This chapter first considers the 2013 Proposal and Trilogue in 2014/15, then the 2015 Regulation’s net neutrality aspects, before finally looking at the details of BEREC’s implementation of its Guidelines. European law upheld transparency on a mandatory basis, and minimum QoS on a voluntary basis, under provisions in the 2009 electronic communications framework. In May 2011 Commissioner Kroes stated she was in favour of net neutrality ‘lite’: ‘I am ready to prohibit the blocking of lawful services or applications. It’s not OK for Skype and other such services to be throttled.’² However, she then asked BEREC to undertake preparatory work on behalf of the Commission to examine the nature of the problems and potential solutions. BEREC published a great deal of useful information regarding the techno-economic aspects of the argument in 2011–14 (see Table 1, Chapter 1) including a survey in which mobile operators admitted to blocking VoIP, especially Skype.

In spring 2013 the European Commissioner was finally prepared to act, though, as I detailed in Chapter 3, she proceeded on the basis of net neutrality ‘lite’ and explicit support for Specialised Services. On 11 September 2013 the European Commission adopted a proposed Regulation that would substantially impact and harmonise net neutrality provision, allowing priority Specialised Services and generally preventing IAPs from blocking or throttling third-party content.³ The proposal was extensively strengthened from a July 2013 draft, and its essential items were in part positive and in part negative for net neutrality policy.

Article 23(5) would enforce net neutrality ‘lite’, thus conforming to the Netherlands and Slovenian laws:

These are defined as:

1. implement a legislative provision or a court order, or prevent or impede serious crimes;
2. preserve the integrity and security of the network, services provided via this network, and the end-users’ terminals;
3. prevent the transmission of unsolicited communications to end-users who have given their prior consent to such restrictive measures;
4. minimize the effects of temporary or exceptional network congestion provided that equivalent types of traffic are treated equally.

It continues: ‘Reasonable traffic management shall only entail processing of data that is necessary and proportionate to achieve the purposes set out in this paragraph.’ Articles 21–24 then explain users’ contractual remedies in switching from providers who discriminate unreasonably.

European law is a deliberate process of negotiation between the Commission (which has sole power to initiate legislation and acts as the ‘Guardian of the Treaties’), the Parliament (whose Committees consider legislation in detail, propose amendments and advise the full plenary of Parliament on how to vote) and the Council (comprising the 28 Member States’ representatives, including many who are the largest shareholders in their dominant IAP). The process is rather tortuous to outsiders, and Table 6 shows the progress of the first net neutrality ‘advisory’ law that came into force in 2011, and the second that was passed on 27 October 2015.

In particular, note that in each case the law was amended by Parliament on First Reading, leading to a Trilogue with the Commission and Council of Ministers in which the head of the relevant Parliamentary Committee had to negotiate a compromise agreeable to Member State governments, to then be returned for a further vote in Parliament. In 2009, prior to the five-yearly parliamentary elections, the Parliament held its nerve at Second Reading and forced the Council of Ministers to accept a slightly stronger net neutrality ‘advisory’ opinion than they had wished. This occurred after the elections in 2015, and Parliament caved in. I briefly outline why that happened, before analysing the new law in detail, and BEREC’s consultation on its meaning, in the remainder of the chapter.

Trilogue agreement on net neutrality regulation 2015

Schaake and almost 200 other pro-neutrality European parliamentarians wrote to the Italian EU Presidency on 25 November 2014, worried that ‘The initial impressions of your proposals concern us, as they would water down precisely those strong definitions of net neutrality and specialized services that are needed in an EU Digital Single Market.’⁴ Given the Italian government’s historic relations with Telecom Italia, that is unsurprising. Julia Reda MEP had forewarned of Deutsche Telekom’s views in a written question in Parliament in June 2013:

The Regulation was published shortly thereafter, in September 2013. After its trashing by Parliament, Council and BEREC as both a power grab for the Commission and a political obituary for outgoing Commissioner Kroes, all that remained by the end of 2014 was mobile roaming and net neutrality. All other issues were parked until the 2016 Telecom Single Market proposal, which was in Regulatory Fitness and Performance Programme (REFIT) evaluation until autumn 2016.⁶

Though it is always dangerous to make predictions (especially about the future), I had assumed that the First Reading strong parliamentary position would collapse in the face of Commission and Council intransigence and the tempting carrot of a proposed end to roaming in 2017.⁷ This occurred even more completely than I had predicted:

Ed Vaizey set out the UK position very clearly in a ‘Dear Bill’ letter to the Chair of the UK Parliament European Scrutiny Committee in May 2014:

What he identified is that the Committee on Industry, Research and Energy (ITRE) report of Malcolm Harbour, an arch corporatist Conservative, had been overturned in particular by the Dutch liberals led by Marietje Schaake. BEREC found this an improvement on the poor original EC proposal, but:

Unfortunately, the final version of the Regulation moved backwards to a deliberate obfuscation of the distinction between the Internet and private services, leaving definition to NRAs.

Ed Vaizey for the UK government argued that the net neutrality situation:

It was the Germans’ apparent change of heart for the three-month Trilogue process in early 2015 prior to the Second Reading that may have proven to be the key change, together with the very obvious compromising quality of the Spanish European People’s Party MEP del Castillo¹² supposedly defending the parliamentary position from the First Reading. Trilogue is an entirely opaque process, but the German ruling coalition had agreed to argue for the First Reading text in Council. Between their representative, the other Member States, the new Commissioner (Internet newbie, elderly corporatist, Christian Democrat regional politician Gunther Oettinger¹³) and Del Castillo, the defence of the First Reading almost entirely collapsed in 2015. Oettinger opened the trilogue on 4 March, and the following day famously decried Pirate Party lobbying for strong net neutrality by declaring:

He appeared to believe that drone vehicles needed a continuous low-latency, high-speed connection via the public Internet. (It is impossible to overstate how important the automobile industry is to southern German politicians, especially his home town of Stuttgart, also the home town of Porsche and Mercedes.) When challenged by the Pirate Party MEP Reda, he took three months until the Trilogue had finished before confirming via parliamentary answer that his technical assumptions were not based on a specific example.¹⁵

Table 7 shows the timing of the Trilogue negotiations and final European Parliament vote.

