more for additional mobile data. Telcos themselves see data growth as good, not bad. “Surging demand for mobile data is the clear driver for future growth in the business,” Spain’s Telefonica said in 2020.

An Internet tax would decrease, not increase, infrastructure investment. If you give money to telcos while the demand and price for access remain unchanged, the money will go to shareholders. After all, the cash doesn’t increase demand or the price of broadband access on which the actual investment case depends.

If you tax content and applications, you will reduce the development, adoption, and use of content and applications, on which the business case for network investment depends. This danger explains why the mobile operators’ association GSMA has long campaigned against such taxes, including a proposed and ultimately rejected Hungarian traffic data tax.

Where the equivalent of an Internet levy was imposed in South Korea, the impact has been negative. Consultants WIK, in a study for the German regulator, reported “a decline in diversity of online content and rising prices for end users for content, as well as lower network infrastructure investments.” Even the “quality for end users is declining,” WIK found.

And then there’s the threat to net neutrality, the key principle ensuring that all data is treated equally and that internet users have equal access to online content and applications. If telcos get their way to charge content and application providers, 34 NGOs spanning 17 countries warned in an open letter that the move “would undermine and conflict with core net neutrality protections in the European Union.”

For all these reasons, European lawmakers rejected claims and demands from the telecoms sector more than a decade ago. So, what, if anything, has changed since then?  Well, we have a clearer understanding of the growing role of Internet-based content and applications following the COVID pandemic, and we know digitization has a key part to play in a range of critical areas including the EU’s transition to climate neutrality.

Despite all this evidence, there seems to be momentum in Brussels behind an Internet traffic tax. Commissioner Breton should take a second look. Given that it would undermine commercial network investment and the European Commission’s own digitization goals, as well as conflict with net neutrality, there remain good grounds to reject the idea.

If Europe wants more digitization, it should not tax it.

Brian Williamson is a Partner at Communications Chambers and author of the study “An internet traffic tax would harm Europe’s digital transformation” which recently was launched at the Lisbon Council.

Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy. All opinions are those of the author and do not necessarily represent the position or views of the institutions they represent or the Center for European Policy Analysis.

Read More From Bandwidth
CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy.
Read More

Smart fridges collect IP addresses, location data, personal descriptions and interests, and payment information. Health apps gather sensitive medical records. Personal assistants such as Amazon’s Alexa know what questions you are asking.

Under European Commission proposals designed to free up data sharing, outsiders may gain access to such sensitive information. Critics including the EU’s own Data Protection Board worry about the risk to privacy.  Increased data sharing could conflict with sector-specific rules governing industries that range from finance to transport – and, perhaps most dangerous of all, present dangers to national security.

No one doubts the good intentions behind Europe’s proposals; data sharing is the digital equivalent of Schengen free travel. Just as the 1986 Schengen Agreement allows Europeans to cross borders without showing their passports, the European Commission aims to facilitate friction-free data sharing across borders and industries. In November 2020, it proposed a Data Governance Act to ease access to public data. In December 2021, it unveiled the Digital Markets Act, requiring Big Tech gatekeepers (tech companies with a market capitalization above EUR75 billion) to share much of their data with potential competitors. And in February 2022, it moved onto the Data Act, designed to secure access to private sector industrial data, extending the danger to smart fridges, health apps, and personal assistants.

But free data sharing is proving no easier to achieve than free personal travel.

Privacy concerns are paramount in the proposed Data Act. Although the proposal is designed to apply to nonpersonal, industrial data, the distinction between ‘nonpersonal’ and ‘personal’ data is porous. Data generated by a connected toaster can be used to determine when you are eating breakfast.

Or consider healthcare. Europe aims, particularly after COVID-19, to facilitate cross-border flows of medical data. Even with the data anonymized, hackers would have an easy time gaining “full access to patients’ email accounts, messages, and reports,” according to a 2020 analysis. Hospitals or doctors could request manufacturers to share data without the consent or even knowledge of the patient.

Or take household appliances. In 2019, recordings of Google Assistant users leaked to Belgian media; the data allowed some individuals to be identified. While Google suspended manual reviews of audio snippets after the attack, personal assistants continue to collect personal data. Under the Data Act, third-party sharing would be extended, potentially making it easy for malign actors to access a wealth of sensitive information.

