September 2004

European Union Threatens to Surpass The United States in Regulation of Internet Commerce

Holland & Knight Newsletter
Vito A. Costanzo

The United Nations is not the only forum where Europeans have sought to challenge the United States. With its recent expansion that added 10 new member states, the European Union (EU) threatens to rival the United States in economic power and influence. The EU is attempting to exert its new found power in various ways, including through increased regulation of Internet commerce. These new regulations may have a profound impact on the way that U.S. companies will do business over the Internet. This article examines the scope of EU regulations of technology and the Internet as well as the impact that such regulations are likely to have on U.S. companies doing business overseas and on the Internet.

Description of the EU

The idea of a common European organization was first proposed on May 9, 1950 by French Foreign Minister Robert Schuman, who wished to integrate the coal and steel industries of Western European nations. May 9 is now celebrated as “Europe Day” in EU countries. The six member countries, which consisted of Belgium, Germany, France, Italy, Luxembourg and the Netherlands, then expanded their cooperation in 1957 with the Treaty of Rome, which established the European Economic Community. The EU was formally created by the Treaty of Maastricht in 1992. With the addition of ten new countries this year, membership in the EU has swelled to 25 countries.

Although the EU is not intended to replace the governments of its member states, there are five key EU bodies that govern its affairs:

  • The European Parliament, the membership of which is elected by votes in the member states, a Council of the European Union
  • The Council of the European Union
  • The European Commission
  • The Court of Justices
  • The Court of Auditors

As the EU becomes more organized, its market power and influence over world economics becomes more pronounced. The concept of a common European market became more real in the 1990s with the elimination of passport and customs check points between member countries, the adoption of a single currency in 2002 and the addition of ten new member states in 2004.

EU Internet Regulations

Among the many areas where the EU seeks to assert its influence, regulation of commerce over the Internet is arguably one of the most important. This is because the EU has placed a great deal of emphasis on non-economic values, such as privacy. The result has been that the EU often diverges from the United States in matters related to Internet commerce.

The EU may ultimately play a larger role than the United States in the prohibition of “cookies” and unsolicited commercial e-mail, or spam, on the Web. Cookies are small data files that are saved on the hard drives of Internet users who access Web sites. The cookies are used to store useful information, such as user names, passwords and preferences, making it easier to access and utilize the Web site in the future. Cookies are commonly used to collect information that many Internet users consider to be private, such as names, e-mail addresses, home addresses, telephone numbers and other Internet sites visited.

Last year, the European Parliament approved its Directive on Privacy and Electronic Communications which requires the recipient’s explicit consent to receive commercial e-mail, i.e., spam. This “opt in” replaces the former “opt out” policy in use in most EU countries and is more restrictive than U.S. law. The “opt in” requirement does not apply to existing customers whose contact information was obtained during the sale or negotiations for the sale of a product or service or where the sender is advertising products or services similar to those already purchased.

The directive also prohibits the use of cookies unless Internet users opt in by providing explicit consent. Otherwise, the use of cookies is banned due to privacy considerations.

The EU’s new policies arise out of the view that Internet users’ privacy rights are of paramount importance. See, EU Directive No. 95/46/EC (October 24, 1995), which describes privacy as a “fundamental right.”

In February of this year, the European Commissioner for Information Services, Erkii Liikanen, announced a system of fines designed to discourage the use of spam and cookies within the EU. He is encouraging member states to enact national enforcement measures imposing fines against violators and specific avenues to lodge complaints. For example, France and Belgium have established experimental “spam boxes,” to which Internet users may forward spam e-mail. Mr. Liikanen is also looking into the establishment of international dispute resolution forums within the EU.

However, many EU countries have yet to enact specific enforcement procedures with regard to junk e-mail. Member states were given until October 2003 to enact legislation allowing spam to be sent only to those who opt in. However, the majority of the EU member countries have yet to enact their own national legislation.

The EU Commissioner is critical of U.S. law, which allows spammers to send e-mail to an Internet user at least once, provided that a means to opt out is provided within the e-mail. In Liikanen’s words, “the opt out solution just doesn’t work.”

The EU’s new policies have major implications for senders of spam, many of whom are in the U.S. The conflict between U.S. and EU law means that senders of spam from the U.S. will have to comply with EU laws if any of the recipients of their e-mails are located in the EU.

U.S. Criticism of the EU Database Directive

Another area of divergence between the United States and the EU involves protection of digital databases. The EU database directive, first passed in 1996, has been criticized by U.S. scientists on the ground that it is overly protective, and thus prohibits the free dissemination of scientific information.

The basis of criticism of the EU directive is that its fair use exception is not mandatory. Consequently, the EU member states may chose to delete the provision that allows use of extracts of databases for purposes of illustration, teaching or scientific research. In fact, both France and Italy have chosen not to enact the fair use aspect of the directive. The directive has also been criticized on the ground that its protections may run indefinitely, which would also run counter to U.S. law.

The EU’s database directive is especially important because the EU will not grant protection to databases owned by non-EU individuals or entities unless their home countries adopt similar laws.[1] This strategy has caused a great deal of criticism from the U.S.

However, the EU’s effort to offer greater protection to databases may provide a more workable alternative to U.S. law in this era of easy access to and copying of information over the Internet. The ease with which one may access and duplicate databases over the Internet arguably justifies the greater protections to databases provided by EU countries.

As with the use of spam and cookies, the EU’s database directive provides another example of how the EU is on the leading edge of using legislation to balance competing interests over the Internet. It is likely that, as EU regulations repeatedly collide with U.S. laws involving the Internet, the EU will continue to be viewed as an important influence over electronic commerce.

1. The leading U.S. case involving database protection is Feist Publications, Inc. v. Rural Telephone Service Co., 499 U.S. 340 (1991).

Related Insights