This was a deal conducted in private in spring 2015. Though the German government and Parliament were in favour of net neutrality in 2014 after German elections and before European Parliament elections, Freedom House summarises the retreat by the German government from its formal coalition agreement in late 2013 (‘Granting net neutrality will be one of the aims of the government’¹⁶) to its position in 2015:

This certainly appears to have been the approach pursued by Oettinger and Deutsche Telekom, and indeed the outcome of the Trilogue.

As the European Digital Rights Initiative (a consortium of national civil society representatives) put it:

The Trilogue outcome removed the definitions of SpS and net neutrality, and were very unclear on zero rating. While the European Parliament and Commission congratulated themselves, the truth was revealed by the governments of the Netherlands and Slovenia, who already had net neutrality and feared that in 2016 they would be obliged to repeal their laws. Slovenia stated that it was particularly the express permission for SpS to which it objected:

The Netherlands made clear its particular opposition was based on ‘zero rating’ and price discrimination:

This makes the national objections clear, and the civil society and parliamentary debates in Horten’s 2010 work²¹ deserve a sequel: now for the legislative detail.

Regulation 2015/2120

After more than two years of gestation, on 27 October 2015 the net neutrality law was approved by the European Parliament.²² As the new Regulation states, the safeguard of equal and non-discriminatory treatment of Internet traffic became urgent and necessary because ‘a significant number of end-users are affected by traffic management practices which block or slow down specific applications or services’.²³ Indeed, the spread of such discriminatory practices had been clearly demonstrated by a joint investigation by BEREC and the European Commission in 2012.²⁴

Reactions to the vote were quite heterogeneous, with the European Commissioners cheering the rules as excellent news²⁵ and several NGOs stressing the existence of worrying loopholes. The reality lies in the Guidelines issued by BEREC in August 2016 to enforce the rules, and the NRAs’ individual and collective actions in enforcing that set of guidelines.

To begin with, note that the Regulation is hideously badly written, even by the standards of European law. If a camel is a horse designed by a committee, this was a digital rendition drawn by a joint committee of the Council of Ministers, Commission and Parliament, none of whom had ever seen a horse before, nor knew how it should function. In particular, it introduces two new definitions which have no objective justification, both signifying ‘Electronic Communications Service Provider’ (ECPS), the Euro-version of an Internet Access Provider. It fails to define VPN, though the term is used in the Regulation. Article 2 sets out these definitions based on previous e-communications law,²⁶ but adds two new types: PECP (provider of electronic communications to the public) and IAS (Internet Access Service):

1. ‘provider of electronic communications to the public’ means an undertaking providing public communications networks or publicly available electronic communications services;
2. ‘internet access service’ means a publicly available electronic communications service that provides access to the internet, and thereby connectivity to virtually all end points of the internet, irrespective of the network technology and terminal equipment used.

‘Virtually all’ may have the meaning ‘substantially all’ or ‘most that are technically possible’. Is this all end user points, or content providers, or both? It is at least a close approximation of the FCC term broadband IAS:

The assumption must be that creating a new definition is undertaken in order to capture services otherwise excluded by the Framework Directive (2002/21/EC) Article 2:

3. ‘electronic communications service’ means a service normally provided for remuneration which consists wholly or mainly in the conveyance of signals on electronic communications networks, including telecommunications services and transmission services in networks used for broadcasting, but exclude services providing, or exercising editorial control over, content transmitted using electronic communications networks and services; it does not include information society services, as defined in Article 1 of Directive 98/34/EC, which do not consist wholly or mainly in the conveyance of signals on electronic communications networks.

The Regulation states that the Open Internet – not net neutrality – is to be preserved in Articles 3–6, which impose duties on IAPs, NRAs and the Commission itself.

Regulation 2015/2120 recitals

As almost always with European law, it is the explanatory Recitals which provide more information on what the Regulation’s language actually means, as a guide to interpretation. We therefore begin with Recitals 1–19. Recitals 1–10 are relatively short and set out the basics of Open Internet rules. Recitals 11–15 explain the exceptions, for reasonable traffic management measures (TM/M), for PECPs, as well as ‘content, applications or services’ (CAS). To begin:

1. This Regulation aims to establish common rules to safeguard equal and non-discriminatory treatment of traffic in the provision of [IAS] and related end-users’ rights. It aims to protect end-users and simultaneously to guarantee the continued functioning of the internet ecosystem as an engine of innovation. Reforms in the field of roaming should give end-users the confidence to stay connected when they travel within the Union, and should, over time, become a driver of convergent pricing and other conditions in the Union.
2. The measures provided for in this Regulation respect the principle of technological neutrality, that is to say they neither impose nor discriminate in favour of the use of a particular type of technology.

The second Recital is necessarily a bare-faced lie as the Regulation is studded with specific mobile-only provisions against an Open Internet, and of course roaming itself can only be provided by mobile networks. However, claims of ‘technological neutrality’ are part of the EC’s Information Society ‘tao’, especially when not true. They are more a ‘motherhood and apple pie’ aspiration than a principle, as Reed points out,²⁸ rather like net neutrality itself.

Recital 3 is a garbled synopsis of the dreadful Impact Assessment²⁹ that accompanied the original COM(2013) 267:

3. The internet has developed over the past decades as an open platform for innovation with low access barriers for end-users, providers of [CAS] and providers of [IAS]. The existing regulatory framework aims to promote the ability of end-users to access and distribute information or run applications and services of their choice. However, a significant number of end-users are affected by TM practices which block or slow down specific [CAS]. Those tendencies require common rules at the Union level to ensure the openness of the internet and to avoid fragmentation of the internal market resulting from measures adopted by individual Member States.

Recital 4 tries to explain basic principles without having to use the term ‘net neutrality’:

4. An IAS provides access to the internet, and in principle to all the end-points thereof, irrespective of the network technology and terminal equipment used by end-users. However, for reasons outside the control of providers of IAS, certain end points of the internet may not always be accessible. Therefore, such providers should be deemed to have complied with their obligations related to the provision of an IAS within the meaning of this Regulation when that service provides connectivity to virtually all end points of the internet. Providers of IAS should therefore not restrict connectivity to any accessible end-points of the internet.

Recitals 5–6 explain the freedom to connect equipment to the network together with content, applications and services – the FCC ‘Four Freedoms’ of 2005. However, copyright, speech-crime and other laws apply, so ‘matters therefore remain subject to Union law, or national law that complies with Union law’.