Get the Latest
Get regular emails and stay informed about our work

In addition to threatening privacy, the Data Act could endanger national security. While the law supposedly wouldn’t apply when national security is at stake, it is difficult to say what this will mean in practice. Shared data could be reverse engineered to obtain trade secrets and valuable know-how, including the designs of weapon systems or cutting-edge semiconductors. Critical infrastructure, such as power plants or telecommunication networks, represents particular risks. Increasing access to sensitive data could multiply the number of potential weak links.

A specific danger centers on the auto industry. Cars, truffled with sensors and cameras, amass impressive amounts of data, journalist Justin Ling notes. Mapping companies such as TomTom or Google routinely gather data and license it to public sector bodies to pursue road maintenance or other tasks. An invading army could potentially gain access to and leverage the data to speed its progress.

The Data Act authorizes public authorities to force organizations to hand over their data in case of ‘public emergencies, such as pandemics and natural disasters. The precise conditions under which this can happen have yet to be defined. Companies worry that their valuable data could be shared with their competitors. Business Europe urges lawmakers to “narrow down the “exceptional need” situations.”

The new rules are complex – and possibly contradictory. Different departments of the European Commission are coming up with conflicting initiatives. While a directorate-general of the Commission has authored the Data Act, another has come up with specific legislation for automobile data sharing. It is unclear to what extent the two will differ; legal uncertainty may become an issue.

Enforcement represents another considerable challenge. Each EU member state is required to appoint a digital regulator, opening the door to different interpretations in each of the 27 member states. Unlike the GDPR, for which enforcement has been problematic, the Data Act does not envisage the creation of an authority to facilitate cooperation between these national regulators. This calls into question the effectiveness of monitoring and investigating cross-border data sharing.

These challenges will need to be worked out in the coming months. Both the European Parliament and the Council of the EU representing national governments need to agree on versions of the Data Act. The different versions then must be reconciled. It is essential to ease the flow of data. But this goal must be balanced against privacy and security concerns.

Grace Endrud and Charles Martinet are interns at CEPA’s Digital Innovation Initiative. Bill Echikson edits Bandwidth.

Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy. All opinions are those of the author and do not necessarily represent the position or views of the institutions they represent or the Center for European Policy Analysis.

Read More From Bandwidth
CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy.
Read More

This summer, I have looked forward to Tuesdays. A new episode of Netflix’s ’Better call Saul’ airs each week and I’m a fan.

Streaming video services have taken off over the last 15 years, made possible by telecommunication networks becoming solid enough to carry video to many viewers. US multinationals Netflix, Disney, Apple, Amazon, and HBO have led the charge into Europe.

As CEO of Finland’s national broadcaster, Yle, I competed against these global giants. Although the video content industry seldom plays a major role in the economy, it is important for national identity and a country’s image.  Most European governments wield two tools to preserve their national film industries: quotas for local content in online services, and tax incentives for production. My experience shows that this protectionism proved unnecessary and perhaps even counterproductive.

The EU’s 2018 Audiovisual Visual Media Services Directive requires 30% of streaming services’ content to originate in Europe. In addition, most governments have enacted tax incentives to encourage film production. For example, UK Film Tax Relief is available for all British qualifying films of all budget levels; the film production company can claim a payable cash rebate of up to 25% of UK qualifying expenditure. This is intended to increase international interest to make films in European countries. Although distortive of competition, this practice has become accepted, because everybody does it.

Both quotas and tax incentives overlook a crucial fact: in almost all European markets, streaming still represents only about 10-15% of the total watched minutes. Although this might sound surprisingly low, it reflects how European audiences spend most of their time watching live sports, broadcast news, reality TV, quiz shows, and daily soap operas. Age plays a strong role. Streaming attracts viewers under 45 years old, while those older often watch four to five hours of TV every day. This totals many minutes.

The US TV market is quite different. Nielsen, a market research company, recently published the viewing figures for the US, indicating that streaming services reached a third of the American TV viewing market in June. “Cord cutting” remains an American phenomenon.

Europe struggles with a fragmented market and low production budgets. A TV series travels easier from the US to Europe than over the Rhine from France to Germany. At Yle, we have been able to fight successfully with our local streaming service. Finland has for years been the only European country where Netflix is second to the local public streaming service in market share. This is thanks to the very smooth user interface of the streaming service of the Finnish broadcasting company combined with comprehensive rights for both live and catalog content.

Streaming will continue to spread in Europe. National sports federations, religious groups, or orchestras offer their content over YouTube or directly to their audiences. Companies put owner’s manuals, cooking recipes, or skin care advice online in video format.

