27th Annual BTLJ-BCLT Symposium: From the DMCA to the DSA: Panel 2: Will the DSA Achieve a “Brussels Effect”?

 Moderator: Martin Senftleben, University of Amsterdam

Copyright Law and/or/vs. a ‘Brussels Effect’ for the Digital
Services Act

Jennifer Urban, Berkeley Law School

The Brussels Effect claim is descriptive, not predictive—can
it apply to the DSA? Criteria favoring a Brussels Effect are market size
controlled by regulator—a lot of firms want to compete there; regulatory
capacity/institutional expertise; stringent standards. Most likely to happen
when the EU standard is the most stringent. That ties to nondivisibility—firm’s
choice based on incentives/cost benefit analysis to treat their activities as
nondivisible/nongeofenced. Inelastic targets are another factor: © holders,
members of the public, potential infringers.

Consider here stringent standards and nondivisibility.

Bradford’s four examples of the Brussels Effect v.
copyright: (1) Food/chemicals (physicality, unlike ©; easy to establish
stringent rules b/c it’s allowed v. disallowed or level of chemical is allowed
but not more; generally good observability/enforceability; first mover tends to
be clear, though who it is can vary—banning hydrogenated oils in certain kinds
of foods); (2) privacy (like ©, lacks physicality; not binary but complex and
nuanced; first mover clear: EU competing against regimes that were
comparatively much less developed, creating a comparative vacuum that could be
filled; strong first mover effect creates obvious stringency differential
initially even with nuance and balance-seeking; this could change later and
depends on stickiness of baseline regime). (3) competition and (4) digital
economy—copyright is potentially an aspect of both of those; DSA also relevant.

Copyright lacks physicality; isn’t binary, complex, nuanced,
balancing—what even is stringency in this context? Highly developed,
longstanding sectoral systems put in place over hundreds of years.
Traditionally supported a highly segmented, explicitly territorial market approach
by multinationals. Very sticky. EU has been first mover on some things and not
others (Art. 17 v notice and takedown).

A service provider decides what it must do under 512 and the
DSA/Art. 17—figures out where it fits in the ecosystem of regulated actors. Then
figures out what it must do: in US, don’t engage in primary or secondary
infringement. In EU: do not directly infringe; DSA obligations—T&Cs,
transparency, notice & action, statement of reasons, allow
complaint/appeal, ADR, trusted flaggers, etc. Then figures out what it can
do: choose to comply w/512’s detailed rules, deciding details of implementation
and making removal decisions. In EU, they get the safe harbor no matter what,
and they decide terms of service, details of implementation, make removal

Which regime to choose? DMCA is a post-office model: you just
respond to notices and send to users, just passing things on. DSA: they’re
designer, adjudicator, rights protector, systemic risk avoider—much more detailed,
rule-oriented role if they choose DSA path. If we think most stringent rule is
more likely adopted worldwide, looking good for DSA. DSA into account many
lessons from notice and takedown system and intermediary liability in US and
other countries—balance, notification to complainer whether something came
down, dispute resolution processes. Both more stringent to benefit of
users/public and to benefit of © owners in some important ways; many big
services do these things already.

Complications: what does stringency mean in this context?
Infringement/infringers? Inaccurate/abusive © claims/complainants? Who are we
protecting/benefiting? Copyright holders/fair users? Incentives for new
copyright protected expression? Innovation and follow on creativity?

Nondivisibility: voluntary adoption of second jurisdiction’s
rules where standardization is attractive/incentivize. Must consider entire
regime: downside risk, directionality of risk—structural and practical bias
towards takedown under 512 remains; downside risk is disproportionately from
one direction—downside of false/inaccurate takedowns or filters is much lower
than downsides of mistaken stay-ups. This is a form of stringency and affects
incentives for non-divisibility, especially given US statutory damages and
injunctions. No balancing required—recognizing fair use is not required for
platforms, nor is giving users much procedure. Stringency can thus be non
obvious, contested/contestable, and downside risk matters.

Guess: many service providers will therefore stick with 512;
US wins, but maybe for the wrong reasons.

The DSA Trusted Flagger Regime and Its Interplay with
Article 17 DSMD in the Aftermath of CJEU, Poland – A Promising Model?

Eleonora Rosati, Stockholm University

Trusted flaggers moved from practice to statutory
regulation, and are relevant to Art. 17. YT had it since 2012; now only NGOs
and gov’t agencies. YT for 2022: most removals were automated (5.2 million),
250,000 from users, 51,000 from organization, a few from gov’t.