Recital 7 may be termed the ‘zero rating’/SpS clause: ‘In order to exercise their rights … end-users should be free to agree with providers of IAS on tariffs for specific data volumes and speeds of the IAS.’ These contracts (‘freedom’) and their implementation by IAS providers:

Material effect is not defined, and will presumably emerge as a matter of practice within BEREC, as explored in the next chapter. To take an example from Chapter 3: only HD video really congests – so how can anything else have a ‘material’ effect?

The use of competition terminology may be interpreted as either allowing a de minimis exception for small IAPs, or to permit further analysis of the type indulged in by the French regulator when analysing the Level3/France Telecom and YouTube/Free disputes. Finally, ‘[NRAs] should be required, as part of their monitoring and enforcement function, to intervene when agreements or commercial practices would result in the undermining of the essence of the end-users’ rights.’ Powers must therefore be put in place where they are currently inadequate, though in the UK case such powers are already in place.

I have argued for a decade that common carriage requirements of FRAND should be imposed on IAS, including for zero rated services and SpS. The Regulation does not adopt that usage, but instead settles for the weaker ‘reasonable’, defined as ‘transparent, non-discriminatory and proportionate’ (RTNDP), a type of restriction on commercial practice that will depend even more heavily on the regulator than the well-recognised and court-enforced FRAND used in patent and other legal matters. The relevant Recitals state:

8. When providing IAS, providers of those services should treat all traffic equally, without discrimination, restriction or interference, independently of its sender or receiver, CAS, or terminal equipment. According to general principles of Union law and settled case-law, comparable situations should not be treated differently and different situations should not be treated in the same way unless such treatment is objectively justified.
9. The objective of reasonable TM is to contribute to an efficient use of network resources and to an optimisation of overall transmission quality responding to the objectively different technical quality of service requirements of specific categories of traffic, and thus of the CAS transmitted. Reasonable TMM applied by providers of IAS should be transparent, non-discriminatory and proportionate, and should not be based on commercial considerations.

Objectively different management of email as compared with phone calls or streamed video is permitted:

Recital 10 is then a nod to the privacy regulators, who were extremely unimpressed with the Regulation: ‘Reasonable TM does not require techniques which monitor the specific content of data traffic transmitted via the IAS.’ Recitals 33–35 explain that the legislative Act complies with fundamental rights, subsidiarity and Recital 35 and that the EDPS was consulted, though the date of its Opinion is incorrect: ‘delivered an opinion on 24 November 2013’ when it was in fact 14 November.³⁰ The EDPS had actually stated that the legal exceptions to neutrality ‘appear overly broad and have a considerable potential to trigger a wide-scale, preventive monitoring of communications content. A surveillance of this kind will not only go contrary to the right to confidentiality of communications, as well as privacy and personal data protection, but furthermore may seriously undermine consumer confidence’.³¹ It also robustly criticises the failure to make it a legal pre-contractual requirement to inform consumers if the IAP is using DPI or other ‘communication inspection techniques’³² and that:

The institutions ignored the EDPS advice in the final Regulation.

Recitals 11–12 are general:

11. Any TM practices which go beyond such reasonable TMM, by blocking, slowing down, altering, restricting, interfering with, degrading or discriminating between specific CAS, or specific categories of CAS, should be prohibited, subject to the justified and defined exceptions laid down in this Regulation. Those exceptions should be subject to strict interpretation and to proportionality requirements. Specific CAS, as well as specific categories thereof, should be protected because of the negative impact on end-user choice and innovation of blocking, or of other restrictive measures not falling within the justified exceptions. Rules against altering CAS refer to a modification of the content of the communication, but do not ban non-discriminatory data compression techniques which reduce the size of a data file without any modification of the content. Such compression enables a more efficient use of scarce resources and serves the end-users’ interests by reducing data volumes, increasing speed and enhancing the experience of using the content, applications or services concerned.
12. TMM that go beyond such reasonable TMM may only be applied as necessary and for as long as necessary to comply with the three justified exceptions laid down in this Regulation.

Recitals 13–15 explain the justifications. Recital 13 deals with the requirement imposed by various branches of government to block CAS:

13. First, situations may arise in which providers of [IAS] are subject to Union legislative acts, or national legislation that complies with Union law (for example, related to the lawfulness of CAS, or to public safety), including criminal law, requiring, for example, blocking of specific CAS.
    In addition, situations may arise in which those providers are subject to measures that comply with Union law, implementing or applying Union legislative acts or national legislation, such as measures of general application, court orders, decisions of public authorities vested with relevant powers, or other measures ensuring compliance with such Union legislative acts or national legislation (for example, obligations to comply with court orders or orders by public authorities requiring to block unlawful content).
    The requirement to comply with Union law relates, inter alia, to the compliance with the requirements of the Charter of Fundamental Rights of the European Union (‘the Charter’) in relation to limitations on the exercise of fundamental rights and freedoms.
    As provided in Directive 2002/21/EC … any measures liable to restrict those fundamental rights or freedoms are only to be imposed if they are appropriate, proportionate and necessary within a democratic society, and if their implementation is subject to adequate procedural safeguards in conformity with the European Convention for the Protection of Human Rights and Fundamental Freedoms, including its provisions on effective judicial protection and due process.

Recital 14 deals with cyber security incidents:

Recital 15 deals with lack of capacity and temporary congestion:

It explains the difference between ‘temporary exceptional’ congestion and unreasonable lack of network capacity:

Recital 16 deals with the specific exception of SpS, though it is classified here as ‘other’ than IAS:

The circumstances under which SpS can be offered are detailed in Recital 17:

It also contains a somewhat unnecessary infringement of technological neutrality to explain that cell towers can get congested in peak periods and that this may be somewhat unavoidable – which could surely have been left to BEREC’s better judgement in 2016 Guidelines.

Recital 19 explains the duties of NRAs in regard to IAS:

Recital 18 explains in incredibly conflated language that privacy must be maintained in use of traffic management:

It then explains what NRAs should do to enforce these consumer protection rules:

This imposes on BEREC members collectively the need to coordinate monitoring mechanisms and their certification, and to individual NRAs the obligation to inform consumers of the legal redress mechanisms available. Without this, the Regulation has absolutely no teeth.

