Hostname: page-component-cd9895bd7-dk4vv Total loading time: 0 Render date: 2024-12-23T02:16:09.093Z Has data issue: false hasContentIssue false

European Union and the Right to Open Internet: To Boldly go where no One has Gone before

Published online by Cambridge University Press:  22 March 2023

Rights & Permissions [Opens in a new window]

Abstract

The discussion of the need to establish a ‘right to the internet’, ongoing now for over thirty years, has not brought about a clear resolution. Despite the growing importance of online services to both the economy and social life, there is no consensus on the limits of such a right, nor on the need to define it at all—not to mention controversy over its inclusion in the catalogue of fundamental rights.

However, the discussion about the right to internet access in the context of the EU legal system now seems obsolete. This is so, because—not through the direct modernisation of the Charter of Fundamental Rights but as part of new telecommunications legislation—a new subjective right, called the right to open internet, has emerged.

The aim of this Article is to clarify the content of this right and its relationship to the principle of network neutrality. Against this background, recent judgments of the Court of Justice will be examined and discussed. Although closely related to the telecommunications market, these judgments may serve as a starting point for further discussion on the meaning of the right to open internet in the EU legal system, including its relation to the protection of human rights.

Type
Research Article
Creative Commons
Creative Common License - CCCreative Common License - BY
This is an Open Access article, distributed under the terms of the Creative Commons Attribution licence (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted re-use, distribution and reproduction, provided the original article is properly cited.
Copyright
Copyright © The Author(s), 2023. Published by Cambridge University Press on behalf of Centre for European Legal Studies, Faculty of Law, University of Cambridge

I. INTRODUCTION

For many years, the European Union has supported the transformation of the economy and the creation of a friendly regulatory environment for initiatives related to its digitisation. In its 2021 strategy, the European Commission defined four main directions for the development of the EU in the current decade, among them increasing the digital competence of society, the transformation of enterprise, and the digitisation of public services.Footnote 1

Ambitious public policy goals are also reflected in legislative work the EU has undertaken. In 2020, the European Commission presented a whole series of legal proposals for reforming the EU framework for digital services, in place for the last two decades.Footnote 2 This was followed by the introduction of a draft AI Regulation in April 2021—a new piece of legislation aimed at establishing common rules for the design and implementation of state-of-the-art algorithmic systems.Footnote 3 It is worth noting that the AI Regulation is going to be the first such comprehensive act of this kind in the world. The new legislative initiatives also confirm the EU's leading role in setting international standards for the protection of fundamental rights in cyberspace.Footnote 4

The announcement of the European Union's new Digital Strategy came during the fight against the coronavirus pandemic. As a result, conducting the digital transformation while paying special attention to the needs and expectations of the individual gained additional significance. For a considerable part of the population, the use of many types of services during the pandemic—including public ones—has only been possible through electronic means. Health care, education, and even meetings with friends have taken place using online services. On the one hand, this has led to the dynamic development of a range of online services but, on the other hand, has also highlighted the risks associated with the digital exclusion of a significant part of the society.Footnote 5

Since the 1990s there have been lively discussions on whether the internet per se and the services provided through it require a specific form of legal regulation;Footnote 6 in particular whether it is merely a new form of communication, ie one of the many that humanity has developed in its history.Footnote 7 An increasing number of researchers have pointed out that cyberspace is not only a means of communication but also a way of building interpersonal relationships, and thus a phenomenon affecting the functioning of entire societies.Footnote 8 It seems that the question of whether the digital economy needs a new digital law is still regarded by many as unresolved, as demonstrated by the ongoing discussion on the need to introduce a new right into the catalogue of fundamental rights, called the ‘right to internet access’.

In implementing a bold programme for the digitalisation of society, the European Union cannot ignore this issue—it is difficult to expect that the objectives of the Digital Strategy can be met without simultaneously ensuring that individuals can use modern digital services. This problem has been recognised and partially addressed by Regulation 2015/2120 (Open Internet Regulation),Footnote 9 which establishes specific rules for the provision of internet access services within the EU. Though the introduction of the Regulation did not receive widespread public attention, the act defines important guarantees—and consequently, obligations—affecting the exercise of rights and freedoms in cyberspace. For many, the Regulation was viewed as just part of the EU telecommunications regulatory framework, ie a piece of legislation of mainly sectoral importance and thus having no impact on the protection of basic rights.

However, the purpose of the regulation is not so much to establish a ’right to internet access’ throughout the European Union, but to ensure that telecommunications service providers' practices do not restrict users from freely accessing information and that they do not introduce anti-competitive practices. As a result, the Open Internet Regulation deals more with the concept of net neutrality—and hence with the right to an open internet—than with conceptualising the right to internet access.

In recent years interpretation of the rights laid down in the Regulation has been the subject of a series of rulings by the Court of Justice. While the cases before the Court have, in fact, dealt with a very specific issue relating to the application of the EU telecoms framework, the interpretation provided clarifies how the right to open internet should be understood.

The aim of this Article is to discuss the content and scope of the right to open internet, as well as the purpose of its possible inclusion in the catalogue of fundamental rights. To this end, in the first section the ambiguities related to the right of internet access will be discussed. Although both concepts—namely the right to internet access and the right to open internet—were developed independently, it is impossible to fully understand the importance of open internet without first presenting a discussion about the right to internet access. Only then can the genesis of the right to open internet and its relation to the principle of net neutrality be properly explained. The regulatory model introduced by the Open Internet Regulation and the interpretation of the open internet provided by the Court of Justice will then be discussed. These analyses will make it possible to present conclusions regarding the future of the right to open internet in the EU legal model—in particular the legitimacy of recognizing it as a fundamental right.

II. CONTROVERSIES REGARDING THE RIGHT TO INTERNET ACCESS

Discussion on the essence of the right to open internet should begin by referring to another proposed right that has been discussed over the years—namely the right to internet access. The relationship between these two concepts seems to be strict: the lack of recognition of a right to access the internet de facto eliminates the need to discuss the inclusion of the right to open internet in the catalogue of fundamental rights. Access to the internet obviously is a necessary condition to the free use of it: What would be the purpose of the legal protection of net neutrality if public authorities could arbitrarily control the Internet access itself?

Moreover, in the case of both the right to internet access and the right to open internet, similar problems need to be addressed: First of all the very existence of this right, its nature (whether it is an independent right) and its relationship to the system of subjective rights (in particular, whether it should be included among fundamental rights). It is astonishing that in the case of a right to internet access, experts in the field have been unable to reach consensus on any of these issues.

The argument that there is no need to recognise a right of internet access has endured for years. In his famous article, Vinton Cerf stated that ‘technology is an enabler of rights, not a right itself”.Footnote 10 In doing so, he favoured the internet as a communication medium, and the ability to access it as a manifestation of other rights and freedoms—such as freedom of speech. This is an oft-repeated argument, with its proponents usually pointing out that no other analogous rights, such as ‘the right to a telephone’, have been established in history.Footnote 11 However, the fact that both the United States and the European Union have had mechanisms in place for years that guarantee access to a so-called universal service, makes such examples erroneous. The aim of introducing such guarantees was precisely to protect individuals from the risk of technological exclusion, as well as enable them to benefit from advantages associated with technological progress. While universal service per se is not an individual right, given the purpose of the regulations establishing it and the manner in which it is guaranteed (in the case of the EU, through public regulatory measures), one can justifiably call it ‘the right to a telephone’.

Nevertheless, Cerf's argument requires a more detailed analysis. Does the fact that the internet is a ‘technology enabler’ preclude access to it as a subjective right? Indeed, it seems that the reasoning presented by Cerf should be read differently: the right to access the internet is unnecessary because such a right is already guaranteed by the legal system. In other words, the right to access the internet de facto exists in current guarantees, such as freedom of communication or the right to information. Such a conclusion would also explain why it is so difficult to define: if the right to access the internet only supports the implementation of other rights, there is, in fact, no value in the protection for which its establishment would be necessary.

