Legislative Processes & Focus Topics
EU Commission proposal for a “Gigabit Infrastructure Act”
On 23 February, the European Commission presented its long-awaited Gigabit Strategy, setting out its proposals for gigabit connectivity by 2030. The EU Commission’s initiatives on gigabit connectivity include the proposal for a “Gigabit Infrastructure Act”, a draft “Gigabit Recommendation” and an exploratory consultation on the “Future of the Connectivity Sector”.
Gigabit Infrastructure Act
The intention of the Gigabit Infrastructure Act is to address the growing demand for faster, more reliable and more data-intensive connectivity. Its aim is to reduce bureaucratic procedures and costs associated with the deployment of gigabit networks. To achieve this, approval processes are to be simplified and digitalised. The regulation is also intended to improve coordination between network operators during construction work for the creation of physical infrastructure (e.g. ducts and radio masts), and to ensure that market participants have access to this infrastructure. It is also planned that, in principle, all new constructions and existing buildings undergoing major renovation work will be equipped with fibre optics. Once the Commission proposal has been adopted by the Council and Parliament, the new regulations will apply immediately in all Member States.
Gigabit Recommendation
The Gigabit Recommendation is intended to provide the national regulatory authorities with guidelines on the conditions for access to the telecommunications networks of operators with significant market power. Its aim is to ensure that telecommunications network operators have access to the existing network infrastructure. This is intended to create incentives in phasing out conventional technologies within two to three years. The Gigabit Recommendation will replace the existing network access recommendations (the “Recommendation on Next Generation Access Networks” (2010) and the “Recommendation on Non-Discrimination and Costing Methodologies” (2013)).
Consultation on the future of the connectivity sector
With the exploratory consultation on the future of the connectivity sector and connectivity infrastructure, the Commission aims to gather views on the changing technological and market landscape and the potential impact on the electronic communications sector. The focus is on determining which actors should contribute to investments in connectivity infrastructure in the future and whether regulatory intervention in the European Union would be appropriate. Regarding this issue, the EU Commission initiated a consultation in which eco participated. In light of the EU Commission’s consultation and the ensuing political discussion, eco prepared a white paper, analysing the central arguments in a neutral manner and backed up with figures. This study examines the latest developments on the IP interconnection market and observed market trends. It also analyses the extent of traffic-dependent network costs and explores how the network costs of Internet access providers respond to market developments. As a contribution to the debate, the study was provided to the relevant stakeholders. On this topic, eco initiated and facilitated the discussion and internal exchange with the member companies.
Telecommunications – Implementation of the EECC
In the 2023 year under review, the implementation of the European regulatory framework for telecommunications (European Electronic Communications Code) remained on the telecommunications agenda. Member companies in the telecommunications sector continue to be involved in implementing the obligations from the revised Telecommunications Act. This includes fields such as consumer protection and the right to access telecommunications services. In the field of consumer protection, an important topic is the reduction for consumers regarding deviations in Internet speeds for fixed-network lines.
The right to access telecommunications services has been concretised. This standard serves to ensure basic access to the Internet and telephone services. The associations eco, ANGA, Bitkom, BREKO, BUGLAS and VATM worked together in the interests of their member companies to ensure the appropriate implementation of the new obligations and a more concrete formulation. To this end, they drafted joint association letters on the right to access telecommunications (RaVT), affordability principles and the telecommunications data reporting portal, as well as holding meetings with company representatives.
Telecommunications networks
In August 2023, the German Federal Ministry for Digital and Transport (BMDV) presented a draft law to accelerate the roll-out of telecommunications networks (TK-NABEG). The main objective is to expand the roll-out of broadband and mobile infrastructure in line with the German federal government’s Gigabit Strategy. The draft proposes an amendment to the German Telecommunications Act (TKG) and the German Telecommunications Interception Ordinance (TKÜV). In addition, national law is to be adapted to Regulation (EU) 2022/612 (“Roaming Regulation”). A central project of the German telecommunications networks is the introduction of the Gigabit Register as a central data hub for relevant information on broadband roll-out. eco commented on the draft bill with a German-language position paper. A cabinet decision is expected in 2024.