But the global streamers face serious challenges in Europe.

First, the fight for market share will become fierce. New arrivals will lure consumers with rich content portfolios and attractive subscription offers. Streamers need to be skillful in their investments; there is a plethora of not-so-interesting content available and the best series know their price.

Second, streamers will face both churn and the problem of a stack. Churn is the share of customers who during a given period decide to stop using the service. Stack refers to the pile of various subscriptions from the consumers’ perspective. Families are increasingly hesitant to subscribe to additional streaming services.

Third, streaming delivery has a cost. Broadcasting over terrestrial, satellite, or cable networks is by far more efficient and economical than an individual stream to each household and device. This will only become more of an issue with increasing energy prices and increased attention to environmental issues. Looking from the energy consumption perspective, mobile video streaming is more wasteful than any other means of delivery.

As streaming wars intensify, consumers should be happy. Never has so much content been available in such a competitive market at such affordable prices. Let us enjoy.

I am looking forward to the next episode of ’Better call Saul’. Next Tuesday.

Lauri Kivinen is a non-resident Senior Fellow in the CEPA Digital Innovation Initiative. He is the former CEO of Finnish national broadcaster Yle.

The US invented the semiconductor industry and until now, there’s been no need for the government to intervene. But in recent years, the industry has become unbalanced. Asian governments, not only China but also South Korea, Taiwan, and others, are subsidizing production. The West – both the US and Europe – have become vulnerable. Intel and other US companies have been soldiering on solo and struggling.

The new law unlocks $52 billion for US chipmaking and billions more for research. It should rebalance global production, which has become concentrated in Taiwan, with capacity ramping up in China. The subsidies will make the US less vulnerable to hostile China and will attract inward investment from friendly countries. Already, Taiwan Semiconductor is building a multi-billion-dollar foundry in Arizona. Even if it is foreign-owned, this new Arizona foundry will create jobs, increase production, and bolster US self-sufficiency.  This is positive.

It’s understandable that chip designers are concerned.  While Intel, Micron, and other manufacturers will receive taxpayer dollars, fabless companies such as AMD, NVidia, and Qualcomm that design but don’t make chips are disappointed. The focus of the new bill is on manufacturing. AMD and Qualcomm will still benefit by gaining access to US-based foundries. This development will put downward price pressure on foundry suppliers by enabling US-based competition and decreasing fabless company dependence on China and the rest of Asia.

Our goal should not be to stop China from producing cutting-edge chips. In recent weeks, reports have emerged that China Semiconductor Manufacturing International Corporation has built a seven-nanometer chip. This is predictable and inevitable. Instead, US and European authorities should focus on supporting their own semiconductor industries and preventing state-controlled Chinese companies from competing unfairly.

China will use the same strategy as it did for telecommunications. Huawei bought market share in telecommunication infrastructure, leveraging subsidies from the Chinese state to undercut Western competitors by doing business at a loss. Huawei wiped out the UK firm Marconi because the British government at the time didn’t notice that this was unfair competition.

Today, this trick will be hard to repeat. The US and others are wary of becoming dependent on China for key technologies, starting with semiconductors. Although Qualcomm, NVidia, and other chip designers will still use Chinese foundries to supply the Chinese market, they will not become over-dependent on them.

Another concern is whether we are subsidizing chips just as the global semiconductor shortage turns into a glut. The semiconductor industry is cyclical. In 2001, the big change from 200 mm to 300 mm wafer size encouraged manufacturers to invest in massive new equipment. The resulting rush and race into production to recoup the high investment costs caused oversupply. Today, as we move to seven-millimeter chips, manufacturers again are investing, so some predict this will again cause another glut.

I think shortages will persist. China’s zero Covid-policy has shut down entire cities and plants, so it is producing below capacity.  Although it’s possible that a surplus will emerge in commoditized chips, the CEO of Intel believes the shortage of semiconductors in strategic industries, particularly for cars and advanced weapons will continue. I believe he’s right.

Europe should welcome the US move. Until recently, the EU has mainly acted as a competition regulator – ensuring, for example, that the Germans didn’t give Infineon an unfair advantage over France and Italy’s STM. That’s difficult when companies outside of the EU are receiving large subsidies. While Europe practiced laissez-faire, its share of global semiconductor production fell from 35% in 1990 to 9% this year. The EU has recognized the problem and has passed its own Chips Act, earmarking EUR43 billion.