In the same way, however, it can be argued that there is no need to introduce many other subjective rights, including those nowadays categorised as fundamental ones. For many years data protection was treated solely as a component of the right to privacy.Footnote 12 Even today, in many legal systems, guarantees for data protection are derived exclusively from the protection of privacy.Footnote 13 In a large number of countries, data protection is not a fundamental right at all.Footnote 14 So, can technological developments alone give rise to new subjective rights? With regard to the EU data protection model, this has been the case. The scope and importance of automated data processing in information systems has led both the EU legislature and the courts (including the Court of Justice for the European Union (‘CJEU’) and Member States’ constitutional courts) to recognise the need for more effective protection of individual rights, thus confirming that the right to privacy is not sufficient in itself to provide adequate protection and that new guarantees need to be derived in this area. Today, in the EU legal order, the protection of privacy and the protection of personal data are two different and independent subjective rights.Footnote 15

A separate issue is the problem of whether internet access should be recognised as a fundamental right.Footnote 16 The post-war system of human rights was built on the conviction that there is a core set of basic rights that should be universally protected. Hence, the first generation of rights that was enshrined in the international human rights system focused on the protection of fundamental freedoms and liberties—such as the right to life, prohibition of degrading treatment, freedom of expression, and protection of privacy. Thinking of human rights in terms of inherent rights (and thus belonging to the individual regardless of the will of the political power) seems to stand in the way of including in this category the right of access to a specific technology. Bearing this in mind, it would be difficult to expand the catalogue of human rights in a way that went beyond the most important guarantees of personal freedom and security.

The Charter of Fundamental Rights lists a number of rights, freedoms, and principles that are not to be found in the constitutional provisions of not only third countries but also EU Member States.Footnote 17 It would therefore seem that, when thinking about rights, one cannot lose sight of the values and objectives shared in a given society. The fact that, even among democratic countries, the mere existence or scope of application of certain rights is debated (such as the right to data protection or the right to access public information, mentioned above) should not lead to the conclusion that these rights are essential in all other societies and different models of governance. Therefore, it seems that discussion on the inclusion—or not—of internet access in the catalogue of fundamental rights should not be based on the assumption that norms of natural law are the only source of fundamental rights and freedoms.Footnote 18

In the European legal order, the meaning and limits of fundamental rights are subject to the interpretation of not only constitutional courts but also European courts—in particular the European Court of Human Rights. The Court has for years stressed in its jurisprudence that the prime condition for the recognition of a new individual right and its incorporation into the body of other rights guaranteed by the Convention is the readiness of other countries to ensure its protection in their own legal systems.Footnote 19 In this way, the European model of human rights protection has evolved through the search for common values recognised by democratic societies. For this reason, the Court has in the past been critical of attempts to derive from the provisions of the European Convention such rights as, for example, the right to abortion,Footnote 20 the right to be a biological parent,Footnote 21 and the right to enter into same-sex marriages.Footnote 22

Reaching consensus in the discussion on whether a right to internet access should actually exist, and if so to what extent, therefore requires first of all establishing whether European societies recognise the need for such a right. Only some Member States have constitutional provisions containing an explicit reference to rights relating to the development of the information society.Footnote 23 However, changing trends in this area may have been signalled by the successive judgments of constitutional courts acknowledging the existence of a right to internet access and recognising it as a fundamental right. An example is the 2009 ruling of the French Constitutional Council (Conseil Constitutionnel), which recognised that the right to information also implied freedom of access to publicly available online services.Footnote 24 Similar rulings have also been made in other Member States.Footnote 25 However, it cannot yet be considered an established standard that would make it possible to ascertain the precise scope of the right to internet access.

At the same time, when discussing the need to establish the right to internet access one should not lose sight of the social and economic differences between different regions of the world. Respect for the right to internet access should be linked, first of all, with the obligation to provide this access to the public. Although from the perspective of the European or American telecommunications market this access is in practice already guaranteed today, this is not the case in many other regions of the world. It is difficult to talk about a universal nature of this right in a situation where a significant part of the population lives in regions at risk of poverty and with limited access to basic media or public services.

Moreover, the discussion on the existence of a right to internet access is not directly related to the manner of using online services, in particular to guarantees related to the lack of interference with access to specific content. It turns out, therefore, that from the perspective of developed telecommunications markets—such as the EU's—a discussion about rights related to access to online content is more necessary than the right to use the Internet itself.

III. FROM NETWORK NEUTRALITY TO THE RIGHT OF INDIVIDUALS

The technological transformations which took place in the first decade of the twenty-first century enabled telecommunications operators to implement innovative mechanisms of bandwidth management. It became possible, among other things, to prioritise particular types of transmission, and to also impose restrictions on available bandwidth or even block certain types of services. As a result, telecommunications operators began to commercialise these possibilities—for example, by entering into agreements with providers of streaming media, on the basis of which they guaranteed an appropriate quality of service to end-users.Footnote 26 Using the same technical capabilities, they then began to hinder (or prevent) the use of certain modern services, such as Voice over Internet Protocol (‘VoIP’), only because they threatened traditional voice services. Traffic management mechanisms thus became not only a tool for ensuring the correct operation of a telecommunications network, but also a means of implementing the commercial policies of service providers—which had to be considered also in the context of anti-competitive practices.Footnote 27

This problem was recognised by EU institutions working to reform the regulatory framework for electronic communication networks and services. As a result, the telecom regulatory model was supplemented by the introduction of an obligation requiring national supervisory authorities to ‘promote the ability of end-users to access and distribute information or run applications and services of their choice’.Footnote 28 Thus, for the first time, there was a direct reference in a legally binding act to the need to ensure the freedom of individuals in how they used electronic communications services. However, this standard only affected the practices of regulators; it did not create any obligations on the part of service providers, and nor was it the basis for formulating end-user rights.

At the same time, the Commission, in its declaration accompanying the text of Directive 2009/140, emphasised the importance of ensuring an open and neutral internet by pointing to the need to ‘enshrine net neutrality as a policy objective and regulatory principle to be promoted by national regulatory authorities’.Footnote 29 While the Commission's declaration clearly signalled its intention to undertake further legislative work, it did not provide a definition of the term ‘net neutrality’, and nor did it explain how net neutrality was supposed to differ from the principle of an open internet.

Neither were such definitions provided in the Commission's Communication ‘The Open Internet and Net Neutrality in Europe’, published in 2011,Footnote 30 which formed the basis for discussion over the following years, ultimately leading to the development and adoption of the Open Internet Regulation. In its position paper, the Commission emphasised the need to take into account in the debate on net neutrality the preservation of the principle of openness while respecting fundamental rights, and to avoid solutions that constituted a barrier to the development of innovative services.Footnote 31 At the same time, however, it indicated that achieving this objective did not require the adoption of new legal regulations.

The problem with a lack of a precise definition of the terms used was noticed by the Body of European Regulators for Electronic Communications (‘BEREC’), whose analysis proposed that the term ‘net neutrality’ should be understood as a state in which ‘all electronic communication passing through a network is treated equally’,Footnote 32 whereby equal treatment should be understood as prohibiting discrimination on the basis of content, the application, service, or device used, as well as the address of the sender and receiver of the transmission.

Net neutrality was supposed to ensure that users would be able to take full advantage of the benefits of modern technology and would not be limited by arbitrary decisions made by the service provider. Nonetheless, one must not lose sight of the fact that the way telecommunication services are provided requires decisions related to the management of network capacity and efficiency, which, from the perspective of end user, may be perceived as restricting the ability to freely use online services. Examples include temporarily imposed restrictions on the use of certain types of protocols (eg P2P) or services (eg video streaming) intended to protect the stability of services provided to all users. Such practices, in order not to lead to suspicion of anti-competitive behaviour, must be transparent, non-discriminatory and applied in well-defined situations.

Similar conclusions were reached by the US Federal Communications Commission (‘FCC’), which, in parallel to the EU, developed its own regulations aimed at promoting the idea of a free and open internet (the so-called Open Internet Order of 2010).Footnote 33 The FCC recommendations were based on four main principles: transparency; no blocking; no unreasonable discrimination; and reasonable network management.Footnote 34 Although the aim of the principles established by the FCC was similar to those discussed in the EU, the different nature of the measures adopted to achieve them is noteworthy. Obligations to respect the principle of an open internet were not introduced in statutory law but through binding recommendations issued by the regulatory authority.Footnote 35 These recommendations were therefore addressed only to a group of supervised entities. Telecommunication operators questioned whether the regulator could impose such far-reaching restrictions on their activities based on the powers it had. In subsequent cases, federal courts held that the FCC had exceeded the scope of its authority, a decision which limited the actual impact of the rules established on the functioning of the US telecommunications market.Footnote 36

The scope of the net neutrality principle remains a topical issue in US federal regulatory policy for telecommunications markets. It should be noted that the FCC issued a new Open Internet Order in 2015,Footnote 37 which was then revoked in 2017 under President Trump's administration. As a result, until recently, telecommunication companies were not obliged to treat all internet traffic equally.Footnote 38 However, President Biden's administration is currently leading efforts to restore net neutrality as part of the FCC's regulatory policy.Footnote 39 Separately, it is also worth taking note of legislative work which, if successful, will result in stronger legal mechanisms related to the prohibition of traffic discrimination in the United States.Footnote 40

The activities of both EU and US institutions can be perceived as part of a broader discussion on the permissibility of various forms of traffic discrimination and the importance of the principle of net neutrality that has been taking place among regulators around the world.Footnote 41

Against this background, the relationship between the concepts of ‘net neutrality’ and ‘open internet’ needs to be clarified—in particular whether they can be considered synonymous. As a rule, the principle of net neutrality should be associated with treating all traffic in a non-discriminatory way (without unjustified promotion or restriction of particular types of transmission). On the other hand, according to the open internet concept, the end-user should be able to access all content and services online, without arbitrary restrictions introduced by the third parties. In this understanding, technological neutrality is a necessary yet not sufficient condition for ensuring the openness of the internet. The latter concept has a broader meaning, as it also includes practices applied by other providers of digital services (in particular—content providers) and producers of consumer devices (eg vendor lock-in as a design feature preventing the use of applications or services of third parties) as well as content filtering measures applied by public entities.

