European Parliament failure to protect net neutrality 'threatens encryption', says Berners-Lee
New internet laws agreed by the European Parliament today have been branded as a threat to encryption by campaigners including British world wide web inventor Sir Tim Berners-Lee.
European Parliament rejected law changes that would have "guaranteed net neutrality"
MEPs today decided by 500 votes to 163 to reject crucial changes to the Single Telecom Market law that were designed to guarantee ‘net neutrality'. According to campaigners including Sir Tim, that failure to toughen up the law means we could see internet traffic treated differently – with online ‘fast' lanes for content like corporate data and ‘slow' lanes for more ordinary traffic.
Berners-Lee has warned that such ‘economic discrimination' threatens privacy and encryption. In an appeal yesterday ahead of the vote, he said the existing proposed law “allows internet service providers (ISPs) to define classes of services, and speed up or slow down traffic in those classes, even in the absence of congestion. As well as harming competition, this discourages encryption - many ISPs lump all encrypted services together in a single class, and throttle that class.”
Sir Tim called on MEPs to ban this “class-based discrimination to protect users, competition, privacy and innovation online”. But according to Paris-based internet rights campaign group La Quadrature du Net, they have now failed to do so.
A spokesperson for the group told SCMagazineUK.com: “All the amendments have been rejected, the text as it is has been preserved. That means it is very weak, it lacks definition of net neutrality – it doesn't even have 'net neutrality' in the text, so how can it protect it? In the big picture, this does not ensure net neutrality.”
The spokesperson said MEPs were under pressure from the European Commission and European Council to keep the existing text and avoid delay.
Sir Tim Berners-Lee was joined in his appeal to strengthen the law by a group of over 50 leading tech firms and investors – including BitTorrent, Netflix, Reddit, TechHub, Tumblr and Vimeo – which wanted Europe to adopt the same strong protection for net neutrality as the US agreed in June, as reported by SC US earlier this week.
Echoing Sir Tim's warning, the coalition said in an open letter to the European Parliament ahead of the vote: “Class-based discrimination allows ISPs to define classes and speed up or slow down traffic in those specified classes, even if there is no network congestion. This discrimination distorts competition, stifles innovation, harms users, and hurts providers who encrypt traffic by putting all encrypted traffic in the slow lane.”
The group added: “We believe the US provides a strong framework to keep the internet free and open. It provides bright line rules to prohibit ISPs from creating online fast lanes by charging websites to deliver traffic to their users. We want all companies around the world to enjoy the same protections.”
Andy Heather, EMEA data security vice president at Hewlett-Packard Enterprise, said his company shares Sir Tim's belief in the need for encryption to protect sensitive information.
He told SCMagazineUK.com via email: “Strong encryption that actually protects the data wherever it may reside will be a crucial part on the future development of the web. As Sir Tim points out, ISPs that attempt to deliver services by defining classes could have a detrimental effect for users wanting to have access to much-needed encryption capability.”
In a statement to journalists, La Quadrature du Net said: “Despite numerous citizens' calls, despite repeated international calls to support the amendments, including Tim Berners-Lee's, this ambiguous text leaves important loopholes and cannot ensure net neutrality. Worst, it allows commercial discrimination. It is a profound disillusion for all those who, throughout the years, battled to ensure net neutrality in Europe.
“The adopted text doesn't include a clear definition of net neutrality, leaving non-marginal room for manoeuvre to the European regulator to establish guidelines applicable in Member States. Regulators must, without further delay, elaborate clear rules strongly upholding net neutrality principles. The risk that they leave an open wide way allowing telcos to abuse their dominant position is high.”
Commenting on the vote, UK cyber-security expert John Walker, visiting professor at Nottingham Trent University and director of the security consultancy Hexforensics, said the whole area of internet regulation and security in the EU remains unclear.
He told SC: “I think the whole conversation has got a bit confused. It started off saying net neutrality was about security and privacy, an open internet versus a closed internet, but we seem to have gone down this line of getting into a commercial debate now – if we don't have neutrality then we‘ve got a commercial opportunity.
“Is this about the openness of an internet in which we all can do what we want, whenever we choose? Or is it about the big-name bandwidth owners choosing to pocket another fast buck, but creating toll superhighways over which we can travel at cost? Or is it about securing the internet, and granting the required set of powers to law enforcement agencies – at this time I am still unsure what we are really discussing.”
Sir Tim Berners-Lee is director of the World Wide Web Consortium (W3C) internet standards body and founding director of the Web Foundation, dedicated to “letting the web serve humanity”.