Google must pay a record 4.34 billion euro fine ($5.1 billion) and remove years-old illegal restrictions on Android device makers and mobile network operators or face stiff penalties for noncompliance, said EU Competition Commissioner Margrethe Vestager Wednesday. Google breached three EU antitrust rules, she said: It forced manufacturers to pre-install the Google Search and Chrome browser apps as condition for licensing its app store (Play Store); it paid large device makers and mobile operators to ensure they exclusively pre-installed the search app on their mobile smartphones and tablets; and it prevented manufacturers who wanted to pre-install Google apps from selling any smart mobile devices running on alternative versions of Android not approved by Google ("Android forks").
The European Parliament nixed a plan to start immediate talks on a proposed copyright revision measure, seeking instead fuller debate in September. The 318-278 vote Thursday rejected a negotiating position proposed by the Legal Affairs (JURI) Committee, meaning the draft copyright directive won't go to "trilogue" discussions with the Council and European Commission but will be open to full legislative debate and amendment, parliament said. The JURI approach, by Member of the European Parliament (MEP) Axel Voss, of Germany and the European People's Party, supports the EC's controversial calls for a new right (Article 11, the "neighboring" right, also called the "snippet tax") for online news publishers, and for large platforms to filter users' uploads to prevent copyright breaches (Article 13) (see 1806200011).
Facebook, under fire in the U.S. and U.K. for its role in the Cambridge Analytica breach, is also facing heat from EU lawmakers. The European Parliament Civil Liberties (LIBE) Committee held a third hearing on the matter Monday, focused on possible solutions.
Governments want to maintain the Whois database as much as possible while complying with the EU general data protection regulation as quickly as possible, and they spent most of their time in Governmental Advisory Committee (GAC) meetings at the Monday to Thursday Panama ICANN policy meeting scrambling to figure out how to accomplish that. ICANN, not in compliance with the EU privacy law, approved a "temporary specification" to enable tiered access to domain name registrants' data in the Whois database (See 1805140001), and floated a proposed unified access model for allowing those with a legitimate interest to access non-public personal data (see 1806060004). Also in the works is an "expedited policy development process" (EPDP) that aims to replace the specification within one year. Under pressure from law enforcement, network security, intellectual property and other interests, governments are pushing to determine their role in the processes and their positions.
An EU plan to require major content-sharing platforms to monitor users' uploads moved forward Wednesday. By 14-9, the European Parliament Legal Affairs Committee (JURI) approved a report responding to a 2016 European Commission proposal for a directive on copyright in the digital single market. The report, by Member of the European Parliament (MEP) Axel Voss, of Germany and the European People's Party, supports the EC's controversial calls for a new right (Article 11, the "neighboring" right, also called the "snippet tax") for online news publishers, and for large platforms to filter users' uploads to prevent copyright breaches (Article 13).
Trans-Atlantic personal data-sharing agreement Privacy Shield should be suspended if the U.S. fails to meet its commitments by Sept. 1, the European Parliament Civil Liberties Committee said in a resolution approved Monday. By 29-25, lawmakers said the EU-U.S. deal doesn't offer strong enough privacy protections for Europeans, as shown by the Facebook-Cambridge Analytica data breach. Given EU dissatisfaction with the agreement, and the entry into force of the general data protection regulation, there are questions whether the self-certification system is as relevant anymore.
Six years after world IPv6 launch, the technology is in the "early majority" phase, said the Internet Society and others tracking rollout this week. The longer addresses are increasingly used by telcos, mobile operators, content networks and data centers, but deployment is being delayed by factors like the "elephant in the room" -- enterprise networks, ISOC reported. One issue has been the lack of a viable business case, but that's changing as IPv4 Internet Protocol addresses become more expensive, observers said.
An ICANN injunctive action against a German domain name registrar seeks to "preserve Whois," the internet body said. The case, filed in Bonn Friday against EPAG Domainservices GmbH, asks the court for "assistance in interpreting" the EU general data protection regulation (GDPR). EPAG said it will no longer collect registrants' administrative and technical contact information when it sells new domain names because that would violate the GDPR. ICANN, with a "temporary specification" for registries and registrars to follow to comply, said EPAG's "position has identified a disagreement with ICANN and others as to how the GDPR should be interpreted." While clarification might be helpful, the GDPR trumps ICANN's specification, ICANN players told us Tuesday.
With Friday the rollout date for the EU general data protection regulation in Europe, the focus for many businesses now shifts from how to comply to when and how stringently the GDPR will be enforced, said speakers at various webinars and others we spoke with. All agreed enforcement would begin Friday, but there are questions about what the priorities of data protection authorities (DPAs) will be, they said. The Irish Data Protection Commission set out its approach in a Wednesday blog. Privacy experts urged companies to stay calm, but to act to show regulators they're committed to compliance. Civil society groups, however, said the level of scrutiny of U.S. and EU companies by privacy watchdogs and regulators "will be very high," and 28 advocacy groups Thursday pressed U.S. businesses to adopt GDPR rules. Meanwhile, ICANN's struggle to bring its Whois database into alignment with the new regulation continues.
The ICANN board delayed action Sunday on a temporary Whois "specification" aimed at giving it time to come up with a new model that complies with EU privacy law. With the looming EU General Data Protection Regulation May 25 effective date, ICANN proposed an interim plan that balances the existing Whois model with the GDPR by "allowing for the robust collection of [domain name] registration data but also restricting the access to personal data to layered/tiered access," ICANN CEO Göran Marby blogged Friday. Users with a legitimate reason would be able to seek access to non-public data through registrars and registries, and could contact either the registrant or administrative and technical contacts through an anonymized email or web form, he said. Registrants could opt into having full contact details available. But the board didn't vote on the draft at this weekend's Vancouver meeting, emailed Michele Neylon, managing director of Irish domain registrar and hosting company Blacknight Internet Solutions. ICANN didn't comment Monday.