Regulation 2015/2120 Articles 3–6

Article 3(1) states the Four Freedoms, Article 3(2) that contracts/practices cannot limit those rights and Article 3(3) that traffic must be treated equally:

1. End-users shall have the right to access and distribute information and content, use and provide applications and services, and use terminal equipment of their choice, irrespective of the end-user’s or provider’s location or the location, origin or destination of the information, CAS, via their IAS. This paragraph is without prejudice to Union law, or national law that complies with Union law, related to the lawfulness of the CAS.
2. Agreements between PIAS [providers of Internet access service] and end-users on commercial and technical conditions and the characteristics of IAS such as price, data volumes or speed, and any commercial practices conducted by PIAS, shall not limit the exercise of the rights of end-users laid down in paragraph 1.
3. PIAS shall treat all traffic equally, when providing IAS, without discrimination, restriction or interference, and irrespective of the sender and receiver, the [CAS], or the terminal equipment used.

Do we read Article 3.3 in light of Article 3.2, when Recital 11 tells us that ‘those exceptions should be subject to strict interpretation and to proportionality requirements’?

Immediately, the general RTNDP condition is detailed, and three justified exceptions are identified:

1. comply with Union legislative acts, or national legislation that complies with Union law, to which the provider of internet access services is subject, or with measures that comply with Union law giving effect to such Union legislative acts or national legislation, including with orders by courts or public authorities vested with relevant powers;
2. preserve the integrity and security of the network, of services provided via that network, and of the terminal equipment of end-users;
3. prevent impending network congestion and mitigate the effects of exceptional or temporary network congestion, provided that equivalent categories of traffic are treated equally.

Article 3(4) is a basic privacy reminder.³⁶ Article 3(5) sets out the SpS exception:

5. PECP, including PIAS, and providers of CAS shall be free to offer services other than IAS which are optimised for specific CAS, or a combination thereof, where the optimisation is necessary in order to meet requirements of the CAS for a specific level of quality. PECP, including PIAS, may offer or facilitate such services only if the network capacity is sufficient to provide them in addition to any IAS provided. Such services shall not be usable or offered as a replacement for IAS, and shall not be to the detriment of the availability or general quality of IAS for end-users.

O’Donoghue and Pascoe argue the Regulation is ‘expressed in extremely telegraphic terms … not exactly a model of clarity and consistency.’³⁷ Because the exception for SpS in Article 3(5) provides a general right and not a derogating exception (as with other elements of Article 3), they argue the ‘concept of necessity under Article 3(5) is not only independent of how that concept would be defined in other contexts under EU law, but is even distinct from how necessity is defined in other aspects of the Regulation’. They also argue that judging which qualities are ‘necessary’ for SpS is aided by a recent High Court case accepting reduced latency as a vital element in Google Maps service.³⁸ While this remains to be seen, I agree with their conclusion that ‘the concept of “reasonable traffic management measures” is nebulous and is therefore likely to lead to litigation’.³⁹ They see the best line of attack as ‘to challenge various aspects of the Regulation, or at least certain suggested interpretations of it, on the basis that they would be inconsistent with the concept of non-discrimination as a (higher) general principle under EU law’. They also see litigation grounds on:

Expect telecoms operators to threaten Ofcom and other NRAs, and if necessary to launch litigation based on these arguments, in 2017 and beyond.

Article 4 on transparency may have the most immediate impact on users, as it enforces proper information on the actual use of the PIAS, and took effect from 29 November 2015:

1. PIAS shall ensure that any contract which includes IAS specifies at least the following:

1. information on how TMM applied by that provider could impact on the quality of the IAS, on the privacy of end-users and on the protection of their personal data;
2. a clear and comprehensible explanation as to how any volume limitation, speed and other quality of service parameters may in practice have an impact on IAS, and in particular on the use of CAS;
3. a clear and comprehensible explanation of how any services referred to in Article 3(5) to which the end-user subscribes might in practice have an impact on the IAS provided to that end-user.

This mandates minimal consumer protection by IAPs within minimal consumer protection by regulators. Translation: how may your video SpS hamper the rest of your family using regular Internet video services?

4. a clear and comprehensible explanation of the minimum, normally available, maximum and advertised download and upload speed of the IAS in the case of fixed networks, or of the estimated maximum and advertised download and upload speed of the IAS in the case of mobile networks, and how significant deviations from the respective advertised download and upload speeds could impact the exercise of the end-users’ rights laid down in Article 3(1) [emphasis added].

Translation: some real speed data based on postcode needed for fixed users, but mobiles can continue to use laboratory-based maxima for 3G and LTE without regard to real world data. One hopes this interpretation is cynical.

5. a clear and comprehensible explanation of the remedies available to the consumer in accordance with national law in the event of any continuous or regularly recurring discrepancy between the actual performance of the IAS regarding speed or other quality of service parameters and the performance indicated in accordance with points (a) to (d).

There is then a requirement that users can actually enforce measures, but contract termination if the mobile/fixed provider fails to deliver as promised is not specified:

2. PIAS shall put in place transparent, simple and efficient procedures to address complaints of end-users relating to the rights and obligations laid down in Article 3 and paragraph 1 of this Article.
3. The requirements laid down in paragraphs 1 and 2 are in addition to those provided for in Directive 2002/22/EC and shall not prevent Member States from maintaining or introducing additional monitoring, information and transparency requirements, including those concerning the content, form and manner of the information to be published. Those requirements shall comply with this Regulation and the relevant provisions of Directives 2002/21/EC and 2002/22/EC.
4. Any significant discrepancy, continuous or regularly recurring, between the actual performance of the internet access service regarding speed or other quality of service parameters and the performance indicated by the provider of internet access services in accordance with points (a) to (d) of paragraph 1 shall, where the relevant facts are established by a monitoring mechanism certified by the national regulatory authority, be deemed to constitute non-conformity of performance for the purposes of triggering the remedies available to the consumer in accordance with national law. This paragraph shall apply only to contracts concluded or renewed from 29 November 2015.

Minimal harmonisation clauses inside Regulations are very rare, and it will be of more general interest to non-neutrality lawyers to analyse the outcome of this process.

Article 5(1) (Supervision and enforcement) is the teeth of the Regulation:

This is the most explicit mention of QoS regulatory requirements in the entire Regulation.

Article 5(3) sets out BEREC’s deadline: ‘By 30 August 2016, in order to contribute to the consistent application of this Regulation, BEREC shall, after consulting stakeholders and in close cooperation with the Commission, issue guidelines for the implementation of the obligations of national regulatory authorities under this Article.’ Article 6 deals with penalties: ‘Member States shall lay down the rules on penalties applicable to infringements of Articles 3, 4 and 5 and shall take all measures necessary to ensure that they are implemented. The penalties provided for must be effective, proportionate and dissuasive. Member States shall notify the Commission of those rules and measures.’ Notification is thus required by the governments on behalf of NRAs.

