AI definition & office, Data Act amendments, short-term rental rules –

AI definition & office, Data Act amendments, short-term rental rules –

Welcome to EURACTIV’s Tech Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here


“The co-rapporteurs know that with the current Council position, it’s important to have a solid majority behind you and properly discuss the proposals to ensure you have that solid majority.”

– A European Parliament official

Story of the week: Co-rapporteurs working on the AI file in the Parliament have put forward the idea of creating an AI Office to oversee the enforcement of the AI Act and mediate when it comes to cross-border cases. As part of new compromise amendments circulated last week and seen by EURACTIV, lawmakers proposed a centralised approach that would replace the original AI Board with a new body, just shy of a new EU agency, with its own legal basis, funding and staff to be tasked with supporting enforcement and resolving disputes. While there is broad consensus on the need for effective enforcement, the idea of creating an AI enforcement agency of any kind has received some pushback from conservative MEPS (and member states) in the past. Read more.

Also on the menu of the shadow meeting on Wednesday was the definition of Artificial Intelligence. The definition was removed from Annex I, as the co-rapporteurs consider it such a critical aspect of the legislation that it cannot be changed via secondary legislation later. The new wording is more outcome-oriented than focused on the process. In particular, AI would have to satisfy three cumulative conditions: receive machine or human-based data; infer how to achieve a given set of goals using learning, reasoning or modelling; generate outputs in the form of content, predictions, recommendations or decisions influencing the real or virtual environment it interacts with. The discussions on this fundamental point are still at a very early stage. Read more.

Don’t miss: The deadline to submit amendments to the Data Act passed on Wednesday. With over 1,000 submitted by lawmakers, the resulting text could be significantly different from the original proposal. From reformulations of the types of data covered and clarifications of legal obligations concerning data-sharing to an extension of provisions on market fairness and more substantial structures on enforcement, EURACTIV breaks down the changes that all the major political groups have put forward. One to watch: how lawmakers are trying to clarify the relations among economic players, for instance, introducing a distinction between manufacturer and data holders and allowing users to monetise their non-personal data. Read more.


Also this week

  • The EU executive and diplomatic branches set out the Cyber Defence Policy
  • The European Commission published a proposal to regulate the short-term rental market
  • The EU competition authority will review in-depth Microsoft’s $69 billion bid to buy Activision Blizzard
  • PEGA rapporteur Sophie in ‘t Veld published her draft (daunting) report on the state of spyware use in Europe


Before we start: The EU’s proposal for a Cyber Resilience Act (CRA) is the first horizontal regulation to introduce security requirements for connected devices and related services. However, the draft regulation has promoted a debate about the type of products that should be covered. We discussed the critical aspects of the proposal with Grégoire Gaonach, a cybersecurity engineer and digital policy consultant at Political Intelligence.

The industry’s view on the Cyber Resilience Act

The EU’s proposal for a Cyber Resilience Act (CRA) is the first horizontal regulation to introduce security requirements for connected devices and related services. However, the draft regulation has promoted a debate about the type of products that should be …

Today’s edition is powered by AWS

AWS and comprehensive data protection in the cloud

How do organisations successfully navigate compliance within Europe? What are the cross-border data transfer requirements? AWS experts Esther Stringham (AWS Legal) and Hans Bos (AWS Security Assurance) dive deeper into both topics.

Watch the webinars >>


Artificial Intelligence

Data protection in AI. Case law on the GDPR’s prior application to automated decision-making systems indicates that there may be a need for further development or clarification of certain obligations laid out in the AI Act, according to the Future of Privacy Forum (FPF), which last week published a follow-up to its earlier analysis of the GDPR’s deployment in the context of Artificial Intelligence. Clarification could be necessary in areas such as accuracy and transparency, the FPF says, also noting that the Act could be used to address significant existing gaps in individuals’ rights to seek redress for using their data in AI systems.