In practice, however, the term ‘open internet’ is used as a synonym for net neutrality. Therefore, although the stated goal of both US and European regulations is an open internet, these regulations focus on ensuring net neutrality.

IV. EU'S OPEN INTERNET REGULATION

In the case of European regulations, the net neutrality rules have been based not on decisions by regulators made according to existing laws (as in the US model) but on a new piece of legislation detailing the regulatory framework for the telecommunications market.

The EU legislature decided to set out these rules in a directly applicable regulation that did not require transposition into national law.Footnote 42 This was all the more important as the most important telecom rules are typically adopted in the form of directives,Footnote 43 which gives Member States freedom in the choice of forms and methods necessary to achieve the legislation's aims. The choice of a regulation to introduce the principle of open internet resulted from the belief that only harmonised rules of conduct applied uniformly across the internal market could prevent the adoption of divergent national solutions.

Open Internet Regulation pursues two objectives: firstly, ensuring access to an open internet (understood as respecting the principle of net neutrality); and secondly, protecting end-users rights.Footnote 44 The subject of the Regulation is therefore the internet access service, and the obliged entity its providers, providing services to end-users. However, the aim of the Regulation is not to establish the ‘right to the internet’ understood as an obligation to provide end-users with access to the network. Therefore, the rights guaranteed by the Regulation do not modify (let alone replace) universal service laws.

The Regulation does, however, introduce in Article 3(1) the right of access to an open internet, understood as ‘the right to access and distribute information and content’, regardless of the application used, the location of the end-user's device or the source and destination of the transmission. The entitled persons are end-users, ie all users (not only consumers) using electronic communication services—including content or application providers. Thus, the right enshrined in the Regulation protects both the freedom of users to access the content they search for and the right to share it freely with others.

The broad scope of the definition adopted means that respect for the right guaranteed by the Regulation precludes telecommunications operators from implementing rules that discriminate against traffic on the basis of not only content or application but also the access device employed by the user. Lucas Lasota even defines free choice of terminal equipment as ‘a fundamental principle of net neutrality’, as it enables end-users to remain autonomous in their decisions regarding access to the internet, utilising devices they trust for security, privacy, and data protection.Footnote 45

Though the right is matched by an obligation to respect it, this extends only to internet access providers. The provisions of the Regulation—in particular its open internet access guarantees—do not establish any obligations incumbent upon other entities, including mobile apps developers.Footnote 46

In order to strengthen the guarantees introduced, the EU legislature has also established additional safeguards that prevent the limiting of, or in extreme cases completely excluding, the right to open internet. To this end, pursuant to Article 3(2) of the Regulation, contractual provisions agreed between the service provider and the user concerning financial and technical conditions of the services provided cannot restrict the exercise of the right to open internet. Neither may ‘any commercial practices’ applied by service providers have such an effect. This can therefore be deemed a mandatory rule, which excludes the introduction of contradictory regulations by way of freedom of contract.

In practice, the indiscriminate application of the right to open internet could conceivably hinder or even prevent the provision of certain types of modern online services. For this reason, the legislature has confirmed that the obligation to treat all transmissions equally does not preclude operators from establishing necessary traffic management measures. However, such measures must be ‘transparent, non-discriminatory and proportionate’ and must not be dictated by commercial policy.

The legal nature of the provisions regarding the right to open internet requires a separate discussion. Undoubtedly, they define a subjective right that, due to the way it has been established (by a legislative act defined in Article 289 of the TFEU), places it below both primary law (including the Charter of Fundamental Rights) and the general principles of law in the hierarchy of EU legal norms.Footnote 47 At the same time, however, in the legal systems of Member States, due to the principle of supremacy, it is placed above domestic law, including (still a controversial matter) constitutional law.Footnote 48 As a result, although the right to open internet is not enshrined per se in the Charter, from the perspective of Member States’ legal systems, it can be classified as a supra-statutory right.Footnote 49 In fact, it has a similar status to the right to data protection before the adoption of the Lisbon Treaty, when the principal source of EU regulation on personal data was Directive 95/46.

The introduction of guarantees to ensure an open internet has led to the strengthening of several fundamental rights established by the Charter, in particular the right to information and freedom of expression. At the same time, exercise of the right to open internet may result in the restriction of other rights that obliged entities have. One example is the freedom to conduct business, now prohibited from providing services in a manner contrary to the Regulation.

There is no doubt that the right to open internet is not an absolute right. At the same time, the EU legislature has prevented it being limited by the purely economic interest of the service provider. What is more, the compulsoriness of the Regulation's provisions means that even if a user and service provider mutually consent to it, the right cannot in any way be limited under the Regulation. It follows that the purpose of framing the right to open internet in this way is not only to protect individual service users, but also to safeguard the common good—which in this case is free access to and distribution of information in cyberspace. In this way, the right to open internet enshrined in EU law serves to strengthen pluralism of thought and opinion and to ensure that service providers, in pursuit of their own economic objectives, cannot arbitrarily shape the market for digital services and media.

V. NET NEUTRALITY AND OPEN INTERNET IN THE COURT OF JUSTICE CASE LAW

A. Internet Access with a ‘Zero Tariff’ Option

From the outset, work on Open Internet Regulation mainly considered its impact on the practices of telecommunications operators.Footnote 50 Although, according to the principle of network neutrality, unauthorised discrimination of traffic is inadmissible, establishing mechanisms for different treatment of traffic when necessary to ensure the proper operation of a telecommunications network has never been in question. However, this criterion has not always been sufficiently precise; hence, there has been some discussion about what types of practices can be deemed necessary, and therefore acceptable, and from whose perspective this necessity should be assessed.Footnote 51 A number of doubts about the new regulations have centred on how they relate to the realities of the wholesale market, as well as their impact on the development of services provided to digital service providers.

An example of this were services based on the so-called zero rate.Footnote 52 An inherent feature of such services is providing end-users with access to designated online services, without a data transmission limit. Zero rate services were offered in very different forms.Footnote 53 Some were additional services—independent of the internet access service—which users could activate for a fee. In other cases, zero-rated services were part of the internet access package offered. The offers also differed in how providers responded to users surpassing their agreed data limit. Usually, reaching the limit resulted in a reduction of bandwidth and therefore downloading/uploading speed. However, most operators offered zero-rate packages where data transfer incurred using certain e-services did not count against the package's overall data limit, and, even if the latter limit was exceeded, quality restrictions were not imposed on services included in the zero-tariff package. In this way, users had unlimited access to certain types of services (eg social networks or streaming media) without affecting their package's data limit.

What all zero-rate offers have in common is their commercial nature and the fact that the user has no influence over the list of services included in a package. This calls into question the compatibility of such commercial practice with the principle of net neutrality—in particular, the different treatment of certain types of transmission (preferential treatment for transmission related to services included in the zero-rate package). Such doubts have led to a series of preliminary questions being raised on the interpretation of rights and obligations established by Open Internet Regulation.

B. Court of Justice Interpretation

In its first case, the Court examined the zero-rate offer of Hungarian telecoms operator Telenor Magyarország Zrt. as part of its telecommunications contract with end-users.Footnote 54 The referring court sought to clarify the guarantees provided by the Regulation—in particular, whether it was compatible with EU law to establish discriminatory mechanisms aimed solely at a specific end-user, and with no adverse effect on other users.Footnote 55 In fact, the question sought to clarify ambiguities regarding the scope of eligible entities and the nature of the service provider's obligations under the Regulation.