The EU Chips Act does not portend a subsidy war with the US. It’s complimentary. Intel and other US companies with facilities in Europe can receive money from both Europe and the US. Together, the West can construct robust supply chains that are not dependent on China. We should encourage transatlantic mergers as alternatives to Chinese acquisitions – a good example is the 2015 $40 billion merger between the Netherlands NXP Semiconductors and the US’ Freescale Semiconductors

Export controls pose a difficult question. Europe manufactures the world’s most advanced lithography machines (needed to manufacture semiconductors) and the US is pressing ASML of the Netherlands to refrain from selling its most advanced machines to China. The Dutch want to export and sell as much as possible. We need some sort of compromise: in return for holding off on exporting to China, ASML should get some favors from the US.

My own country, the UK, is unfortunately absent from this debate. We sold our largest semiconductor foundry last year to the Chinese.  We do have one important asset left – ARM, which designs chips. I hope that the UK government understands its value. The UK must come to its senses and realize that we need to work closely with Europe. It would be great if we participated in a future EU Chips Act. We missed the boat on this one.

Bipartisan support behind the US Chips Act is encouraging. In technology, it shows that there are smart people on both sides of the political divide who are coming together to make the right decision.

Christopher Cytera is a Non-resident senior fellow with the Digital Innovation Initiative at the Center for European Policy Analysis and a technology business executive with over 30 years of experience in semiconductors, electronics, communications, video, and imaging.

Question: Is the fight against terrorist hate speech still a priority? After all, we haven’t suffered from terrorist attacks recently.

Answer: If you take all the terrorist attacks in Europe over the last ten years, it is probably fair to say that all of them relied on some organization done on an online platform – whether it is the terrorist cell that attacked Brussels and Paris in 2016, the ‘lone wolf’ Manchester Arena bomber, or others. In each case, individuals were radicalized or organized their attacks through an online platform.

This danger has not gone away. Since the fall of its caliphate, ISIS has turned its attention even more to Europe, and that’s why we must track these cells. Thankfully, Europe’s police and counter-terrorism forces have increased cooperation. They are foiling attacks, but we still face a deadly and real Islamist threat, and now Ukraine adds a new element to the terror threat.

Question: How is the war in Ukraine related to this terrorist threat?

Answer: European fighters are returning from the war zone and are security risks. Since 2014, an estimated 17,000 foreign fighters have been involved in combat. Some are on the Russian side; some are on the Ukrainian side. Ukraine is a focal point for malcontents. Many are either far right or far left in terms of their ideology. We know that some were involved in the violent Yellow Jacket protests in France.

Much of the recruitment is done on the Internet, on Telegram, Messenger, WhatsApp, and Facebook, among other platforms. It targets vulnerable and isolated individuals – usually young men. It teaches them deadly skills.

Question: How should we respond?

Answer: You want to regulate without destroying innovation. You want to close weaknesses and loopholes. The platforms must be forced to act, because they have allowed this content to flourish, or at least turned a blind eye to it.

Europe’s terrorist content bill came into effect just two months ago and represents a positive step forward. The Counter Extremism Project, with whom I work, supported it.  The bill is not a vague catchall like hate speech legislation, which is subjective, open to misinterpretation, and raises legitimate freedom of expression concerns. This terrorist content law defines what type of videos and other content are considered to be terrorist. It is explicit. Bomb-making videos, for example, are forbidden. These videos are not a reasonable expression of speech – they are designed for malign purposes. Under the new European law, police notifications to remove such content are binding.

We could and should have gone further – mandating takedowns. Terrorist content continues to proliferate online, not just hundreds of thousands or millions of videos and images, but billions of pieces of content. In many cases, removed images just reappear. Platforms should be obliged to use hashing technology to keep illegal videos from reappearing.

A tragic example is the 2019 Christchurch attack on a mosque in New Zealand. It was live-streamed and went viral. Two months after the tragedy, the video was still available online.

Question: But didn’t the Christchurch Call represent a turning point when leaders began to speak out about getting tough on online extremism?

Answer: It was just a declaration that asks the tech companies to self-regulate. I believe government must step in. In no other sector would you allow such self-regulation – would you not regulate financial services after the global crash, would you not regulate aviation for health and safety? You cannot expect companies to self-regulate.

In my opinion the Christchurch Call has fallen flat, while Europe has moved ahead.

Question: What are the next steps?