Finally, Article 9 exposes the chaotic drafting process and its inevitable denouement; the provisions will be reviewed by 2019:

Given this short timetable, it may be that the 2019 review has nothing to report, or that it recommends codifying the BEREC Guidelines, which are discussed in the next section.

Interpretation: good news, bad news and do not mention the N-word

Although many net neutrality elements have been included in the new Regulation, the lack of any explicit mention of the net neutrality principle is notable. Rather than unequivocally affirming the three pillars of net neutrality, i.e. no blocking, no throttling and no paid prioritisation, the EU policymakers enshrined only the first two components into the Regulation, thus tempering neutrality into a less principled vague ‘Open Internet’. Who can disagree with an Open Internet? Telecoms companies very certainly disagreed with strict net neutrality.

The good news for users is that Europeans have the ‘right to access and distribute information and content, use and provide applications and services, and use terminal equipment of their choice, irrespective of the end-user’s or provider’s location or the location, origin or destination of the information, content, application or service, via their internet access service’ according to Article 3 of the Regulation. Associated with this right is the IAPs’ obligation to ‘treat all traffic equally’ with reasonable traffic management that should be ‘transparent, non-discriminatory and proportionate’ and, very importantly ‘shall not be based on commercial considerations but on objectively different technical quality of service requirements of specific categories of traffic’. This is an important step forward for those Europeans who were lacking basic protections. The EU Regulation will introduce more effective consumer information with realistic assessments of line speed for the individual, rather than laboratory speeds, and mandatory announcements by ISPs of any traffic management practices in terms which are easier to understand – a process previously researched by the Netherlands regulator.⁴¹

However, some crucial issues remain unclear and the devil is in the details that are considered in the final part of this chapter.

BEREC and the Guidelines

In order to explore the European law further, it is necessary to stitch together the interpretations of the European Commission issued at the time of the Regulation’s approval in MEMO-15–5275, with the clarifications and workplan of the European regulators working as BEREC. This is the most speculative element in the monograph, but is intended to add value by attempting to work out how much the new law will affect, for instance, TMPs, SpS and zero rating. The EC hopefully indicated that ‘Europe’s regulators have a long track record in safeguarding open, competitive markets, and the Commission will work closely with the BEREC to ensure that clear guidance is rapidly provided in this field to complement the Regulation itself’.⁴²

BEREC and the EC must also include an element with which they are less familiar: human rights law. Special Rapporteur on Freedom of Expression to the United Nations Frank LaRue had issued a report in 2011 referencing net neutrality in his ongoing work on rights online.⁴³ The Council of Europe (CoE) multi-stakeholder dialogue ‘Network Neutrality and Human Rights’ was held on 29–30 May in Strasbourg.⁴⁴ This dialogue was a result of the 2010 Declaration of the Committee of Ministers on network neutrality.⁴⁵ The CoE is working towards a soft law instrument to guide Member States in the application of net neutrality rules, that support particularly the aspirations of Articles 6, 8, 10 of the Convention. A short outcomes paper of the major points of discussion was communicated to the 47 Member State representatives of the CoE Steering Committee on Media and Information Society (CDMSI) to consider and propose further action.⁴⁶ The European Commissioner had subsequently on 4 June announced to the European Parliament her intention to introduce specific legislation on network neutrality.

The Commission states that:

This is obviously putting the onus on NRAs, who will also have to report annually on the state of the ‘Open Internet’. The EC helpfully adds:

The enforcement of the new Regulation formally took effect after its publication in the Official Journal, but in practice began as of 30 August 2016, nine months after that publication. BEREC – which consists of the 28 national regulators, with its secretariat based in Riga, Latvia – will have to issue specific detailed guidelines to its component national regulators, to ensure that IAPs do not elude the new rules with particular regard to congestion management, Specialised Services and zero rating.

And what about impending congestion? It is unclear what kind of traffic management will be possible in order to ‘prevent impending network congestion’. This will be considered a legitimate exception to the non-discrimination rule, but it will be very difficult to foresee what may qualify as ‘impending congestion’ and what could be reasonable measures to ‘prevent’ or even to define the imminence of ‘impending congestion’.

Introduction to BEREC

BEREC is an example of non-transparent club governance, with a well-established but highly opaque networked model, given that there has been a club of European telecoms regulators since the ‘unofficial’ Independent Regulators Group (IRG) was established in 1997, and the European Regulators Group in 2002. The BEREC role resulted from the political compromise that, instead of the federal European communications regulator longed for by Commissioners since Martin Bangemann in 1997, there should be a coordinatory club of national regulators.⁴⁹

There now 37 members of the IRG, comprising the 28 BEREC members, 4 EFTA (European Free Trade Association)/EEA (European Economic Area) members (Norway, Iceland, Switzerland, Liechtenstein) and 5 EU accession ‘candidates’ (Albania, Macedonia, Montenegro, Serbia, Turkey).⁵⁰ It is thus an extremely well-organised network of NRAs, as befits telecommunications’ status as the least illegitimate of the privatised utilities from the 1990s forwards, and supports the notion of quasi-independence (‘orchestration’ not ‘delegation’) of the network from governments and the EC in this instance.⁵¹

BEREC is a ‘loose’ regulatory network,⁵² not a law-making body, and therefore it does not need to follow better regulation procedures such as entirely open consultation, public meetings or mandatory 12-week consultations.⁵³ While NRAs ‘must take utmost account’ of BEREC decisions,⁵⁴ it is not a legal requirement to follow BEREC guidelines. BEREC has held an annual public stakeholder forum each autumn since 2013 to ‘continue to manifest the open dialogue between BEREC and its members on the one hand and the key stakeholders on the other hand … provide a platform for a transparent exchange of ideas, concepts and also challenges between all parties involved’.⁵⁵ This is videoed and archived and a debriefing session is held after each plenary, as is a consultation on the following year’s work programme. It is, however, atrociously disengaged digitally, with between 5 and 25 total views on its stakeholder forum videos from October 2015 by end-2015, and only 11 out of 25 videos in its entire history attracting over 100 views, despite the renewed 2015 interest in stakeholder consultation resulting from the net neutrality rules.⁵⁶ By contrast, the IRG is an entirely obscure organisation with no public outreach beyond a bland website. As the IRG and BEREC are regulator groups affecting trillion Euro industries,⁵⁷ it is perhaps surprising that there is so little public consumption of their deliberations or a clamour for their greater outreach. But this does reflect the technocratic and commercial nature of their interactions with telecommunications companies, rare interactions with IT and broadcast content providers, and extremely rare interactions with civil society, user groups and consumer representatives.⁵⁸ Similar problems afflict NRAs, with the obscurity of their professed consumer function leading to the expert academic board member of the UK body forthrightly expressing his views of its marginalisation: ‘Even those who argue that net neutrality is a non-issue tend to point out important issues where Ofcom might have done more were it not in retreat.’⁵⁹