The Court stated that Open Internet Regulation, in establishing the right to open internet, uses the term ‘end-user’, which has its legal definition in EU law.Footnote 56 This concept covers not only consumers, but any user of electronic communications services who is not themselves a telecommunications operator. An end-user is both the recipient of information (e.g. an individual user) and its sender. The group of end-users may therefore include information society services, such as social networking or media streaming platforms.Footnote 57 This suggests that the ban on commercial practices infringing the right to open internet should not be interpreted too narrowly. As the Court pointed out, the EU legislature has clearly indicated that commercial practices (plural) which may lead to discrimination against an end-user—understood as ‘any end-user’—are prohibited. The concept of commercial practices must therefore apply to all practices and not be limited to one specific contract. The aim of the legislature was to prevent a commercial policy from restricting users’ freedom to choose online services. The Court recognised that zero-rating might affect the rights of other users in two main ways. Firstly, it might adversely affect service providers whose services are not covered by a zero-rate offer. Secondly, it might also negatively affect recipients of the information—as the indiscriminate use of such offers might lead to a market design that limited users’ choice. In this regard, the Court pointed to the cumulative impact of zero-rating, which, as well as violating individual users’ rights, might also violate the very essence of the right to open internet.Footnote 58

In the Court's view, Open Internet Regulation precludes not only prohibited commercial practices or contractual terms, but also technical measures that have the effect of ‘blocking, slowing down, altering, restricting, interfering with, degrading or discriminating between specific content, applications or services’.Footnote 59 It therefore follows that any measures (apart from necessary traffic management measures) resulting in arbitrary discrimination between transmissions cannot be reconciled with the Regulation's provisions—regardless of whether and how this practice might affect end-users’ rights.Footnote 60 This interpretation leads to an important observation: Open Internet Regulation is the source of two distinct obligations imposed on internet service providers. The first, arising from Article 3(2), concerns respect for end-users’ right to a free internet, and is effected by the prohibition of contractual provisions and commercial policies that might infringe this right. The second, defined in Article 3(3), prohibits any unnecessary traffic discrimination measures, apart from very specific exceptions. Such restrictions thus respect the principle of net neutrality. As the Court found in the Telenor Magyarország case, the Hungarian operator's zero rating offers were incompatible with EU law because they violated both prohibitions. Furthermore, this incompatibility with the net neutrality principle pre-determined that the open-internet right had been violated, without any further need to decide if the right had actually been violated.

Consequently, any unlawful traffic discrimination by a telecoms operator—being incompatible with the principle of net neutrality—violates EU law. It is irrelevant whether a measure actually restricts the right to open internet. Such an interpretation also allows one to assess the validity of various zero rating offers: in fact, since they all apply unlawful traffic discrimination, and for commercial reasons, they must all be regarded as incompatible with EU law. It is irrelevant whether they are a separate element of an offer—independent of the basic internet access service—or an integral part of it. It is also irrelevant how diverse a range of online services are included in the bundle or whether access to the services included in the bundle is subject to quality restrictions once the data limit has been reached.

This position was confirmed by a series of judgments the Court of Justice handed down on 2 September 2021. In Vodafone v Germany, the Court held that the application of a zero-rate offer—in which domestic transfers relating to selected online services were not included in the data cap, whereas transfers relating to the same services while roaming were included in the cap—violated the principle of net neutrality and were therefore incompatible with EU law.Footnote 61 Another case considered whether traffic could be discriminated against on the basis of a user's device.Footnote 62 Here the operator was offering a package of zero-rated services where transfers to other devices belonging to the user (to which internet access was provided using tethering) did actually count towards the allocated data limit. In this case the Court also found that such practice was not compatible with EU law—the incompatibility stemming from traffic discrimination rules based on commercial consideration rather than technical aspects of telecommunication network management.Footnote 63 Similarly, the Court also found EU law to have been infringed in the Telekom Deutschland case,Footnote 64 where the contract between operator and user stipulated that, should the agreed data limit be exceeded, the consequent reduction in quality of internet service would also apply to online services accessed as part of the zero-rate package.

In recent case law the Court has taken the view that the principle of network neutrality—as outlined in Article 3(3) of Open Internet Regulation—precludes a breach of the obligation to treat all data transmission equally, irrespective of the end-user consenting to such a restriction. In practice, therefore, as the zero-rating offers did not satisfy the principle of net neutrality, they were not examined by the Court regarding their compatibility with the right to open internet.

VI. AN UNCERTAIN FUTURE OF THE OPEN INTERNET PRINCIPLE

A. Regulatory Policy at the Crossroads

While the Telenor judgment has been discussed mainly in the context of its impact on the development of telecommunications services,Footnote 65 the position expressed by the Court in subsequent decisions—especially in the Vodafone and Telekom Deutschland cases—provokes a broader discussion, taking into account the importance of the right to open internet in the EU legal system.

Advocate General of the CJEU Campos Sánchez-Bordona has similarly noted that Open Internet Regulation essentially pursues two objectives: ensuring access to an open internet and protecting end-users.Footnote 66 In doing so, he expressed the view that the first objective—that of an open internet—should be regarded as the leading one. This matter requires a brief commentary. To reiterate: the Advocate General, following the EU legislature,Footnote 67 refers to the net neutrality as ‘open internet access’.Footnote 68 It therefore follows that, in referring to the need to guarantee open internet access, he means the principle of net neutrality.Footnote 69 It is for this reason that Campos Sánchez-Bordona points to an open internet as the overriding objective of the Regulation, arguing that the rights the Regulation ‘confers directly on end-users are those strictly linked to open internet access and, as such, have to do with the terms and conditions of such access’.Footnote 70 This inevitably leads to the conclusion that net neutrality, thus defined, is a legal principle of particular importance, not only for the development of the EU telecommunications market but also for the reinforcement of common European values.

To date, the Court has omitted to address this issue in detail. In the opinion of Campos Sánchez-Bordona, the rights guaranteed by the Regulation operate to benefit the public, ‘and, therefore, indirectly, to the benefit also of a number of individual rights including the right to information and freedom of expression’.Footnote 71 This argument, amongst others, has also not been clearly addressed by the Court, and thus the problem of the relationship between the right to open internet and respect for the rights guaranteed by the Charter cannot be considered sufficiently clarified.

At the same time however, the Court has declared all forms of zero-rating examined so far to be incompatible with EU law. It should be noted that the BEREC previously developed a classification of this type of offer, in which it considered unacceptable only those variants of zero-rating that significantly infringed the rights of end-users.Footnote 72 However, after the judgments in the Vodafone and Telekom Deutschland cases confirming the previous position of the CJEU, the BEREC updated its guidelines in 2022 by confirming that the use of zero-rating by internet service providers is unacceptable under EU law.Footnote 73

The Court, by prohibiting the use of zero-rating, also significantly restricted freedom of contract, as well as the freedom to conduct business. In accordance with the principle of proportionality, such a restriction may only be considered acceptable if it serves to protect another legally protected value and the interference is not considered unnecessary. Although the Court did not explicitly name this value in its judgments, it is easy to identify. It is not, after all, an abstract concept of net neutrality (which per se is not a subjective right) but the freedom to use various sources of information and to exchange thoughts and opinions. In this way, freedom of speech—a fundamental human right—in modern digital media is closely related to the right to open internet.Footnote 74

B. Open Internet as a Basic Right?

The issue of the interrelationship between freedom of expression and the right to open internet remains unresolved. The reason for the confusion is the lack of certainty about the direction of the future evolution of the open internet concept. It is thus possible that the implementation of the proposal to extend the substantive and personal scope of the right to open internet will clear the way for its recognition as an independent right. In such a case, the relationship between freedom of expression and the open internet would be similar to that between privacy and the protection of personal data: the purpose of the provisions on freedom of expression will be to introduce mechanisms to be applied in the event of an infringement; while the regulations on the open Internet will set the standards for service providers, who are supposed to counteract violations.Footnote 75

For years, freedom of expression was mainly associated with negative obligations of the state, and the main role of legal safeguards established was to prevent unauthorised interference by public authorities. It is only in recent years that more attention has been paid to the positive obligations of states to ensure respect for the right to information.Footnote 76 An example is the ongoing discussion in Member States on the need to establish standard measures against hate speechFootnote 77 or to limit the use of censorship introduced by online content providers.Footnote 78 In addition, EU institutions are devoting an increasing amount of attention to the protection of media pluralism—not only a legal principle introduced in the Charter but also a constitutional norm functioning in the a large number of Member States.Footnote 79 Interestingly, many arguments advanced during discussion on the legal protection of media pluralism are almost identical to those made in debate on the right to open internet. The similarities are all the more interesting because, in both cases, there is a clear connection to the right to information.Footnote 80

Media pluralism protects the information market, while an open internet protects freedom of access to content. Although there is still debate on whether media pluralism can be considered an independent subjective right (and if so, whose right is it?), defining it as a legal principle obliges states to influence changes taking place in the media market in a way that will limit the creation of information monopolies. Would protection of the right to information be threatened without the existence of a separate norm concerning media pluralism? In a word, no. Nevertheless, the evolution of the media market, especially changes in ownership related to progressive globalisation and digitisation, have brought to light risks that were previously absent or far less significant. Consequently, in adapting the model of protection of fundamental rights to present day challenges, both Member States and the EU legislature are increasingly emphasising the need to strengthen mechanisms guarding media pluralism.

