European Union Threatens To Surpass The United States In Regulation Of Internet Commerce

Wednesday, June 1, 2005 - 01:00
Vito A. Costanzo

Opposition to the Iraq War by Europeans was derided by U.S. Secretary of Defense Donald Rumsfeld as an outdated reaction, having its roots in "Old Europe." Despite support from several European governments, European citizens in general were strongly opposed to the war. Such common European principles are in part the result of the strong European identity developing in European Union (EU) countries.

This recent example of European unity is anything but old-fashioned. In fact, the EU is stronger than ever. With last year's expansion, adding 10 new member states, the European Union now threatens to rival the United States in economic power and influence. The EU is attempting to exert its newfound power in various ways, including through increased regulation of Internet commerce. These new regulations may have a profound impact on the way U.S. companies will do business over the Internet. This article examines the scope of EU regulations of technology and the Internet and the impact that such regulations are likely to have on U.S. companies doing business overseas and on the Internet.

Description Of The EU

The idea of a common European organization was first proposed on May 9, 1950, by French Foreign Minister Robert Schuman, who wished to integrate the coal and steel industries of Western European nations. May 9 is now celebrated as "Europe Day" in EU countries, marking the roots of the EU's ascent in the world economy. The six original member countries, Belgium, Germany, France, Italy, Luxembourg and the Netherlands, expanded their cooperation in 1957 with the Treaty of Rome, which established the European Economic Community. The European Union was formally created by the Treaty of Maastricht in 1992. With the addition of ten new countries in 2004, membership in the EU has grown to 25 countries, including both "Old Europe" and "New Europe." The population of the EU now exceeds that of the U.S., while its gross domestic product is roughly equal to that of the U.S. Negotiations are now underway for Romania, Bulgaria and Turkey to join the EU. In 2006, the EU will introduce its ".eu" top level domain name, in a step designed to further develop European unity.

Although the EU is not intended to replace the governments of its member states, its member states have conceded certain governing functions to the EU. There are five key EU bodies that perform these functions:

1. The European Parliament, the membership of which is elected by votes in the member states

2. The Council of the European Union

3. The European Commission

4. The Court of Justices

5. The Court of Auditors

These entities unify the EU's decision-making processes and steer the EU's actions in the world economy. With this increased organization, the EU has been able to expand its market power and influence over world economics. The concept of a common European market became more real in the 1990s with the elimination of passport and customs check points between member countries, the adoption of a single currency in 2002 and the addition of ten new member states in 2004.

EU Internet Regulations

Among the many areas where the EU seeks to assert its influence, regulation of commerce over the Internet is arguably one of the most important. There are instances in which the U.S. and EU employ similar approaches to regulation of the Internet, such as the notice and take-down procedures employed by both entities to remove content on the Internet that violates copyrights. However, the EU's policies have diverged from those of the U.S. in certain key areas that affect the Internet. For example, the EU has placed a great deal of emphasis on non-economic values, such as privacy, while the U.S. takes a very pro-business approach toward Internet business. The result has been that the EU often diverges from the United States in important matters related to Internet commerce.

The Internet began primarily with English language content directed toward the U.S. As the content available in other languages has increased, the EU has become interested in the impact of the Internet on its member states. For example, the EU has exhibited an interest in protection against unsolicited communications over the Internet. As a result, the EU may ultimately play a larger role than the United States in the prohibition of "cookies" and unsolicited commercial e-mail, or "spam," on the Web.

"Cookies" are small data files that are saved on the hard drives of Internet users who access Web sites. The cookies are used to store useful information, such as user names, passwords and preferences, making it easier to access and utilize the Web site in the future. Cookies are commonly used to collect information that many Internet users consider to be private, such as names, e-mail addresses, home addresses, telephone numbers and other Internet sites visited. Many on-line stores operating in the U.S. make use of cookies to facilitate sales with repeat customers.

