GSMA/ETNO position paper on the European Commission’s Proposal for a Regulation on preventing the dissemination of terrorist content online COM(2018) 640 final

I. Executive summaryOver the last years, the European Commission has proposed measures to further increase the fight against illegal content online. The latest proposal of September 2018 aims to prevent the dissemination of terrorist content online. GSMA and ETNO fully endorse the objective of the European Commission to effectively tackle the dissemination of terrorist content online.

I. Executive summary

Over the last years, the European Commission has proposed measures to further increase the fight against illegal content online. The latest proposal of September 2018 aims to prevent the dissemination of terrorist content online. GSMA and ETNO fully endorse the objective of the European Commission to effectively tackle the dissemination of terrorist content online.


At the same time, we are concerned that the draft regulation could have unintended effects, such as affecting telecom providers that in fact do not provide users with the capability to upload and share third party content to large audiences. Some of the services provided by GSMA and ETNO members are currently in the scope, to the extent that they act in the role of hosting service providers by offering cloud storage solutions. Given the broad range of proposed measures and related penalties, we believe that the scope of the initiative should be more carefully targeted to not unduly affect information society services and infrastructure providers that only operate on the edge of the public web. Furthermore, the suggested measures may disproportionately harm European citizens’ fundamental rights to information and expression protected by existing EU law.

We would like to propose the following recommendations to make the proposal workable and proportionate:

  • As set out in the Explanatory Memorandum, the regulation is meant to have a targeted scope focusing on hosting service providers allowing “upload of third party content” and that “have the ability to reach such a large audience” (COM(2018) 640 final, p. 1). This is also in line with the Commission’s previous initiative on self-regulation by large social media platforms. The targeted approach should be strengthened in the legal text by ensuring that cloud storage services with a predetermined group of users such as corporate intranets, are not covered.
  • The proposal needs to better align with the eCommerce Directive (hereafter eCD). The definition “hosting service provider” creates legal uncertainty, as contrary to the eCD it does not include a clear exemption from liability for information society services whose activity is of a mere technical, automatic and passive nature. In addition, as an effective tool to strike the correct balance of rights and obligations in the Internet ecosystem, the judicial oversight and legal certainty of the liability exemption in the eCD should be maintained.
  • Sufficient time should be given to the hosting service provider to: undertake the technical activities ensuring the order’s completeness; make sure it can be carried out correctly; and avail of the possibility to appeal the decision. The required response time should be proportionate to the level of risk and exposure to terrorist content of a platform.
  • While the proposal calls for a harmonized framework, there is a risk of fragmentation as the definition of “terrorist content” comes from a directive (Article 2).
  • There should be a single authority in each Member State for issuing removal orders and referrals, to avoid technical difficulties and potential security risks in transmitting the requested information.
  • To remove terrorist content efficiently, the evaluation of content should always fall under judicial review of the Member State in which the provider has its main establishment.
  • Finally, the regulation goes beyond what is necessary to ensure the intended purpose. The provisions on duty of care (Article 3) and proactive measures (Article 6), which add to the obligation to remove or disable terrorist content further to a removal order, would represent disproportionate obligations. This could lead to legal uncertainty for hosting providers, especially in combination with the lack of clarity around the definition of hosting service provider.

Full document available here.