AI’s Nordic challenges. AI is increasingly used as a component of companies’ products and services in Nordic countries. Still, there remain several obstacles, a new report developed by AI laboratory Silo in partnership with 15 Nordic governmental and research organisations has found. Not only is the knowledge gap between large companies using AI and newcomers to the industry increasing, but the number of new AI start-ups is falling, and a lack of talent and data continues to present key challenges when scaling the tech’s use.


Formal probe launched. EU antitrust authorities have launched an in-depth investigation of Microsoft’s $69 billion acquisition of gaming company Activision Blizzard. The escalation comes as little surprise after Microsoft declined to offer any concessions in response to concerns raised by Brussels following its preliminary assessment of the deal. The EU competition authority is concerned that the producer of the Xbox might foreclose rival consoles like PlayStation from accessing Activision’s most popular games like Call of Duty. Similar worries were raised about desktop operating systems and the cloud game streaming market. The Commission will conclude the merger by 23 March 2023, but the deal is also facing scrutiny from watchdogs in six other countries, including the US and UK. Read more.

CISPE’s last card. Microsoft’s week certainly did not improve, as it was also put before a new EU antitrust complaint on Wednesday. The complainant is CISPE, an AWS-backed trade association vocally campaigning against Microsoft’s allegedly unfair software licensing terms. The criticism that Microsoft makes it prohibitively expensive to run its software like Windows on competing cloud infrastructures is a long-standing one. In August, the Big Tech company committed to changes to its licensing conditions, which for CISPE only contributed to making things worse. In the context of the DMA, CISPE lobbied (unsuccessfully) to include legacy software vendors branded as gatekeepers. Hence an antitrust complaint was probably its last card to play against the rival. The ball is now in the European Commission’s court. Read more.

Data matters. EU competition authorities are reportedly preparing charges against Meta for using customer data and classifying ads. Both Brussels and London launched investigations into the company last year. Still, the Commission has recently requested that all confidential information be removed from Meta’s submissions to its watchdogs, often a precursor to sending official charges.

Assessing market power. The Commission announced this week that authorities are pushing to expand the EU’s market definition notice, which guides regulators in measuring a company’s market power when it comes to competition cases. Partially in response to the growing domination of tech giants, Brussels is seeking to place greater emphasis on factors such as innovation and the quality of products and services within the rules, as well as the inclusion of guidance on defining digital markets.


Cyber Defence Policy. The Commission and EEAS presented the Cyber Defence Policy on Thursday, putting together new and old ideas to bolster Europe’s cyber defence capacity. The ambitions of the strategic document clash once again with the budgetary constraints the EU faces (see more under Industrial strategy). Therefore, most of the activities in this sense are limited to voluntary agreements and technological roadmaps, although some extra resources might come from the still fanciful sovereignty fund. Stronger cooperation between militaries, the military and civilians and public and private sectors is also envisaged, including standard-setting for dual-use technology. The ever-green idea of SOCs is back on the table, with Breton insisting they will be supported by a Cyber Solidarity Initiative that will establish a detection infrastructure and emergency response fund with a cyber reserve of trusted providers.

Pan-EU exercises. This week saw ENISA, the EU’s Cybersecurity agency, hold its fourth “Blue OLEx” exercise to test and develop EU coordination in response to large-scale cyber-attacks. Set this year in Vilnius, the exercise aimed to strengthen the operation of the EU CyCLONe network, launched last year to coordinate the responses of national and European-level agencies and governments to, as well as assess preparedness for, major cyber incidents.

EP adoptions. On Thursday, the European Parliament adopted the NIS2 Directive and Digital Operation Resilience Act (DORA) with a crushing majority.

Digital Markets Act

Kick-off meeting. IMCO’s Working Group on the DMA implementation met for the first time on Monday. The initiative is meant to be a platform for obtaining regular updates from the European Commission, therefore, there is little that can be done until the publication of the draft delegated and implementing acts. The opinion rapporteurs from ITRE and ECON were invited as associated committees on the file but did not attend.