Data retention
Following a referral from the German Federal Administrative Court, the European Court of Justice (ECJ) ruled on 20 September 2022 that the regulation on the retention of traffic data is not compatible with EU law. In compliance with the ECJ ruling, the proceedings at the German Federal Administrative Court were concluded in August 2023. The statutory regulations in Germany on data retention are not compatible with European law. eco has campaigned against data retention from the very outset and, since 2016, has supported its member company SpaceNet AG in all judicial instances. The fundamental political decision and reassessment on the legal obligation to retain data that is now due is still pending. The German coalition (the SPD, The Greens and the FDP) announced that, instead of the regulations on data retention, they want to legally create targeted retention by judicial order. To this end, the German Federal Ministry of Justice (BMJ) intends to draft a proposal for the introduction of a quick freeze procedure. This should also lead to the repeal of the existing legal regulations on data retention, which are contrary to European law.
IT security
In 2023, IT security was primarily dominated by uncertainties. At the European level, the NIS2 Directive was adopted in December 2022. Subsequently, the focus then shifted to the national transposition of the European provisions. However, little progress was made in 2023. A discussion paper was published for the German “Act on the Implementation of NIS2 and Strengthening of Cybersecurity” (NIS2UmsuCG), which eco accompanied with a German-language statement.
In addition, the German Federal Ministry of the Interior and Community (BMI), which is in charge of the project, released a draft law to implement the CER Directive and strengthen the resilience of critical facilities (KRITIS-DachG/CER law). This involves an expansion of the critical sectors and the impacted companies. New additions are the “important” and “particularly important” facilities that have not already been categorised as critical operators. According to the BMI, this concerns more than 24,000 companies in Germany.
The law, regarded as an overarching law for all critical infrastructures, was also intensively accompanied by eco with a German-language statement, given that there were numerous overlaps and interactions with the planned NIS2UmsuCG. Here, too, the legislative project could not be significantly advanced, meaning that both laws will continue to be of relevance to the Internet industry in 2024. Lastly, the work on the European Cyber Resilience Act was also relevant for eco and was accompanied by a position paper at the end of the trilogue process.
National transposition of the Digital Services Act
In tranposing the DSA, its harmonising character means that the German national legal framework must be thoroughly revamped. This applies to the German Telemedia Act (TMG), the German Network Enforcement Act (NetzDG), and the German Protection of Young Persons Act (JuSchG). In August 2023, the German Federal Ministry for Digital and Transport (BMDV) published a draft bill for the Digital Services Act (known as the DDG). The DDG sets the framework in Germany for the European Digital Services Act and the Platform-to-Business (P2B) Regulation and repeals the German Telemedia Act (TMG).
The German Federal Network Agency (BNetzA) is designated as the coordinating body or Digital Services Coordinator, with other bodies such as the German Federal Commissioner for Data Protection and Freedom of Information (BfDI), the German Federal Agency for the Protection of Minors in the Media (BzKJ) and state media authorities also playing a corresponding role. eco contributed to the consultation with a German-language statement. The draft law for the DDG was approved by the cabinet at the end of December. The legislative process for national transposition will take place in the first half of 2024, after the actual entry into force of the DSA in February 2024.
The 5th Interstate Media Amendment Treaty (MÄStV) in November 2023 also harmonised the provisions of the treaty with the provisions of the DSA and the DDG established at European level. eco provided a German-language statement on this initiative.
Law against digital violence
In April 2023, the German Federal Ministry of Justice (BMJ) published a position paper for a law against digital violence. The law against digital violence is intended to make it easier for those affected by legal violations in the digital space to enforce their rights and prevent further legal violations. To this end, private information procedures are to be strengthened, a right to a judicially ordered temporary account ban is to be created, and the delivery of legal documents is to be made easier.
eco produced a comment in German on the considerations contained in the BMJ’s key points for a law against digital violence. Here, eco pointed out fundamental concerns (particularly regarding an overly broad scope of application and excessive obligations for data retention) which should be addressed and resolved in the further legislative process, especially in the specific formulation of the standards.