BEREC’s Guidelines: process and interpretation

BEREC was charged with ensuring it issues Guidelines by August 2016 for interpretation of the Regulation by NRAs:

The deadlines are as follows:

• Entry into force of the Regulation took place on 30 November 2015; the entire Regulation is applicable 30 April 2016 except for certain provisions (mainly on roaming).
• The deadline for Member States to repeal national measures (including self-regulatory measures) which go against Article 3(2) or 3(3) is 31 December 2016, which must be notified to the Commission by 30 April 2016.
• Deadline for publishing BEREC’s implementation guidelines under Recital 19 is 30 August 2016. European Commission’s report to the European Parliament and the Council reviewing Article 3 (safeguarding of open internet access), Article 4 (transparency measures for ensuring open internet access), Article 5 (supervision and enforcement) and Article 6 (penalties), including proposals for amendments, if necessary, must be delivered by 30 April 2019.
• The Commission will have to issue a report every 4 years as of 30 April 2019.⁶¹

The BEREC Board Meeting (heads of NRAs) of 10 December 2015 held at Ofcom contained the following agenda item 12:

BEREC met with stakeholders to gather views on 15/16 December 2015 in Brussels with stakeholder organisations, grouped on the first day as ‘end users and consumers, and civil society’, with the second ‘commercial’ day for ‘ISPs, equipment manufacturers, content and application providers’. It is explained that:

By the time you read these words, those Guidelines will have provided clarity for NRAs and stakeholders on the rules. The process between January and May 2016 appears to be entirely internal discussion, and the time for consultation is only 4–6 weeks in July 2016. BEUC, the European consumer’s body, argued at the 15 December 2015 workshop that this is unacceptable. BEREC themselves are caught in that the Plenary must agree to publish draft Guidelines, which means the working group cannot do much more themselves with the deadlines they were given in the Regulation.

BEREC explains its outstanding concern on four topics: traffic management practices; Specialised Services; transparency in Internet access quality; and ‘commercial practices’, such as zero rating. These four are the most controversial elements and I deal with each in turn. The co-chairs of the Net Neutrality Working Group (NNWG) – note that BEREC was happy to use the term net neutrality whereas the Regulation will not! – in 2016 were Ofcom for the UK and NKom for Norway (which had co-chaired the group since its foundation in 2011). Team leaders were Italy’s AGCOM (traffic management practices); Belgium (Specialised Services); Greece (transparency in Internet access quality); and Ofcom for the UK (‘commercial practices’, such as zero rating).

All the team leaders prepared a questionnaire for the December stakeholder meetings.

Consultation on traffic management practices

AGCOM prepared the following questions for the meeting:

1. What is your understanding or view on the terms ‘specific categories of traffic’ and ‘specific content, applications or services, or specific categories thereof’ in Article 3(3) subparas 2 and 3?
2. In your view, how can day-to-day ‘reasonable’ TM measures performed by ISPs in accordance with Article 3(3) subpara 2, such as TM for ‘specific categories of traffic’, affect the end user’s choice? It would be helpful if you can provide concrete examples.
3. In your view, how can TM measures ‘going beyond reasonable’ TM performed by ISPs in accordance with Article 3(3) subpara 3, e.g. ‘congestion management’, affect the end user’s choice? It would be helpful if you can provide concrete examples.⁶³

AGCOM is thus seeking views on when practices might be illegal and able to be prosecuted.

The Memo is a vital aid to interpretation, until the BEREC Guidelines are issued, and makes some bold claims. For instance, on traffic management it states:

It adds the old saw that ‘for example vital medical information of a patient receiving home care is delayed because the neighbours are downloading a video. Internet is not different from day-to-day car traffic where you need some basic rules to allow everyone to have access and quality of service.’⁶⁵ However, these are not rules for emergency services but for paid prioritisation, as will become clear.

The EC claims:

This sounds ideal in principle, but there are exceptions:

• to comply with Union or national legislation related to the lawfulness of content or with criminal law, or with measures implementing this legislation such as a decision by public authorities or a court order, for instance if a judge or the police have ordered blocking of specific illegal content;
• to preserve the security and integrity of the network, for instance to prevent misuse of a network and combat viruses, malware or denial of services attacks;
• to minimise network congestion that is temporary or exceptional. This means that operators cannot invoke this exception if their network is frequently congested due to under-investment and capacity scarcity.⁶⁷

The EC claims strenuously that ‘These exceptions have to be interpreted strictly and are subject to proportionality criteria on the scope and duration of traffic management measures’, that it provides ‘a very clear prohibition to use traffic management beyond such reasonable cases … [in] limited and clearly defined circumstances … [and in] a limited number of tightly defined and exhaustive exceptions’. One might think the EC protests too much in this situation, but actions will speak loudly to this claimed power of the Regulation in 2017 and beyond.

Specialised Services

The Belgian NRA questions were very vague:

1. Article 3(5) subpara 1 refers to providing SpS where ‘the optimisation is necessary in order to meet requirements … for a specific level of quality’. What could be the reason for implementing or offering SpS? In your view, are SpS necessary for offering existing or new services?
2. Are you aware of a demand for SpS from end users (including business users)? In your opinion, could content and applications provided on the IAS become a kind of SpS? How should this be assessed under the TSM regulation? If they were allowed, would you see demand for, or benefit to, end users from the provision of sub-Internet offers (i.e. offers where the access to Internet is restricted to a limited set of content and applications)? How should think such offers should be assessed under the TSM regulation?
3. Do you have a view on the impact of the possibility to provide SpS on future innovation and the openness of the Internet? Do you see any issues arising with the provision of SpS to end users?⁶⁸

These are open-ended questions, though perhaps intended to flush out the intention of telcos to redefine SpS as embracing what are in fact regular Internet services, and thus infringing net neutrality.