Answer: Tech companies resisted a specific time for takedowns. I think there should be a 60-minute window. If you don’t get the material down fast, it mushrooms and becomes impossible to contain.

Europe’s Digital Services Act represents another positive step. It forces big platforms to step up because there are potential significant fines, up to 6% of turnover.

There’s much more that could be done. The DSA does not mandate the use of specific technologies, so we now have a system that is not consistent across platforms.

Question: And transatlantic relations? Will this issue divide Washington and Brussels?

Answer: It’s a good question. Europe is certainly ahead of the US for a number of reasons. In the US you have specific constitutional protections on free speech. That imposes a barrier, making lawmakers cautious.

From a practical point of view, most of the large tech success stories are American and there’s a risk of the US perceiving these measures as targeting US tech companies and as being protectionist. I think there is a consensus between the current US Administration and the EU that tech needs to be regulated. There is no need for this issue to generate massive tension. It’s good that both sides are discussing it at the Trade and Technology Council.

Lucinda Creighton is a non-resident Senior Fellow at CEPA and the former Irish Minister of European Affairs.  She is a Senior Europe Advisor to the Counter Extremism Project.

Photo: French police block the access to the Bataclan concert hall before the visit of members of a French parliamentary committee investigating government measures to fight shooting and bombing attacks at the site four months after a series of attacks at several sites in Paris, France, March 17, 2016. REUTERS/Benoit TessierTPX IMAGES OF THE DAY

On July 18th, 2021, Amnesty International and other investigators revealed how Pegasus was sold to authoritarian regimes and used to target activists, politicians, and journalists. It soon became clear that democratic governments, too, have deployed the spyware. A total of 14 member states acquired the tool, the software manufacturer told European lawmakers this week during a fact-finding mission to Israel.

The Pegasus scandal has sparked alarm across Europe and triggered a European Parliament inquiry. But victims, civil society organizations, researchers, and politicians remain dissatisfied with the lack of progress. “The time for indignation and condemnation is over,” Kristina Hatas, advocacy officer at Amnesty International complains. “Action is needed.”

Top politicians targeted by the spyware include European Commissioner Didier Reynders, Spanish Prime Minister Pedro Sánchez, and French President Emmanuel Macron.

The German Federal Criminal Police Office confirmed acquiring and deploying a modified version of Pegasus. In France, Finland, and Belgium, Pegasus’ use has been “forensically confirmed”, while in the Netherlands it is categorized as “possibly”, according to a recent study by the European Parliament.

Produced by Israeli surveillance company NSO Group, Pegasus gives complete access to mobile devices. It extracts details such as passwords, messages, and browsing history, and even activates the device’s microphone and camera, offering a user the ability to spy on targets in real-time.

The European Parliament’s Pegasus committee will present the results of their twelve-month investigation in spring 2023. It has dispatched fact-finding missions to Israel, Poland, Hungary, and the US. In Israel, government officials said they had issued export licenses to more than half of the 27 EU member states and suspended the license for two governments for misuse. The two suspended governments were not named.

Both the Hungarian and Polish governments have admitted that they have deployed Pegasus – feeding into the criticism from the European Commission about both countries’ abuse of democratic rule of law reports.

Political fallout also has hit Catalonia.  During the Catalan independence referendum in 2017, the Spanish government reportedly targeted independence supporters. Outraged Catalans now fear that the European Parliament will fail to investigate. Erika Casajoana Daunert, a representative of the Catalan Government to the EU, charges Spanish MEP Juan Antonio Zoido with obstructing an investigation into Spain.

Zoido is a member of the European Parliament Pegasus Committee and served as Spain’s minister of the interior between 2016 and 2018. In response, Zoido said a mission to Spain “has not been completely ruled out,” but that the Parliament’s Commission’s priority was Poland because it presented the most “flagrant” case where “the spyware was used” against political opponents and because “we know that Poland, unfortunately, does not respect the rule of law.” None of these “assumptions occur in Spain,” Zoido said.

Although the US has blacklisted Pegasus, Europe looks unlikely to support a ban, according to Dutch MEP Sophie in ‘t Veld, who is leading the European Parliament inquiry. It is hard to achieve unity among the European Union’s 27 nation-states, she explains.  “We can make as much noise as we possibly can,” says in ‘t Veld.  “We can’t completely discipline member states.”

Until now, rules around spyware remain a national competency, with the EU having almost no say over national security matters.  It remains unclear which countries are using spyware, on whom exactly and for what motives. In ‘t Veld believes that common European-wide oversight can be established to at least provide transparency. “We also need better oversight,” she says.