Digital Services Act

All we got for now. The European Commission published the landing pages for the methodology for calculating the supervisory fee it will charge very large online platforms and the rules for conducting independent audits. The timing mentioned in the web pages reflects what EURACTIV previously reported on the timeline.

Digital tax

Back on the table? Brussels will look to revive talks on introducing a digital services levy if the global corporation tax agreed to last year is not implemented, Czech finance minister Zbyneěk Stanjura has said, warning that several member states fear the US will not implement the deal. If this happens, Stanjura told the Financial Times that EU governments would restart talks on implementing a bloc-wide tax on digital services that were paused last summer following pressure from Washington. Such a move would likely spark tensions with the US, which previously threatened sanctions on any European countries that introduced these levies.


Product safety discussions. The negotiations are ongoing on the General Product Safety Regulation (GPSR), with the last trilogue on Tuesday. At the centre of the talks were the obligations of the responsible person of third-country sellers. For the European Parliament’s rapporteur Dita Charanzová, the idea of extending periodic safety checks to every product post-market launch, even on products like books and paper clips, is disproportionate. For the Commission and Council, even simple products can prove risky; these periodic checks are paramount to address the issue of unsafe products sold online. Another clash occurred on mystery shopping, random checks that the MEPs want market surveillance authorities to conduct, whilst the member states pushed back against it as an obligation. Similarly, the lawmakers’ request to add the GPSR under the collective redress mechanism was resisted.

Precautionary principle. Although the precautionary principle has not been discussed yet, it looms large over the negotiations. The Commission and Council are pushing for applying the principle to the entire regulation. In contrast, the Parliament’s position is that its application should be proportionate and risk-based, essentially the status quo. Charanzová argues that there is no clear understanding of how such a broad application would work in practice since it would mean enlarging the principle to any product, with the risk of opening the door to extensive litigations.

Gig economy

STR rulebook. The Commission has proposed a new regulation to streamline rental platforms’ operation and data-sharing practices via platforms such as Airbnb, and Expedia. The regulation will build on the DSA and is designed to respond to the leap in popularity of short-term rentals, which now account for around one-quarter of accommodation bookings in the EU. Among the areas to be covered by the regulation are transparency of information, standardisation of registration procedures and more stringent requirements on data-sharing. Read more. 

A regulatory short circuit. But who will the EU’s rules affect? Truth be told, the picture of who are the accommodation hosts is blurred at best. Airbnb and the likes insist most of the hosts are average people trying to get by with the rent of a room or an apartment. Meanwhile, cities say that most accommodations on offer come from investors with an extensive portfolio. And the two things are not mutually exclusive. EU policymakers find themselves in a pickle: you need a legal basis for requesting accurate information about this market, but the access to information means the EU’s evidence-based policymaking, the much-proclaimed ‘better regulation’, is largely thrown out of the window. The risk of fighting in the dark is that the new EU rulebook might have wicked effects, as disproportionate rules might hand over the market to the much-feared speculators. Read more.

Industrial strategy

Chips Act mulls COREPER. The Czech Presidency is set to bring the Chips Act to COREPER next week to pave the way for a general approach. Still, the Working Party meeting on Wednesday highlighted some of the pain points for EU countries. Extensive discussions were dedicated to the European Chips Infrastructure Consortium, as many countries do not see the added value beyond the traditional research consortia, except that the instrument seems tailored on the Belgian IMEC. While differences on the consortia remain, the budget might prove even more challenging, which is somewhat of a general problem. For example, the costly satellite-based internet system that might get agreed upon in the trilogues already next week. “It’s the problem of Breton proposing (political) legislation with EU funds that were not foreseen in MFF, and now is the time where we need to realise there is no money or take money away from others,” an EU official told EURACTIV.

The ‘open’ in strategic autonomy. The EU must enact good regulation and boost innovation rather than closing itself off as it pushes forward with strategic autonomy, Czech Deputy Prime Minister for Digitalisation Ivan Bartoš said last week. At a Czech presidency conference on digital innovation, Bartoš called for the concept of strategic autonomy to be open, focused on building Europe’s strategic capacities and cooperation with democratic allies. Read more.