The European Commission stated that ‘paid prioritization in the open internet will be banned’, but the provision of guaranteed-quality services, i.e. ‘services other than internet access services which are optimised for specific content, applications or services, or a combination thereof’, is explicitly allowed. It will be, therefore, the responsibility of national regulators to make sure that such services are provided only when ‘the network capacity is sufficient to provide them in addition to any internet access services provided’.⁶⁹

In the absence of a clear separation requirement between open access and guaranteed-quality services, the evaluation of network capacity becomes a critical element to avoid abusive conduct, but no indication on how to assess ‘sufficiency’ has been provided by the Regulation. If your Internet access speed and monthly allowance does not change until 2020, you have the same conditions as now, which means you are not impeded – but you will not benefit from the 20 per cent average annual growth in both speed and capacity which has been achieved in the past. Is a static connection acceptable as not ‘impeding’ you?

The EC also states with regard to SpS that these are:

Possibility? That will need defining and is nothing like as straightforward as the BEREC definition of 2012: ‘specialised services are provided over virtual or physical networks distinct from networks constituting the Internet, but that will typically operate over the same infrastructure.’⁷¹

BEREC was unusually highly critical of the original 2013 law proposed by the Commission, stating ‘BEREC believes the relevant definition does not adequately capture their provision within closed networks and so risks hindering NRAs’ capacity to apply’.⁷² It then praised the 2014 European Parliament amendment providing that ‘specialised services should be clearly separated (physically or virtually) from internet access services at the network layer, to ensure that sufficient safeguards prevent degradation of the internet access services’.⁷³

NKom, which had co-chaired the BEREC work, finally stated its continued concern at what became the final legal wording: ‘As specialised services are exempted from net neutrality, it is especially important that the specialised services are clearly separated from the Internet access services, so as to ensure that Internet traffic is not degraded.’⁷⁴ Since Sørensen wrote those words in mid-June 2014, the final wording has actually returned to roughly the original Commission position – a deliberately obscure reading of the definition. It is this that BEREC must clarify in 2016.

Graef points out the differing versions of Specialised Services in the European negotiation of the proposed Regulation – an idea that became so contentious and difficult that it is to be left to NRAs and BEREC to make case-by-case decisions on this, whereas in the legislation of the Netherlands and Slovenia such services are to be defined as ‘non-Internet’: ‘services that are not offered via the public internet but through the closed network of the ISP automatically fall outside the scope of the regulatory framework.’⁷⁵ By contrast, the Norwegian regulator and BEREC co-chair explained that Norway’s co-regulatory rules in 2009 already considered ‘“if the physical connection is shared with other services, it must be clear how the capacity is allocated between the Internet traffic and the other services” to prevent the entire data pipe being given over to specialised services at the expense of open Internet capacity’.⁷⁶

This process will affect the market for network access.⁷⁷ Specialised Services have the potential to support EU consumer cloud services, notably for home workers and small businesses. As Sluijs et al. explain in relation to cloud services, ‘Priority services and differentiated prices could enable clouds to perform more reliable services.’⁷⁸ However, this will take a sizable chunk out of an IAP’s bandwidth, which is a scarce resource, especially in mobile broadband.

Transparency in Internet access quality

The Greek questions were very basic:

1. What information would be beneficial for end users so that they are better informed, e.g. regarding traffic management measures, commercial and technical conditions and their impact on Internet access services? How should this information be communicated to them in the contract? (Ref. Article 4(1)).
2. How should ISPs describe and communicate speed of their IAS offers in the case of fixed and mobile networks? How should the different IAS speed parameters (e.g. minimum, maximum, advertised and normally available speeds in the case of fixed networks and estimated maximum and advertised speeds in the case of mobile) be defined in the contract? (Ref. Article 4(1)(d)).
3. How should ISPs describe other parameters of their IAS offers, such as quality of service parameters (typically latency, jitter, packet loss) and quality as perceived by end users? Should these parameters be defined in the contract? If so, how?⁷⁹

The impression given in December 2015 is that the Greeks have neither the intellectual nor financial resources to devote properly to the task, unsurprising given the highly corporate captured nature of the Greek telecoms market and the exceedingly dire state of Greek government finances, which must impact on the regulator’s competence. With 28 NRAs in the EU, there was bound to be a weak link in the four, and this appeared to be it. Given the huge amount of work carried out by other regulators on transparency, these questions appear extremely dated by comparison. As Ofcom had carried out so much research in this area, it is perhaps most odd that Ofcom chose to influence the zero-rating debate instead. One might guess that Ofcom could both assist its impoverished neighbour Greece in this area, as well as dictating as much as possible a liberal interpretation for zero rating to be permitted.

BEREC Work Programme Item 11.2 begins this investigation in the context of user experience:

The ambition in this work stream is that:

Because net neutrality monitoring is technically challenging, the thinking of BEREC at end-2015 was to have comparable analysis amongst those NRAs who were able and willing to take part (driven no doubt in part by affording the services of SamKnows or future equivalent), building on:

The UK had already responded by suggesting something more co-regulatory or less harmonised might be sufficient, as had the European cable operators at the October 2015 BEREC stakeholder meeting.⁸³

BEREC is committed to using the ‘2015 BEREC NN QoS Feasibility Study [which] will be the basis for the BoR to take a decision on whether to move forward to specifying an opt-in quality monitoring system (with a separate decision on whether to establish it to be taken in 2017)’. In 2017 it will thus have to deal with this monitoring framework in detail in respect of descriptions of Deliverables:

• Description of the framework for NRAs to collaborate in an opt-in quality monitoring system: Adoption in P1/2017 (subject to a BoR decision)
• Overall system requirement specification for the opt-in quality monitoring system: Adoption in P2/2017 (subject to a BoR decision)
• BEREC regulatory toolkit for NN QoS assessment: Adoption in P1/2018.⁸⁴

This is thus a future work programme in place for the period September 2016 to June 2018, further developing NRA responses after the Guidelines are published on 29 August 2016.