If media pluralism is considered an important component of freedom of expression, then non-discriminatory access to diverse information and services can hardly be viewed differently. Hence, it can be said that the right to open internet is a natural consequence of the protection of media pluralism. To put this in another way: freedom of expression requires not only diversity of expression (pluralism) but also free access to this content (an open internet).

However, any attempt to include the right to open internet in the catalogue of fundamental rights faces two significant obstacles. Firstly, the limited personal scope of the right is difficult to justify. Currently, the right to open internet is accompanied by obligations and restrictions imposed only on internet service providers. As pointed out earlier, ISPs are not the only group of entities that are capable of introducing traffic discrimination mechanisms. Secondly, establishing such a right would also require the imposition of positive obligations on states—in particular, clarifying whether and to what extent the right to open network per se implies an individual's right to be provided with access to the internet.Footnote 81 Clearly, a person without access to the internet cannot enjoy the benefits of digitisation. Since the right to open internet is intended to further the development of society by making it an information society in the current sense of the term, it is all the more necessary to introduce measures counteracting digital exclusion. It would therefore appear that any discussion concerning the inclusion of explicit online-related rights in the Charter must be preceded by obliging states to provide universal access to the internet. Universal service—in the form determined by current telecommunication regulationsFootnote 82—is not such a measure.Footnote 83

Confirmation of the open internet as a fundamental right would also provide greater impetus for the development of the EU cybersecurity model. The process of building a modern legal framework in this area, going on for several years now, has mainly focused on increasing the resilience of key infrastructure to threats against the availability of systems and the confidentiality of information they process.Footnote 84 The strengthening of guarantees concerning freedom of speech by including an open internet in the catalogue of fundamental rights would undoubtedly influence the direction of legislative changes regarding cybersecurity. European countries already recognise the risks associated with using suppliers from certain third countries in the building of next-generation telecommunications network (so-called 5G).Footnote 85 In addition, public attention has recently been drawn to the problem of some smartphone manufacturers including software/pre-installed apps that filter content searched for by users. While such filtering mechanisms cannot be considered a priori unacceptable, a 2021 Lithuanian Ministry of Defence report states that a list of keywords which blocked access to specific content on mobile devices made by China's Xiaomi Corp also included phrases of a political and ideological nature.Footnote 86 Countering practices of this kind—including the exclusion of such products from the EU market—is one problem in cybersecurity that can be solved effectively by recognising the (open) internet as a fundamental right.

C. Forthcoming Reforms and Dusk of the Open Internet Concept?

As an alternative to the scenario of systematically strengthening the open internet concept and its evolution towards an independent fundamental right, it is not impossible that the opposite trend—consisting of a gradual erosion of the principle of net neutrality towards a subsequent significant reduction in the scope of the right to an open internet right—could be observed in the upcoming years.

The principle of net neutrality—defined in a strict sense, namely as the prohibition of traffic discrimination—has been criticised by ISPs for years because of its negative impact on the development of the telecoms market. Telecommunications companies argue, not without reason, that they have to bear the entire financial burden of respecting this principle, while they also remain responsible for financing modern broadband networks.Footnote 87 They point out that in effect the principle of net neutrality introduces a barrier to the co-financing of the development of high-speed networks by content providers, thus slowing down the digital transformation process. Indeed, it is content providers that develop services requiring ever-increasing network speeds, and therefore they should contribute to the costs of building the network infrastructure. In the opinion of telecommunications companies, agreements concluded with content providers for the prioritisation of specific network traffic are precisely the mechanism that allows for this type of participation. However, this is also a type of agreement that, in light of the current CJEU jurisprudence, is inadmissible due to the infringement of end-users’ rights under the Open Internet Regulation. As a result, strict adherence to the principle of net neutrality is slowing down investment in the construction of fibre networks, as research published in 2022 indicates.Footnote 88

The position of ISPs is of course not unreasonable. In fact, the current scope of the right to open internet entails obligations imposed solely on this group of service providers, with the result that they alone bear the economic impact of its establishment. According to an analysis published by ETNO in 2022, several of the largest content providers (Alphabet, Apple, Meta, Microsoft, and Netflix) account for 56% of internet traffic.Footnote 89 At the same time, these entities do not co-finance the development of the infrastructure required for the provision of their services.

Interesting conclusions also emerge from an examination of the interplay between competition law and the principle of net neutrality. As Marc Bourreau, Frago Kourandi, and Tommaso Valletti demonstrate, in a diversified market of ISPs and content providers, net neutrality is not needed as a condition for the protection of individual rights.Footnote 90 According to the model they present, competition between providers prevents the traffic discrimination rules from restricting individual rights. At the same time, it provides an incentive for ISPs to expand their infrastructure and introduce new services. As a result, the arguments put forward by the authors support the FCC's position, according to which net neutrality is a measure that does not need to be applied in highly diversified markets; such as for example the mobile services sector.Footnote 91

It seems that the broad information campaign,Footnote 92 which has been carried out by ISPs for years now has, at least to some degree, influenced the position of the European Commission, whose representatives have announced that mechanisms would be introduced in the proposed Connectivity Infrastructure Act to create a legal framework for the participation by content providers in the financial burden of the development of modern telecommunications infrastructure.Footnote 93 The draft of this new regulation is not yet known, but it has already provoked criticism from both NGOsFootnote 94 and members of the European Parliament.Footnote 95

Against this background, it is also important to note the ongoing review by the UK regulator (Ofcom) of the regulatory policy on net neutrality.Footnote 96 With the end of the transition period, the UK is no longer a member of the EU and can thus be more flexible in shaping its national regulatory framework for the telecoms market. Ofcom has proposed a partial loosening of the net neutrality rules, including the approval of zero-tariff packages. An additional area of analysis is whether allowing ISPs to charge content providers for carrying traffic will lead to a more efficient use of networks.Footnote 97

In a broader context, the question about the financial model behind net neutrality is a question about the future of the right to open internet. Even accepting the argument about the need to distribute costs more evenly—including to content providers—does not necessarily lead to the recognition that the only way to achieve this goal is to abandon the principle of non-discrimination of traffic. The problem of how modern broadband networks (eg 5G) should be financed can be resolved in various ways; for example by involving mechanisms similar to those previously used for universal service—ie additional charges borne by a certain category of entities (including content providers), set by way of a decision of the telecoms regulator.

VII. CONCLUDING REMARKS

For years, the European Union has been held up as an example of how to build a modern and competitive economy while respecting the rights of individuals. Today, the EU is not only a common economic market but also a union of values. This perception has been confirmed in the area of legal regulations concerning modern technologies. The EU is cited as a leader in data protection law and regulation of the big data market, as well as in emerging law surrounding artificial intelligence.Footnote 98 In each of these areas, regulatory issues are complemented by care taken to ensure adequate protection of individual rights and, above all, respect for rights guaranteed by the Charter.Footnote 99

The discussion about the right to internet access, which has been going on for years, was mainly focused on searching for universal sources justifying its inclusion in the catalogue of fundamental rights. Ultimately, due to the advances in technology this approach has become partly obsolete. The internet in Digital Europe is a common good, and access to it remains unchallenged. However, the reality of the functioning of the modern telecommunications market has revealed another problem, ie that concerning the admissibility of applying traffic discrimination mechanisms and their impact on the rights of individuals.

There is little doubt that the EU legislature, in adopting the Open Internet Regulation, was responding to a specific regulatory need, and that its actions were dictated by a desire to introduce specific restrictions that disallowed telecom operators to conduct business as they saw fit. The purpose of the Regulation was neither to establish a general right to open internet (the scope of which would go far beyond the obligations of telecommunications operators), nor to introduce this right into the catalogue of fundamental rights. There is thus no doubt that the current legislation indicates the direction of the future evolution of the rules, rather than presenting the target model of protection.

Although the Court of Justice has clarified relatively few aspects of the relationship between an open internet and fundamental rights, it has at the same time taken a very clear position on the inadmissibility of various practices that violate the principle of net neutrality. It seems to be a given that issues not yet fully clarified will become the subject of further analysis in future cases.