A German grand strategy. Germany must integrate its domestic and international tech capabilities in the face of heightened technological and geopolitical competition, according to a new report by the German Council on Foreign Relations (DGAP). To do so, the think tank says it must base its digital policy decision on six pillars centred around the “freedom to choose”, ranging from supporting indigenous innovation to guaranteeing technological sustainability and penalising those violating regulations. Reconciling ambitions and outlooks between different sectors and levels of government within Germany will also be vital to fostering a successful digital grand strategy, the DGAP notes.

Manque de confiance. Two years after the partnership was announced, French cloud provider OVHcloud has scrapped its plans to use Google Cloud’s cloud management service, Anthos. The decision was made due to a lack of agreement on conditions for updating the software, the companies said, describing the decision to terminate the agreement as a mutual one in a statement. OVHcloud executives have reportedly also outlined Anthos’ operating conditions as a critical issue, particularly issues linked to securing a guarantee of maintaining a gap between its servers and the US tech giant’s in the future.

Law enforcement

Daunting report. The Parliament’s Pegasus committee launched its draft report this week, summarising the findings of its first four months of investigation into the use of spyware in the EU. Speaking at a press conference to launch the document, MEP Sophie in ‘t Veld warned that the tech was present in every country. Still, she singled out a select number where its use was most widespread and systematic, including in Hungary, Poland, Spain and Greece. In ‘t Veld was also particularly critical of the Commission, which she accused of shirking its responsibility to protect Europe against internal threats to democracy. Read more.

Spyware-based regime. In Cyprus, a former presidential aide turned whistle-blower and journalist has accused authorities of engaging in surveillance activities to benefit Russian oligarchs. Makarios Drousiotis, who used to work as an aide to Cypriot President Nikos Anastasiades, told EURACTIV this week that he had been targeted by spyware and gave evidence to the European Parliament’s Pegasus committee last week on the subject. Read more.

Passcode imprisonment. Those suspected of criminal offences will be obliged to provide law enforcement with the passcodes to their mobile phones, a French court ruled this week, with a failure to do so resulting in a fine of as much as €270,000 or a three-year prison term. The penalties for failing to reveal these details to prevent or reduce the impact of a crime could be even higher, climbing to as much as €450,000- or five years imprisonment. Rights groups have pushed back against the ruling, arguing that it jeopardises people’s right not to incriminate themselves and increases the risk of coercion during investigations.

Back to square one. The EU Council’s Working Party on Judicial Cooperation in Criminal Matters (COPEN) is set to pick up today the e-Evidence discussions from the French Presidency text of the end of June. In the past weeks, the trilogue negotiations have been put on hold as some member states asked to revisit specific points from that compromise.


Re-building trust. Rebuilding declining trust in the media can take several forms. Still, maintaining a connection with audiences must be at the centre of efforts, stakeholders at this year’s European News Media Forum emphasised. Speaking at the event, organised by the Commission to gather media sector experts, representatives of media outlets and organisations across Europe showcased the initiatives undertaken at both newsroom and regional levels to re-establish the waning trust that the public has been placing in news providers for several years, ranging from efforts to diversify content to the development of standardised indicators of robust editorial processes. Read more.


Chaos unfolds. Twitter’s new CEO set his sights on a lofty goal: becoming “by far the most accurate source of information about the world”. Elon Musk’s description of this as the platform’s “mission” this week has prompted significant debate, including pushback from his predecessor, founder and former CEO Jack Dorsey, who replied, “accurate to who?” The confusion adds to what has already been a chaotic start to the company’s new leadership after large numbers of staffers were fired and then, there were attempts to re-hire them. Meanwhile, the Renew group in the European Parliament invited Musk to a hearing. Read more.