‘Commercial practices’: zero rating

Zero rating (or sponsored data plans) is a commercial practice used by some IAPs, consisting in the imposition of data caps, i.e. limits to monthly data volumes, and the parallel exemption of selected zero-rated applications from such caps. The data consumption of the zero-rated applications may be sponsored by the IAP itself or by the application provider, depending on the specific commercial arrangement. This practice has the concrete potential to create a two-tier Internet, since non-zero-rated applications may suffer a considerable disadvantage compared to the zero-rated ones. These could be rival social networks, video or other media providers, or messaging apps. The new Regulation does not specifically address zero rating, but, as discussed, it does not allow traffic management which is ‘based on commercial considerations’. Both proponents and opponents of zero-rating may find arguments in the new Regulation and the debate is far from concluded.

Zero rating is dealt with in detail in Chapter 7. Memo-15–5275 states:

The EC argues that: ‘The new rules therefore contain the necessary safeguards to ensure that providers of internet access cannot circumvent the right of every European to access internet content of their choice, and the provisions on non-discriminatory traffic management, through commercial practices like zero-rating.’⁸⁶ This obliges NRAs:

Genna very strenuously disagrees with that interpretation, arguing that:

I tend to agree with Genna, and the Dutch and Slovenian governments, that the EC interpretation is misleading, whether this is deliberate or not.

Ofcom questions were seeking views regarding different forms of data caps:

1. What is your understanding of the term ‘commercial practices’ (Ref. Article 3(2))? Do you think there is a demand for ‘commercial practices’ such as zero-rating, from the end users’ point of view?
2. Article 3 (2) foresees contractual freedom and ISPs’ freedom to conduct commercial practices. Could you provide examples when/under which circumstances commercial practices would limit the rights of end users? (Ref. Article 3(2) and recital 7)
3. What is your understanding or view regarding the monitoring of traffic for the purpose of traffic management (ref. Article 3(3) subpara 2)? What should ISPs be allowed to do in that regard under the TSM regulation?⁸⁹

It appears from the questions that Ofcom has a much more permissive view of zero rating that the EC memo, which is unsurprising given the UK’s long-standing hostility to regulation of net neutrality, as I will explore in Chapter 6.

My initial impression from these questions in mid-December 2015 was the following:

1. Are they suggesting encrypted traffic could be throttled?
2. Is ‘sub-internet’ to include zero rating?
3. The Greeks don’t sound fit for purpose on this. Did they really think these are sensible questions – I would answer ‘of course’ to all of them as would any regulator that cared about transparency.
4. 4. Ofcom is trying to find a ‘de minimis’ form of zero rating that can be openly expressed as conforming to the Regulation.

I suggest that is more informative questioning than I would expect, especially from Ofcom. It does not mean their final group outcome will be deregulatory. Both NKOM (Norway) and ARCEP (France) are much more in favour of net neutrality than their Greek and British cousins.

Note that while the NRAs for the two net neutral nations, Slovenia and the Netherlands, may lobby against net neutrality inside the opaque hallways of the BEREC plenary, they are in fact infamously opposed to enforcing their national legal provisions for net neutrality, as evidenced by the fact that their respective ministry and consumer organisations had to force them to do so in 2014/15.

The EC also controversially add that:

This appears to refer to the legal guarantees of non-discrimination in effect in the Netherlands, Slovenia and Finland. It is not quite as clear to national governments that their rules remain compatible with the new Regulation.

Future Work Programme for BEREC

BEREC does go one step further in its 2016 Work Programme:

This will help to clarify the extent to which IP interconnection, a vital issue in high bandwidth traffic such as video delivery, becomes a live net neutrality issue in 2017. I predict at this stage that it will, and explore this in more depth in Chapter 3.

BEREC also mentions (not in the context of net neutrality) that it will deliver an Opinion to the EC on Universal Service in 2016/17 as required, explaining that this ‘will ultimately guarantee an adequate “safety net” to European citizens’.⁹²

BEREC completes the summary of its work by acknowledging that its network and in particular the net neutrality Guidelines will be of significant interest to non-European regulators:

The quadrilateral summits of American, European, West Asian and African regulators may become an annual fixture of especial importance in coordinating responses to zero rating by mobile operators based in Europe with subsidiaries in developing nations.

BEREC is thus very active in developing not just the Guidelines legally required in Recital 19 of the 2015 Regulation, but also monitoring QoS cooperation and other areas of interest stretching into 2017–18, not just within the EU/EFTA but also with regulators in neighbouring nations, the Americas, and through the OECD with East Asia also. It has long been recognised that regulators in telecoms exhibit advanced regulatory policy transfer through ‘soft law’ mechanisms and informal coordination, which is now far advanced, and can be compared to that in environmental regulatory governance and other fields of international coordination.

European law conclusion

Regulation 2015/2120 was passed on 27 October 2015.⁹⁵ It was first proposed by the European Commission as a minimal regulation in May 2013, passed at First Amendment in the European Parliament with amendments that would ban both zero rating and tightly defined Specialised Services as physically and/or logically separate to the Internet in April 2014,⁹⁶ and then revised in the Council of Ministers to more closely resemble the original proposal, agreed in a highly contentious Trilogue with the Commission and Parliamentary Committee Chair in June 2015. It returned to the Parliament for a vote on potential amendments, which failed, meaning the Regulation became law in all 28 Member States.

After the Trilogue in June 2015, EC Vice-President Ansip claimed:

However, that fails to clarify either zero rating or SpS, to the anger of some parliamentarians who fear their laws will be undermined by the weaker compromise adopted. Can consumers trust the German or Cyprus NRA to get that technical judgment correct? Does BEREC have the competence to help them? That remains to be seen, as BEREC will have to clarify the application of the law. The lack of clarity in the Regulation means that the guidance in the BEREC Guidelines in 2016 will be eagerly awaited on both zero-rated services, notably already regulated in Slovenia, the Netherlands and Norway, and Specialised Services. It may require the revision of the 2012 Dutch/Slovenian and 2014 Finland laws, but will take direct effect more rapidly than the other 25 Member States’ national regulatory debate otherwise promised.

There can be no conclusion nor summary to a chapter examining a law as half-baked as this one. The European ‘Open Internet’ (sic) law is a messy compromise, and I already consider the Regulation as a sort of Internet version of the Treaty of Versailles, heralding the next war rather than settling this one. The 2016 Guidelines will be the first opportunity to make sense of the Regulation, and the 2019 review the opportunity to codify some workable definitions. Until then, net neutrality will be a vague promise rather than a guarantee for Internet users in Europe.