CSAM Regulation – child abuse content
In the 2023 year under review, political debates and discussions continued regarding the proposal for a “Regulation laying down rules to prevent and combat child abuse” (CSAM Regulation) adopted by the European Commission in May 2022. The proposed regulation intends to oblige Internet service providers to automatically search for known and new content as well as grooming. This goes hand in hand with an attack on end-to-end encryption on the Internet. Other points of criticism on the proposed regulation relate to the provisions for Internet blocking and the insufficient incorporation of existing structures and processes with regard to reporting and deleting abusive content.
In November 2023, the European Parliament set out its negotiating position for the upcoming trilogue on the CSAM Regulation. At the Council level, however, the struggle to find a common position as a basis for the future trilogue negotiations is still ongoing.
eco has been actively involved in the political debate. Based on a German-language background paper, eco contributed to the discussions at European and national level with the involved institutions and MEPs, highlighting the existing concerns and ambiguities related to the Commission’s draft, for instance, during event participation. In addition, eco organised a bxlTalk on the CSAM Regulation.
e-Evidence Regulation and national laws on online searches
For a long period of time, the e-Evidence Regulation concerning the cross-border evidence preservation and the disclosure of electronic data (inventory, traffic and content data) had been the subject of negotiations between the European Parliament and the European Council. The political trilogue was completed at the end of 2022 and, after lengthy follow-up consultations, the negotiations were finally successfully concluded in the summer of 2023. eco participated in discussions at both the European and national levels with the involved ministries and institutions and provided written comments on multiple occasions. Concurrently, with the conclusion of the European legislative process, discussions began on the national transposition of the regulation.
In Germany, the Federal Police Act was revised. eco prepared a German-language statement on the draft bill, which proposed the abolition of the use of the so-called Federal Trojan. The legislative process is expected to be finalised in early 2024. eco also commented (in a German-language external link) on the amendment to the German Federal Intelligence Service Act (BND). In this context, eco expressed concern that the opportunity was missed to eliminate existing legal uncertainties with regard to telecommunications surveillance and the role of the BND within Germany.
European data law / Data Act
In February 2022, the European Commission presented its draft for a European Data Act. This act aims to create a regulatory framework for the use of non-personal data and to make data more readily accessible. The legislative process for the regulation was completed in December 2023 with its publication in the EU Official Journal. This was preceded by trilogue negotiations, which began in March 2023 after the parliamentary report was adopted and the Council’s general approach was agreed upon. These negotiations were then concluded just three months later, in June 2023. During this phase, the core conflicts concerned the protection of trade secrets, the provisions and interoperability requirements for cloud providers, and the data sharing obligations for companies vis-à-vis public authorities.
In order to contribute to the trilogue negotiations, eco drafted a position paper on these and other relevant topics. In particular, eco called for better protection of trade secrets in relation to the sharing obligation, stronger restrictions on the access rights of public authorities to the data of private companies, and less rigid rules for cloud providers. In addition, together with other associations, eco published an open letter at European level and will also actively accompany the national transposition.
Mobility data
In the 2023 year under review, eco actively contributed to the debate on the increased use of mobility data. The key points for a mobility data law presented by the German Federal Ministry of Digital and Transport (BMDV) served as the starting point for drawing up the eco guidelines on the topic. The guidelines were based on a survey that eco conducted among the members of the Mobility Competence Group. In particular, the criteria focused on the problems that exist in connection with the use or availability of mobility data and defined which data should be classified under the term of “mobility data”.