What can be done remains potentially significant.  Potential reforms include discouraging European governments from purchasing this technology by creating high tariffs and increasing transparency, according to Ben Wagner, professor at the Technology University Delft.  Tariffs or fines could be used to compensate victims and protect the vulnerable, he says.

Laura Kabelka is a Berlin-based correspondent for Euractiv.com specializing in digital policy.

Bartoš sports dreadlocks and a ponytail. He’s a member of the Czech Pirate Party and holds a computer science Ph.D. Since 2021, he has served as the Czech Republic’s Deputy Prime Minister for Digitalization, a position which makes him the lead tech negotiator in the Council of the EU until next January.

The contrast is glaring with his predecessor, strait-laced, tough-talking French Finance Minister Bruno Le Maire. Under the French presidency, Le Maire finished two landmark regulations, the Digital Markets Act, which imposes new strict restrictions on activities of the largest Big Tech companies, and the Digital Services Act, which increases the responsibilities of all Internet Platforms to deal with illegal content.

Bartoš’s Czech government represents a break not only from dirigiste France but also from its Czech predecessor. Former Czech Prime Minister Andrej Babiš, a Eurosceptic, was underbudgeted for the European Council presidency. The new pro-Western, pro-European government has taken a strong stand in support of Ukraine (which remains the overall priority of its presidency) and sees tech as more of a positive than as a danger.

Bartoš and the Czechs have significant open tech dossiers, ranging from artificial intelligence, data sharing, product safety liability, and platform work. As president of the Council, Bartoš and the Czechs cannot impose their policy positions. Their task is to forge compromises. The president’s influence lies in setting the agenda and leading negotiations on behalf of the Council with the Commission and the Parliament.

Before turning to politics, Bartoš worked as a software engineer and executive in various Czech and global tech companies, including Deutsche Telekom’s T-Mobile and digital advertiser Monster Worldwide. In college he studied theology and computer science, graduating from Prague’s Charles University. As a doctoral student, he specialized in databases. During his studies, he worked for one semester in the Computer Science Faculty at the University of New Orleans.

Bartoš took over the Pirate Party in 2009. The party platform defends Internet freedom. As one of the 22 Pirate Party members of the Czech Parliament between 2017 to 2021, Bartoš was influential in passing the so-called “Digital Constitution,” which aims to digitize Czech public services.

On the European stage, a key priority is to broker an agreement on the Artificial Intelligence Act. While the original European Commission proposal provoked little controversy, amendments in the European Parliament risk broadening the scope and restricting previously exempt applications. This would make the Act challenging to enforce and limit the use of AI systems across society.

For the Czech Republic, an export-oriented country, Bartoš says the AI Act must remain “business and innovation-friendly.” He has proposed to exempt programming that checks the authenticity of travel documents, determines the prices of insurance policies, and helps cut pollution, according to POLITICO. “With AI, the technology is evolving fast, and we want to create a legal framework that would say “this is ok, this is progress, it will help people and bring us to the future,” Bartoš explained in a recent interview.

Another controversial proposal is the Data Act, a regulation intended to strengthen sharing of industrial data. The European Data Protection Board already has raised privacy fears. Companies fear that they will be forced to hand over data to competitors – even Russian or Chinese competitors – presenting severe security risks. Bartoš has expressed his concerns, saying that the Commission’s text lacks direction and that some chapters deal “with so many things” that they will be “just touching the topic.”

The platform work dossier looks even more challenging. The European Commission has been pushing Uber and others to treat online platform workers as employees. The Czech Republic is in favor of the proposal, with the Minister of Labor and Social Affairs saying that it would support the establishment of “fair and equal conditions.” Revelations from the so-called “Uber Files” showing how the company flouted the law in Europe further increase pressure to change the legal status of platform workers. But the Member States remain very divided on the subject.

Another important piece of legislation is the Chips Act, which would allow subsidies for European semiconductor fabs. Under Bartoš, the Czechs have proposed adding requirements for climate sustainability to qualify for public funding.

A project close to Bartoš’s heart is the construction of a European digital ID that enables European citizens to authenticate their identity online. But this proposal also is controversial. Supporters believe the project will prevent online fraud and make it easy for Europeans to receive recognition of their diplomas and other credentials not just in their home country, but throughout the 27-nation bloc.