At the same time, however, EU institutions and the Member States would be justified in tackling the problem—already clearly visible today—of adequately overseeing the proper development of online services in a way that respects commonly-held values. The course of such evolution includes the discussion on extending the scope of the right to open internet, as well as on explicitly granting it the status of an independent fundamental right.

Although the right to open internet is not guaranteed in the Charter, its link to freedom of expression is so obvious that even today the discussion on net neutrality must take into account the context of protection of fundamental rights. The right to data protection was introduced in the EU legal model several years before it was recognised as a fundamental right. It is possible through that the right to open internet will follow a similar path: from guarantees established by secondary law; through to subsequent interpretations by the Court of Justice; and finally, with the next reform of the treaties, to gaining the status of an independent fundamental right.

At the same time, one cannot lose sight of the fact that the chances for the introduction of the right to open internet into the catalogue of fundamental rights also depend on the extension of its personal scope. Today, the obligation to respect this right applies almost exclusively to internet service providers. However, the concept of an open internet is also (or rather, above all) about freedom of access to information, which in order to be effective must be respected also by other digital service providers. It seems that the principle of non-discrimination of traffic—which is at the core of the open internet concept—should also extend to designers of consumer devices or providers of mobile applications. Otherwise, the efforts (and costs) expended by ISPs to treat all traffic equally will not be enough to ensure the freedom of individuals to use digital services however they see fit.

The ongoing discussion on the economic impact of the right to open internet indicates that perhaps the direction of regulatory evolution advocated in this Article—leading ultimately to the introduction of an open internet into the catalogue of fundamental rights—will not be followed through. The increasing pressure from ISPs, expecting support in the funding of next-generation broadband networks, may lead to a significant reduction in the principle of non-discrimination of traffic. Although the Commission has signalled its openness to such legislative changes, their final form still remains unknown.

Similar discussions on the future of regulatory policy are also taking place in the UK and the US, the EU's main economic partners. While in the case of the UK, Ofcom has proposed changes that in principle go in the direction of limiting the prohibition of traffic discrimination, President Biden's administration is seeking to reinstate the net neutrality rules withdrawn during the Trump administration.

More broadly, the question about the future of the open internet principle is de facto a question about the model of society we want to build. If next-generation broadband services are to be the lifeblood of the modern state, it is not possible to accept a situation where telecom companies can arbitrarily apply traffic discrimination rules motivated by their economic objectives. Therefore, the right question is not whether we need the principle of net neutrality, but how to ensure it effectively—also taking into account a fairer distribution of the financial costs associated with its operation.

Footnotes

*

Dr Marcin Rojszczak, Associate professor, Warsaw University of Technology, Warsaw, Poland. Email: [email protected].

References

1 ‘Digital Compass: the European way for the Digital Decade’, European Commission (9 March 2021), https://cli.re/9mMxzN.

2 In particular, this applies to the Digital Services Act package, as well as the draft Data Governance Act regulation. See COM/2020/767 final, Proposal for a Regulation of the European Parliament and of the Council on European Data Governance (Data Governance Act); COM/2020/825 final, Proposal for a Regulation of the European Parliament and of the Council on a Single Market For Digital Services (Digital Services Act) and amending Directive 2000/31/EC); COM/2020/842 final, Proposal for a Regulation of the European Parliament and of the Council on Contestable and Fair Markets in the Digital Sector (Digital Markets Act). For a detailed discussion of the proposals and the regulatory framework proposed by the Commission see: Leistner, M, ‘The Commission's Vision for Europe's Digital Future: Proposals for the Data Governance Act, the Digital Markets Act and the Digital Services Act—A Critical Primer’ (2021) 16(8) Journal of Intellectual Property Law & Practice 778CrossRefGoogle Scholar.

3 COM/2021/206 final, Proposal for a Regulation of the European Parliament and of the Council, Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts. See also M Veale and F Zuiderveen Borgesius, ‘Demystifying the Draft EU Artificial Intelligence Act — Analysing the Good, the Bad, and the Unclear Elements of the Proposed Approach’ (2021) 22 Computer Law Review International 97.

4 Renda, A, ‘Making the Digital Economy “Fit for Europe”’ (2020) 26 European Law Journal 345CrossRefGoogle Scholar; Chivot, E, ‘The New EU Rulebook for Online Platforms: How to Get It Right, Who Will It Impact and What Else Is Needed?’ (2021) 20 European View 121CrossRefGoogle Scholar.

5 Gann, B, ‘Combating Digital Health Inequality in the Time of Coronavirus’ (2020) 24 Journal of Consumer Health on the Internet 278CrossRefGoogle Scholar; Litchfield, I, Shukla, D, and Greenfield, S, ‘Impact of COVID-19 on the Digital Divide: A Rapid Review’ (2021) 11 BMJ Open e053440CrossRefGoogle ScholarPubMed; Ramsetty, A and Adams, C, ‘Impact of the Digital Divide in the Age of COVID-19’ (2020) 27 Journal of the American Medical Informatics Association 1147CrossRefGoogle ScholarPubMed.

6 See eg Easterbrookt, F H, ‘Cyberspace and the Law of the Horse’ (1996) 1996 University of Chicago Legal Forum 207Google Scholar; Cohen, J E, ‘Cyberspace As/And Space’ (2007) 107 Columbia Law Review 210Google Scholar.

7 Consensus was lacking even on the need for separate (specific) rules to determine the law applicable to events occurring in cyberspace. See Goldsmith, J L, ‘Against Cyberanarchy’ (1988) 65 The University of Chicago Law Review 1199Google Scholar; Post, D G, ‘Against “Against Cyberanarchy”’ (2002) 17 Berkeley Technology Law Journal 1365Google Scholar.

8 See eg Hardy, I T, ‘The Proper Legal Regime for “Cyberspace”’ (1994) 55 University of Pittsburgh Law Review 993Google Scholar; Johnson, D R and Post, D, ‘Law and Borders: The Rise of Law in Cyberspace’ (1996) 48 Stanford Law Review 1367CrossRefGoogle Scholar.

9 Regulation (EU) 2015/2120 of the European Parliament and of the Council of 25 November 2015, Laying Down Measures Concerning Open Internet Access and Amending Directive 2002/22/EC on Universal Service and Users’ Rights Relating to Electronic Communications Networks and Services and Regulation (EU) No 531/2012 on Roaming on Public Mobile Communications Networks within the Union, 2015 OJ L310, p 1.

10 V G Cerf, ‘Internet Access Is Not a Human Right’, New York Times, 4 January 2012, https://www.nytimes.com/2012/01/05/opinion/internet-access-is-not-a-human-right.html.

11 It is worth remembering that this is not a new argument—and it has been put forward practically since the beginning of discussion on the need for the legal regulation of cyberspace. Goldsmith argued as early as 1999 that cyberspace was just a new form of communication: ‘To this extent, activity in cyberspace is functionally identical to transnational activity mediated by other means, such as mail or telephone or smoke signal’.

12 The first legal regulations—including Council of Europe Convention 108, which is still in force today—explicitly defined data protection as a privacy protection measure undertaken in relation to automated data processing. See McDermott, Y, ‘Conceptualising the Right to Data Protection in an Era of Big Data’ (2017) 4 Big Data & SocietyCrossRefGoogle Scholar.

13 Greenleaf, G, ‘The Influence of European Data Privacy Standards Outside Europe: Implications for Globalization of Convention 108’ (2012) 2 International Data Privacy Law 68CrossRefGoogle Scholar.

14 Moreover, also within the Union, it is currently being debated whether data protection—at the level of Member States—should be included in the catalogue of fundamental rights. See B van der Sloot, ‘Legal Fundamentalism: Is Data Protection Really a Fundamental Right?’ in R Leenes, R van Brakel, S Gutwirth, P De Hert (eds), Data Protection and Privacy: (In)visibilities and Infrastructures (Springer International Publishing, 2017).

15 This conclusion follows directly from the Charter of Fundamental Rights (see Arts 7–8 of the Charter).

16 S Tully, ‘A Human Right to Access the Internet? Problems and Prospects’ (2014) 14 Human Rights Law Review 175.

17 An example is the right to public information—included in the Charter but not explicitly defined in the constitutional provisions of most Member States.

18 X Wang, ‘Time to Think about Human Right to the Internet Access: A Beitz's Approach’ (2013) 6 Journal of Politics and Law 67.

19 K Dzehtsiarou, ‘European Consensus and the Evolutive Interpretation of the European Convention on Human Rights’ (2011) 12 German Law Journal 1730; N Vogiatzis, ‘The Relationship Between European Consensus, the Margin of Appreciation and the Legitimacy of the Strasbourg Court’ (2019) 25 European Public Law 445.