From eco’s point of view, greater use of mobility data is needed not only to enable intermodal mobility and make a significant contribution to the transport transition and the reduction of CO2 emissions in the transport sector, but also to provide a crucial foundation for many valuable smart city or smart region projects. In this context, what is needed above all is legal certainty in the use of data, as well as better availability, especially of public sector mobility data. Furthermore, the exchange and use of data must be able to take place across Europe without obstacles, which requires the establishment of common standards and data spaces. The potential of new forms of mobility and smart city/smart region projects must also be utilised to a greater extent.
Based on these guidelines, eco will continue to engage in the debate on the proposed Mobility Data Act and continue to play an active role.
Digital identities / eIDAS
Regarding the eIDAS Regulation revision at the European level, which aims to create a legal framework for an EU-wide usable and interoperable ID wallet, eco contributed to the trilogue negotiations with a position paper. The focal point of this paper regards an open ecosystem that enables competition between different wallet providers for the most user-friendly solution. Additionally, core components of the position paper include the rejection of mandatory acceptance of the wallet by the private sector – especially the “very large online platforms (VLOPs)” as defined by the Digital Services Act (DSA) – as well as the additional obligations for browser service providers.
Negotiations on the eIDAS Regulation at European level were concluded on 6 November. eco will continue to actively support the transposition process.
Artificial intelligence
The year 2023 was also marked by the debate on the use of artificial intelligence. This also centred on the question of how AI systems and models should be regulated. At the European level, the focus was primarily on the negotiations for a European AI regulation (AI Act). This was set out to be the world’s first comprehensive set of rules for regulating artificial intelligence.
Once the Council and Parliament had agreed on their negotiating mandates, trilogue negotiations began on 14 June via an organisational meeting. During the ensuing trilogue negotiations, it became apparent that the negotiations were difficult in some sectors. This was particularly evident regarding the question of the appropriate regulation of general-purpose AI systems and models. There was also disagreement concerning the practices prohibited under Article 5, mainly concerning the use of biometric recognition systems in public spaces. However, a provisional political agreement on the AI Act was reached during the trilogue negotiations on 8 December.
eco contributed to the negotiations with a position paper and participated in several open letters at the European level. Key issues included the call for unbureaucratic rules for developers and users of AI systems and models, an internationally compatible AI definition, and practical criteria for classifying systems and models as high-risk. eco also advocated for greater inclusion of self-regulatory approaches (Codes of Conduct) in the AI Act.
Even after the AI Act has been adopted, eco will continue to be actively engaged and will diligently support the transposition process.
Regarding the planned AI liability directive, no progress was made in the year under review. It is expected that this will only be taken up again by the newly formed Parliament in the next legislative term – provided that there is a majority in favour of the directive in the newly composed Parliament.
eco has drawn up guidelines (in German-language) on dealing with artificial intelligence. These address new developments and the current state of the debate on dealing with AI systems. The guidelines cover issues such as copyright law, the need to strengthen employees’ AI skills, and the increased promotion of AI-driven innovation. These guidelines form the basis for further activities in the field of artificial intelligence and will be updated as required.
Aspects of sustainable digitalisation
The German Alliance 90/The Greens parliamentary group published a German-language author’s paper entitled “Making digitalisation a driver of climate protection!”. In this paper, several members of the parliamentary group and the European Parliament advocate for a digital sustainability law with the aim to make digitalisation a cross-sectoral task while simultaneously reducing the energy consumption of digital infrastructures. In March 2023, the discussion on the topic of digital sustainability was further intensified at the digital conference of the Green parliamentary group in the German Bundestag. eco contributed to the debate by hosting its own roundtable in June 2023 and publishing a white paper on the topic.
In spring 2023, the ecolabels for data centres and co-location data centres were revised and merged once again. The new “Blue Angel for Data Centres” ecolabel aims to enable a more flexible assessment of the various business models for operating data centres. Nevertheless, eco believes that some adjustments are still required to improve the ecolabel’s innovation-friendliness and market acceptance.
During the Digital Summit in November 2023, the German Federal Ministry for Digital and Transport (BMDV) presented the results of the commissioned “Meta-study on the sustainable expansion of gigabit networks”. Alongside this, key points were introduced to serve as the basis for formulating recommendations for the sustainable expansion of gigabit networks. The aim is to expand the general guidelines for the development of the analysed network infrastructures and, in doing so, to contribute to improved environmental compatibility. eco commented on the meta-study and key points with its own position paper.