But critics worry that the unique identifier linked to each digital ID threatens user privacy. The EU’s cybersecurity agency warned against the risks of digital IDs. Bartos will have to maneuver Council meetings with skill if he wants to reach an agreement before October 2022, when the Commission plans to start testing this e-identity.

Despite their pro-American and digital proclivities, Bartoš and the Czechs will not make life easy for Washington and the U.S. tech industry. Digital policy will take a back seat to helping Ukraine or fighting inflation and energy insecurity. But the flurry of upcoming legislation on AI or data governance will have a real disproportionate impact on American companies – and Washington may end up pushing back hard against what it considers European overregulation.

Bill Echikson is the acting director of CEPA’s Digital Innovation Initiative. Charles Martinet is a student at Sciences Po Paris and an intern in the Digital Innovation Initiative.

The European Union (EU) has granted Georgia a “European perspective”, meaning it is on course for ultimate integration with the bloc.

Yet this is not what the majority of the population had hoped for, which was the same candidate status awarded to Ukraine and Moldova. The lesser position means Georgia will need to fulfill a certain number of conditions to become a full candidate.

EU politicians praised Georgia’s progress. So did Georgia’s ruling party, the Georgian Dream. The majority of the people, however, felt that the political class had not done enough and this provoked large-scale protests.

Before 2022, Georgia, Moldova, and Ukraine, the countries with territorial problems caused by an unwanted Russian military presence, had little hope of advancing their EU aspirations. But the Russian invasion of Ukraine has since upended the geopolitics of the wider Black Sea region. The EU re-invigorated its push eastward in a move to finally break Russia’s efforts to dominate its pro-Western neighbors.

Ursula von der Leyen, the president of the European Commission, said that “the door is wide open. It is up to Georgia now to take the necessary steps to move forward.” In a last desperate attempt to influence the decision-making process, Georgians took to the streets. On June 20, an unprecedented gathering of some 120,000 people in central Tbilisi demanded reconsideration of the commission’s recommendation. On July 3, tens of thousands again turned out, this time to demand the government’s resignation.

Yet the EU decision was not totally unexpected. The ruling party and the EU have for months been trading criticism. To this should be added internal troubles in the country, arrests, demonstrations, and divisions within the political class. The implications of all this are not yet clear, but some early analysis suggests that the geopolitical situation in the region was the main driver. The government was probably nervous about any unfriendly signal to Russia from another country that was promised NATO membership, and with a history of resistance to Kremlin aggression.

It, therefore, tried to pursue a balancing game over the war in Ukraine. The fear about Russia might not be entirely overblown. Although Vladimir Putin followed the EU Commission’s decision by stating that Russia has nothing against the EU’s enlargement, Foreign Minister Sergey Lavrov was critical of the Union’s ambitions. Moreover, Russia has for years crusaded against the EU as much as against NATO.

Whatever the reason behind the Georgian leadership’s behavior, there is little hope the country will be able to make significant progress. Much of the problem lies in the very nature of Georgian politics, which is extremely polarized leaving little room for constructive dialogue between opponents. The EU’s 12 recommendations for Georgia include “the commitment to de-oligarchization” by eliminating the excessive influence of vested interests in economic, political, and public life. Other areas include addressing political polarization where both the opposition and the ruling party are to blame. No less important is to build a “transparent and effective judicial reform based on cross-party consultation process.” The recommendation package also includes the strengthening of the Anti-Corruption Agency, which has seen some critical damage to its functioning over the past couple of years.

But the inherent problem is the realization that these and other recommendations would endanger Georgian Dream’s position. This leaves little hope for changes before the next parliamentary elections in October 2024. Moreover, the opposition parties are too divided and disconcerted, as the July 3 demonstration showed, to mount a decisive struggle to force a change. They lack a clear vision of what the country needs, leaving the majority of the people uninterested in the political process.

Looking ahead, despite some progress on its EU path, Georgia’s position will remain weakened by internal division. The political battle risks undermining the country’s Western credentials, as does the fear of a hostile Russian response. No less traumatic will be the ties with EU officials – acrimonious exchanges of the past several months are likely to haunt future bilateral relations.

And although the ruling party unveiled an ambitious program that aims at fulfilling the EU recommendations, the very nature of internal Georgian politics (its diminished culture of political language included) will hamper real prospects of progress.

Emil Avdaliani is a professor at European University and the Director of Middle East Studies at Georgian think-tank, Geocase.