In 2003, the European Parliament approved its Directive on Privacy and Electronic Communications which requires the recipient's explicit consent to receive unsolicited commercial e-mail, i.e, spam. This "opt in" replaces the former "opt out" policy in use in most EU countries and is more restrictive than U.S. law. The "opt in" requirement does not apply to existing customers whose contact information was obtained during the sale or negotiations of a product or service, or where the sender is advertising products or services similar to those already purchased.

The directive also prohibits the use of cookies unless Internet users opt in by providing explicit consent. Otherwise, the use of cookies is banned due to privacy considerations.

The EU's new policies arise out of the view that Internet users' privacy rights are of paramount importance. See, EU Directive No. 95/46/EC (October 24, 1995), which describes privacy as a "fundamental right."

In February of 2004, the European Commissioner for Information Services, Erkii Liikanen, announced a system of fines designed to discourage the use of spam and cookies within the EU. He is encouraging member states to enact national enforcement measures imposing fines against violators and specific avenues to lodge complaints. For example, France and Belgium have established experimental "spam boxes," to which Internet users may forward spam e-mail. Germany has considered legislation that would impose criminal penalties for spammers. Mr. Liikanen is also looking into the establishment of international dispute resolution forums within the EU.

However, many EU countries have yet to enact specific enforcement procedures with regard to junk e-mail. Member states were given until October 2003 to enact legislation allowing spam to be sent only to those who opt in. However, the majority of the EU member countries have yet to enact national legislation.

The EU Commissioner is critical of U.S. law, which allows spammers to send e-mail to an Internet user at least once, provided that a means to opt out is provided within the e-mail. In Liikanen's words, "the opt out solution just doesn't work."

U.S. business may also have to contend with sales taxes applicable to transactions between Europeans and on-line stores. The EU recently approved a recommendation by the Council of Europe (COE) to tax sales over the Internet. The COE also recently recommended a law that would require news sites to allow a right of reply to any person or entity mentioned in an on-line news story.

These new EU policies will have major implications for businesses operating on the Internet, many of which are American. The conflict between U.S. and EU law means that businesses operating from the U.S. will have to comply with EU laws if any of the recipients of their content are located in the EU.

U.S. Criticism Of The EU Database Directive

Another area of divergence between the United States and the EU involves protection of digital databases. The EU Database Directive, first passed in 1996, has been criticized by U.S. scientists on the ground that it is overly protective and thus, prohibits the unfettered dissemination of scientific information.

The basis of criticism of the EU directive is that its fair use exception is not mandatory. Consequently, the EU member states may choose to delete the provision that allows use of extracts of databases for purposes of illustration, teaching or scientific research. In fact, both France and Italy have chosen not to enact the fair use aspect of the directive. Furthermore, the directive has been criticized on the ground that its protections may run indefinitely, which would also run counter to U.S. law.

The EU's Database Directive is especially important because the EU will not grant protection to databases owned by non-EU individuals or entities unless their home countries adopt similar laws.1 This strategy has caused a great deal of criticism from the U.S.

However, the EU's effort to offer greater protection to databases may provide a more workable alternative to U.S. law in this era of easy access to and copying of information over the Internet. The ease with which one may access and duplicate databases over the Internet arguably justifies the greater protections to databases provided by EU countries.

As with the use of spam and cookies, the EU's Database Directive provides another example of the EU on the leading edge of using legislation to balance competing interests over the Internet. The U.S., once again, may be forced to react to developments in the EU.

It is likely that, as EU regulations continue to collide with U.S. laws involving the Internet, the EU will continue to be viewed as an important influence over electronic commerce. U.S. companies doing business in Europe must adjust to contend with the divergent laws applicable to the Internet at home and in the EU.

Vito A. Costanzo is a Partner in the Litigation Department of the Los Angeles office of Holland & Knight LLP. He can be reached at (213) 896-2409.

Please email the author at with questions about this article