20 Silva Monteiro Martins Ribeiro v Portugal, No 16471/02 (ECtHR 26 October 2004).

21 Understood in a broad sense—not only in terms of the right to make decisions on procreation but also the positive obligation of the state to make various forms of IVF treatment available. See eg SH and Others v Austria, No 57813/00 (ECtHR 3 November 2011).

22 Schalk and Kopf v Austria, No 30141/04 (ECtHR 24 June 2010).

23 See eg Article 5A of the Greek Constitution.

24 Conseil Constitutionnel 10 June 2009, Case 2009-580 DC, para 12 (English translation available at https://www.conseil-constitutionnel.fr/en/decision/2009/2009580DC.htm).

25 B Skepys, ‘Is There a Human Right to the Internet?’ (2012) 5 Journal of Politics and Law 15.

26 The literature extensively discusses practices in the US market, mainly concerning agreements between mobile service providers (mobile network carriers) and streaming service providers. For a discussion of examples of forms of cooperation—with regard to music-streaming services, see R Curwin, ‘Unlimited Data, but a Limited Net: How Zero-Rated Partnerships between Mobile Service Providers and Music-Streaming Apps Violate Net Neutrality’ (2015) 17 Columbia Science and Technology Law Review 204.

27 K Maniadaki, ‘Net Neutrality Regulation in the EU: Competition and Beyond’ (2019) 10 Journal of European Competition Law & Practice 479.

28 See Article 8(4)(g) of Directive 2002/21 as amended by Article 1(8) of Directive 2009/136.

29 See the Commission declaration on net neutrality annexed to Directive 2009/140, 2009 OJ L337, p 37.

30 COM(2011) 222 final, The Open Internet and Net Neutrality in Europe, https://cli.re/bM1b1D.

31 This position was also supported by the European Parliament resolution of 17 November 2011, P7_TA(2011)0511, https://www.europarl.europa.eu/doceo/document/TA-7-2011-0511_EN.html.

32 ‘BEREC Response to the European Commission's Consultation on the Open Internet and Net Neutrality in Europe’, BEREC, 30 September 2010, BoR (10) 42, p 2, https://cli.re/81DJr2.

33 Federal Communications Commission Report and Order of 21 December 2010, https://docs.fcc.gov/public/attachments/FCC-10-201A1.pdf.

34 A Candeub and D McCartney, ‘Law and the Open Internet’ (2012) 64 Federal Communications Law Journal 493.

35 These recommendations were made under the authority of Section 706 of Telecommunications Act of 1996

36 See a discussion of the controversy over the Open Internet Order of 2010, as well as the direction of changes proposed in the Open Internet Order of 2015: K A Ruane, ‘Net Neutrality: Selected Legal Issues Raised by the FCC's 2015 Open Internet Order’, Congressional Research Service, 12 June 2015, R43971, https://sgp.fas.org/crs/misc/R43971.pdf.

37 S A Friedlander, ‘Net Neutrality and the FCC's 2015 Open Internet Order’ (2016) 31 Berkeley Technology Law Journal 905.

38 G B Sohn, ‘A Policy Framework for an Open Internet Ecosystem’ (2018) 2 Georgetown Law Technology Review 335.

39 See Executive Order of 9 July 2021 on Promoting Competition in the American Economy, https://cli.re/ZXKW9V.

40 C Liu and K Trendacosta, ‘New Proposal Brings Us a Step Closer to Net Neutrality’, Electronic Frontier Foundation, 22 August 2022, https://cli.re/eM7Z5X.

41 C T Marsden, ‘Comparative Case Studies in Implementing Net Neutrality: A Critical Analysis of Zero Rating’ (2016) 13 SCRIPTed: A Journal of Law, Technology and Society 1.

42 In fact, the final regulation is the result of several years discussion among Member States and differs significantly from the draft originally proposed by the Commission. See ibid.

43 Indeed, this also applies to subsequent legislation—in particular, the European Electronic Communications Code, which replaced earlier framework directives and was also adopted in the form of a directive (Directive 2018/1972).

44 See Recital 1 of Open Internet Regulation. In EU telecommunication law, the terms user and end-user should not be confused. While the first term covers all recipients of electronic communications services, the second one covers only users that do not provide telecommunication services (and thus does not include telecommunications service providers).

45 L Lasota, ‘Net Neutrality and Free Choice of Routers and Modems in Europe’ (2020) 11 JIPITEC 303.

46 ‘Net Neutrality Review: Consultation’, Ofcom, 21 October 2022, para 4.13, https://cli.re/ZX2qkR.

47 In this respect, the chosen legislative measure—namely, a regulation—is also important. Regulations do not require transposition into national legal systems and ‘operate to confer rights on individuals which the national courts have a duty to protect’ (C-253/00, para 27). The Court of Justice ruled that in some cases the full effectiveness of a regulation may require the introduction of relevant national provisions (see eg cases C-113/02 and C-316/10); however, this situation does not apply to Open Internet Regulation and the open internet principle.

48 The problem of primacy of EU law over constitutional norms is discussed from different perspectives in: M Kumm and V F Comella, ‘The Primacy Clause of the Constitutional Treaty and the Future of Constitutional Conflict in the European Union’ (2005) 3 International Journal of Constitutional Law 473; A von Bogdandy and S W Schill, ‘Overcoming Absolute Primacy: Respect for National Identity under the Lisbon Treaty’ (2011) 48 Common Market Law Review 1417; J H Reestman and M Claes, ‘For History's Sake: On Costa v. ENEL, André Donner and the Eternal Secret of the Court of Justice's Deliberations’ (2014) 10 European Constitutional Law Review 191.

49 R Schütze, ‘European Fundamental Rights and the Member States: From “Selective” to “Total” Incorporation?’ (2012) 14 Cambridge Yearbook of European Legal Studies 337.

50 See eg J Krämer, L Wiewiorra, and C Weinhardt, ‘Net Neutrality: A Progress Report’ (2013) 37 Telecommunications Policy 794.

51 It is worth noting that this problem did not only concern the EU legal system—similar doubts about the permissibility of zero rating and its compatibility with the principle of net neutrality have arisen in other countries as well. S Kumar, ‘Zero Rating as the Demon and the Saviour: Rethinking Net Neutrality and Freedom of Expression for the Global South’ (2017) 13 Indian Journal of Law and Technology 70; C M da Silva Pereira Neto, R Lemos, M P Adami, and F M de Carvalho, ‘Compatibility of Zero-Rating Offers with Brazilian Net Neutrality Rules’ (2019) 15 DIREITO GV Law Review 1.

52 J A Hollis, ‘Testing the Bounds of Net Neutrality with Zero-Rating Practices’ (2017) 32 Berkeley Technology Law Journal 591; M Schnell, ‘The Mobile-Sierra Doctrine: An Unlikely Friend for Opponents of Zero- Rating’ (2018) 70 Federal Communications Law Journal 329.

53 For example, Carillo divides zero-rating services into four main categories: (1) single-site/service zero-rating; (2) sponsored data; (3) compound zero-rating; and (4) non-selective zero-rating. See A Carrillo, ‘Having Your Cake and Eating It Too: Zero-Rating, Net Neutrality, and International Law’ (2016) 19 Stanford Technology Law Review 364.

54 Telenor Magyarország Zrt, C-807/18 and C-39/19, ECLI:EU:C:2020:708 (15 September 2020).

55 See Request for a Preliminary Ruling of 11 September 2018 Referred by Fővárosi Törvényszék (Hungary), C-807/18, https://cli.re/Z4Xwvy.

56 This concept is introduced in the EU telecoms legislation—at the time the Regulation was established, it was Directive 2002/21, and now it is Directive 2018/1972

57 Telenor Magyarország, note 54 above, para 38.

58 Ibid, para 45.

59 Art 3(3) of Open Internet Regulation.

60 Telenor Magyarország, note 54 above, para 50.

61 Case Vodafone v Germany, C-854/19, ECLI:EU:C:2021:675 (2 September 2021).

62 Vodafone, C-5/20, ECLI:EU:C:2021:676 (2 September 2021).

63 Ibid, para 27.

64 Telekom Deutschland, C-24/20, ECLI:EU:C:2021:677 (2 September 2021).

65 See eg J A Biros, ‘Telenor Magyarország Zrt v Nemzeti Média – És Hírközlési Hatóság Elnöke (CJEU)’ (2021) 60 International Legal Materials 653; A Müller and K Asakura, ‘The Telenor Case: The (In)compatibility of Zero-Rating with the Net Neutrality Principle (C-807/18 and C-39/19 Telenor Magyarország)’ (2021) 5 European Competition and Regulatory Law Review 59.