Energy policy and climate policy
In September 2023, the European Parliament adopted the Renewable Energy Directive (RED III). The RED aims to increase the use of renewable energy in the EU. By 2030, 42.5% of energy consumption in the EU must be covered by renewable energy sources. The directive is particularly relevant for energy-intensive ICT infrastructures. The directive was published in the Official Journal of the EU in October 2023 and came into force in November 2023. The Member States must transpose the directive into national law by May 2025. Transposition is expected in Germany in the course of 2024.
The Energy Efficiency Directive (EED) was adopted by the European Parliament in June 2023 and came into force in October 2023. The amendment is intended to set new energy-saving targets in the EU to reduce energy consumption throughout the EU by 11.7% by 2030. The Member States must transpose the directive into national law by 11 October 2025. In Germany, the EED will be implemented with the recently passed Energy Efficiency Act. The directive authorises the Commission to establish reporting obligations and efficiency standards for data centres. In December 2023, the EU Commission published a draft delegated regulation for a reporting system for data centres. eco submitted a position paper as part of the public consultation.
In May 2023, the German Federal Ministry for Economic Affairs and Climate Action (BMWK) presented a working paper outlining a concept for medium to long-term relief for energy-intensive companies by means of an industrial electricity price. This is intended to protect energy-intensive companies in Germany from rising electricity prices in the long term to maintain their competitiveness. The main focus is on the manufacturing sector and future-oriented industries such as battery factories, PV production and semiconductor manufacturing. However, data centres have not been included in these considerations. Data centres in Germany have to contend with high electricity prices in international comparison and insufficient access to renewable energies, which hampers their international competitiveness. eco published a German-language background paper in August 2023 to examine the eligibility of data centres for an industrial electricity price, taking into account the applicable EU state aid law.
German Energy Efficiency Act
The German Energy Efficiency Act (EnEfG) aims to promote a cross-sectional and cross-sectoral reduction of energy consumption. The EnEfG also aims to transpose the EU Energy Efficiency Directive (EED) into German law. Following the initial draft in November 2022, the legislative process was completed by the end of 2023. eco actively participated in the discussion surrounding the Energy Efficiency Act. Among other aspects, it drafted several German-language statements and position papers to accompany the departmental coordination and parliamentary process. The law was adopted by the German Bundestag in September 2023 and has been in force since November 2023. eco published a debriefing to inform member companies about the new legal regulations and requirements. Although the EnEfG transposes the EED, in some cases it places significantly more challenging requirements on the construction and operation of data centres. eco will continue to actively monitor the transposition of the law with regard to potential amendment laws.
German Interstate Treaty on the Protection of Minors in the Media (JMStV)
The amendment of the German Interstate Treaty on the Protection of Minors in the Media (JMStV), which was initiated in spring 2020, was further pursued by the state and senate chancelleries of the German federal states in 2023. The core of the project is the further development and reform of technical youth media protection by supplementing existing systems with end device-based or operating system-based youth protection solutions and settings options.
After evaluating an online participation process from 2022, the German federal states specified and revised their draft and once again entered it for public consultation in November 2023. eco availed of this opportunity to participate and issued a German-language statement. In this statement, eco advocated for a stronger integration of existing approaches and services for the technical protection of minors in the media that are already established on the market. eco also called for international compatibility and greater congruence with the Youth Protection Act regarding age ratings.
International digital policy
With a strategy for international digital policy, the German government aimed for the first time to outline its objectives and standards for digital policy in the international arena. Simultaneously, the Global Digital Compact (GDC) was under discussion at the United Nations level. eco contributed to the debate with a guideline paper for international digital policy, which made it possible to consistently accompany the various issues and debates at the international level. The publication of the International Digital Strategy and the GDC is targeted for the year 2024.