And consequences follow. As the dust settled from Elon Musk’s sweeping cuts to the Twitter workforce last week, the move’s implications are becoming more apparent. While departments across the company have been affected, many teams have seemingly been either completely axed or majorly depleted. Among them is Twitter’s machine learning ethics, transparency and accountability team, previously tasked with working on the responsible use of AI and algorithmic transparency. Also eliminated, Tech Crunch reports, were the human rights and accessibility teams, with significant reductions made to the public policy, curation and communications departments.

Someone’s loss is someone’s gain. Elon Musk’s takeover of Twitter has thrown the platform into disarray, with many users departing for alternatives or considering doing so. Mastodon, a decentralised space created by a German programmer, has emerged as one of the most prominent plan B platforms, experiencing a mammoth leap in users in the past weeks. Unlike Twitter and similar social media, which are run centrally by a company, Mastodon operates via a network of administrators working from separate servers linked in a federation, through which users can trade posts and links. Read more. 

The Great Layoff. Less than a week after Twitter enacted mass layoffs, Meta has followed suit, albeit on a much larger scale. In a letter to employees on Wednesday, CEO Mark Zuckerberg announced that 11,000 staffers would be let go, a 13% reduction in the company’s workforce. The cuts, not unexpected, come in response to a series of financial hits for Meta, which announced a 50% decline in quarterly profits last month. Cutting personnel seems to be a general trend for tech companies, with Microsoft, Intel and Snapchat also chipping in. On their side, Apple and Amazon both announced a hiring freeze.

Age verification rollout. Instagram has launched a new approach to verifying users’ ages in the EU and UK, part of broader efforts by the platform to make its services more age-appropriate. In the past, people have been required to provide their dates of birth upon registration, and last year users were again prompted to do so if they hadn’t already. As of this week, however, Instagram has partnered with a privacy company to roll out a new system which will require users seeking to edit their age in a way which will list them as being either over or under 18 to either upload an ID or record a video selfie which will then be analysed using facial recognition technology.

Product liability

JURI gets all. The Product Liability Directive and AI Liability Directive were both assigned to JURI in a preliminary decision, with the Christian democrats Pascal Arimont and Axel Voss set to lead on the two files, respectively. The allocation of the PLD was particularly surprising since even JURI members thought it would go to IMCO. Still, they are now ready to defend their competencies in a likely dispute.

Transatlantic ties

What to expect. EU and US policymakers are still working on some deliverables to display at the next Trade and Technology Council summit. Some of the showcases anticipated by EURACTIV in October seem to be confirmed: a roadmap for cooperation in the field of Artificial Intelligence, an early warning mechanism for semiconductors’ supply chain disruptions, projects on resilience infrastructure and international connectivity.

Stakeholder dialogue. Ahead of the summit in December, the Commission’s Executive Vice-Presidents Margrethe Vestager and Valdis Dombrovskis will meet stakeholders part of the Trade and Technology Dialogue on 21 November.


What else we’re reading this week:

Will sustainability efforts introduce a ‘green levy’ into the ad tech tax? (Digiday)

Tech jobs: mass lay-offs herald Great Redistribution of talent (FT)

China is copying Russia’s election interference playbook (MIT Technology Review)

[Edited by Alice Taylor]

Source link

Related post

Bitcoin pro traders warm up the $24K level, suggesting that the current BTC rally has legs

Bitcoin pro traders warm up the $24K level, suggesting…

On Feb. 1 and Feb 2. Bitcoin’s (BTC) price surpassed even the most bullish price projections after the U.S. Federal Reserve…
Troubled Crypto Miners Get Breathing Room as Bitcoin Rebounds

Troubled Crypto Miners Get Breathing Room as Bitcoin Rebounds

(Bloomberg) — Rising Bitcoin prices are buying some time for distressed crypto miners as they renegotiate debt with lenders to stay…
Financial Accounting Standards Board votes to release draft cryptocurrency in March

Financial Accounting Standards Board votes to release draft cryptocurrency…

The Financial Accounting Standards Board, in its Feb. 1 meeting, voted to advance its first standard on cryptocurrencies and digital assets.…

Leave a Reply

Your email address will not be published.