66 Opinion of AG Campos Sánchez-Bordona delivered on 4 March 2020, C-807/18 and C-39/19, para 27.

67 In fact, the Regulation does not once use the term ‘net neutrality’—although this term was previously used in the Commission's draft of this legislation and was defined as ‘the obligation on providers to provide unhindered connection to all content, applications or services being accessed by end-users’. Cf COM/2013/0627 final, Proposal for a regulation of the European Parliament and of the Council Laying Down Measures Concerning the European Single Market for Electronic Communications and to Achieve a Connected Continent, and Amending Directives 2002/20/EC, 2002/21/EC and 2002/22/EC and Regulations (EC) No 1211/2009 and (EU) No 531/2012, https://cli.re/9m8Pyw.

68 The Advocate General himself highlights his concern that the term ‘net neutrality’ has not been precisely used defined in the Regulation. See Opinion of AG Campos Sánchez-Bordona, note 66 above, n 3.

69 Ibid, para 37.

70 Ibid, n 14.

71 Ibid.

72 ‘BEREC Guidelines on the Implementation of the Open Internet Regulation’, BEREC, 11 July 2020, BoR (20) 112, https://cli.re/D3Y3yA.

73 ‘BEREC Guidelines on the Implementation of the Open Internet Regulation’, BEREC, 9 July 2022, BoR (22) 81, https://cli.re/eM7mXB.

74 Similar conclusions are reached by Michael Best. See M L Best, ‘Can the Internet Be a Human Right?’ (2004) 4 Human Rights & Human Welfare 23.

75 This relationship can be observed between privacy and data protection. For example, the lack of implementation of the so-called information obligation by the data controller results in a breach of EU data protection law. At the same time, such action per se does not infringe the individual's right to privacy. However, this right may be violated as a result of further data processing activities, which the entity will not be able to prevent due to the lack of knowledge about the data collection that occurred. In this way, the information obligation—laid down in the data protection law—protects the information autonomy of the individual, while preventing violations of their right to privacy at the same time.

76 This issue is also being discussed in the United States, where the existing interpretation of the First Amendment—which guarantees freedom of expression—has so far focused on the state's negative obligations to refrain from unauthorised interference. As Ellen Goodman aptly notes, ‘constitutionally protected free speech is the freedom to speak without government constraint rather than a freedom to speak because of government rules that combat private constraint’. E P Goodman, ‘Zero-Rating Broadband Data: Equality and Free Speech at the Network's Other Edge’ (2016) 15 Colorado Technology Law Journal 63, p 86.

77 Regulations against online hate speech have been adopted in several Member States. Some of the more widely discussed examples are French regulations, declared unconstitutional by the Constitutional Council in 2020. See J Schulz, ‘What's Going on With France's Online Hate Speech Law?’, Lawfare, 23 June 2020, https://cli.re/7nY5md.

78 See C Goujard, ‘German Facebook Ruling Boosts EU Push for Stricter Content Moderation’, Politico, 29 July 2021, https://cli.re/JnPnjb.

79 For a broader view on discussion amongst EU institutions in the 1980s and 1990s regarding the definition of media pluralism, see Resolution of 25 September 2008 of the European Parliament on Concentration and Pluralism in the Media in the European Union, P6_TA(2008)0459, 2010 OJ CE 8. The problem is also discussed in: P Cavaliere, ‘An Easter Egg in the Charter of Fundamental Rights: The European Union and the Rising Right to Pluralism’ (2012) 2 International Journal of Public Law and Policy 357.

80 This connection is also seen by M Maroni, ‘An Open Internet? The Court of Justice of the European Union between Network Neutrality and Zero Rating’ (2021) 17 European Constitutional Law Review 517.

81 A Nałęcz, ‘“A More Human Approach”. Human Rights, Obligations of the State and Network Neutrality in Europe’ (2019) 12 Yearbook of Antitrust and Regulatory Studies 29.

82 So by Directive 2018/1972, establishing the European Electronic Communications Code.

83 Universal service is a means for Member States to make electronic communications services more accessible by transferring the cost of their provision to telecommunications providers. Member States are not obliged to apply this mechanism, and hence the provisions are not used in many countries. For a broader discussion of the concept of universal service, see O Batura, Universal Service in WTO and EU law: Liberalisation and Social Regulation in Telecommunications (Asser Press, 2016).

84 Cybersecurity is also one of the pillars of the Commission's Digital Strategy over the next decade. In recent years, the EU has adopted a number of acts that form the basis for the EU's cyber security model—in particular Directive 2016/1148 (NIS Directive) and Regulation 2019/881.. In December 2022, a new—significantly expanded—version of the NIS Directive was finalised (NIS2 Directive) and a regulation on digital resilience for the financial sector (the so-called Digital Operational Resilience Act, DORA) was enacted. Additionally, the need to strengthen cybersecurity mechanisms in the consumer product market is also becoming increasingly apparent. See C Banasiński and M Rojszczak, ‘Cybersecurity of Consumer Products Against the Background of the EU Model Of Cyberspace Protection’ (2021) 7 Journal of Cybersecurity tyab011.

85 An example is the UK's objections—raised while it was still a member of the European Union—to the participation of Chinese technology providers in a 5G network construction project. Mascitelli, B and Chung, M, ‘Hue and Cry over Huawei: Cold War Tensions, Security Threats or Anti-Competitive Behaviour?’ (2019) 1 Research in GlobalizationCrossRefGoogle Scholar.

86 ‘Things Your Smartphone Does Without Your Awareness: Investigation into Three China-Made 5G Devices’, Ministry of National Defence of the Republic of Lithuania, 21 September 2021, https://cli.re/waKJQ4.

87 See eg ‘United Appeal of the Four Major European Telecommunications Companies’, T-Mobile Press Release, 14 February 2022, https://cli.re/eryEqz.

88 W Briglauer, C Cambini, K Gugler, and V Stocker, ‘Net Neutrality and High-Speed Broadband Networks: Evidence from OECD Countries’ (2022) European Journal of Law and Economics.

89 ‘Europe's Internet Ecosystem: Socio-economic Benefits of a Fairer Balance between Tech Giants and Telecom Operators’, European Telecommunications Network Operators’ Association, 2 May 2022, https://www.etno.eu/library/reports/105-EU-internet-ecosystem.html.

90 Bourreau, M, Kourandi, F, and Valletti, T, ‘Net Neutrality with Competing Internet Platforms: Net Neutrality with Competing Internet Platforms’ (2015) 63 Journal of Industrial Economics 30CrossRefGoogle Scholar.

91 Ibid, p 66. However, it should be noted that under President Obama's administration, it was indicated that in the updated regulatory policy the principle of net neutrality should also cover mobile services. See White House Press Release, ‘Net Neutrality: President Obama's Plan for a Free and Open Internet’, 10 November 2014, https://cli.re/NmvxDw.

92 See eg ‘United Appeal of the Four Major European Telecommunications Companies’, note 87 above; see also J Reiter, ‘Opportunity Knocks – the Connectivity Infrastructure Act (CIA)’, Vodafone, 25 September 2022, https://cli.re/mYwWzY.

93 S Stolton, ‘EU Executive Eyes Big Tech's Money to Save 5G’, Politico, 27 June 2022, https://cli.re/DpwZw4.

94 See eg ‘Connectivity Infrastructure and the Open Internet’, BEUC, 16 September 2022, BEUC-X-2022-096, https://cli.re/KJ2zo4.

95 Open letter of MEPs to the European Commission of 12 July 2022, https://cli.re/xn3rDa.

96 ‘Net Neutrality Review: Consultation’, note 46 above.

97 Ibid, p 130.

98 Just to name a few publications: Albrecht, J P, ‘How the GDPR Will Change the World’ (2016) 2 European Data Protection Law Review 287CrossRefGoogle Scholar; Rustad, M L and Koenig, T H, ‘Towards a Global Data Privacy Standard’ (2019) 71 Florida Law Review 365Google Scholar; Ryngaert, C and Taylor, M, ‘The GDPR as Global Data Protection Regulation?’ (2020) 114 AJIL Unbound 5CrossRefGoogle Scholar; Schünemann, W J and Windwehr, J, a, ‘TowardsGold Standard for the World”? The European General Data Protection Regulation between Supranational and National Norm Entrepreneurship’ (2021) 43 Journal of European Integration 859Google Scholar.

99 As a result, it is increasingly common in the context of the legal regulation of new technologies to speak of the ‘Brussels Effect’ to describe the global reach of standards set by the EU. See A Bradford, The Brussels Effect: How the European Union Rules the World (Oxford University Press, 2020).