DSA institutionalized trusted flaggers in Art. 22: rationale
to make action against illegal content quicker/more reliable. Eligibility:
entities w/expertise and competence in detecting, identifying and notifying
illegal content, in a way that’s diligent, accurate and objective; independence
from platform; private entities and individuals can conclude bilateral agreements
w/platforms. Recognition by DS Coordinator of member state where established;
must be recognized by all platforms targeted by DSA. Obliged to do annual
reporting at least on types of notices to whom, for what, and resulting action;
suspension of trusted flagger status possible during investigation from
significant number of imprecise/inaccurate/unsubstantiated notices.

At least in certain sectors, trusted flaggers will play a
significant role in ©/Art. 17 for acting expeditiously in response to notice.
CJEU Poland: one limit the court focused on is that rightsholders have to
provide relevant and necessary information. Maybe helpful in creating a global
standard. But there is a targeting approach—you don’t need to be in the EU to
be covered by the DSA if you target the territory—this can come from language
used, currency, possibility of ordering products or services, relevant
top-level domain, can you purchase/download app from local app store, local
advertising or advertising in a EU language, customer relations including
language used. [I wonder what other Spanish- and Portuguese-speaking and
Francophone countries think of this.]

The Global Internet and Its Workable, Bespoke, Patchwork

Justin Hughes, Loyola University Los Angeles

John Perry Barlow’s Declaration of Independence of
Cyberspace: a full repudiation of the lack of gov’t authority or moral right to
rule cyberspace. DSA: Admirable technocrats’ work, even with much that is
unknown or could have been done differently. So many working parts have been
brought together, requiring consultation and compromise. Although we’re here to
bury the Ecommerce directive, not to praise it, it was easy and fun for
students, and he’s not sure how or if the DSA can be taught, except on its own.

He’s always advocated a local, evolutionary approach
w/convergence in legal norms, as w/notice and takedown. Still happening in some
areas. But Art. 17 made it obvious that defection from 2000s consensus on
intermediary liability was happening, and DSA is next step in ending that global
consensus. Brussels effect is a decision to conform private behavior to a single
standard v. uncoordinated legal regimes following other regimes to convergence.

Assuming there’s a difference b/t notice and takedown and notice
and action, will it go to the US? Prediction: no. Content owners won’t agree to
a revision of 512, at least w/o a long period of seeing what platforms will do.
1A will also complicate any efforts to adopt many DSA elements.

Imagine an EU domiciliary uploads © work belonging to an
American that’s not an OCCSS under Art. 17 or VLOP under DSA. Sender sends DMCA
notice. What does the platform do? We don’t have any court decisions saying what
the outer limits of expeditious takedown are. Maybe platform adjusts by complying
with both regimes—could have a quiet, virtually hidden effect on DMCA compliance.
But it’s not hard to immediately disable access to all US IP addresses while
taking a bit longer to, per DSA, take a decision in respect of the information
to which the notice relates in a timely, diligent and non-arbitrary manner. Indeed,
this might be a good way for a platform to show that it was taking DSA seriously.
Don’t assume that Brussels and California effect that occurs w/privacy also
occurs when corps can adjust tech granularly.

Globally speaking, car manufacturing is a big business
dominated by 20 companies in 8 countries. Despite that, 35% of world’s population
still drives on the wrong side of the road; private actors can deal w/different
regimes where tech allows.

Search engines: just as w/Ecommerce directive, there’s no
safe harbor/notice and action provisions for search engines. There were
proposals in DSA but no ultimate obligation. But there’s still 512(d). Should
we assume that DMCA 512(d), used by © holders around the world, will keep
working the way it has been working? Seems to be used mostly by highly automated
trusted flaggers. 4 of top senders are the entities that will undoubtedly
become trusted flaggers.

Transparency will either exacerbate arms race w/bad guys if
there’s too much disclosure; or it will produce vague disclosures and not have
that much impact.

Unintended effects: major content owners will employ
multiple trusted flaggers b/c of the mechanism for suspending trusted flaggers,
and no major content owner can afford to have its trusted flagger suspended even
for a bit.

Will the DSA Achieve a “Brussels Effect”?

Anupam Chander, Georgetown Law School

Imagine the DSA of Brazil, India, Nigeria, or Putin. Roche-Laguna
wants to think that the DSA passes the Putin test. Does it?

Companies could adopt DSA-compliant practices worldwide, or
EU itself might promote DSA as a legal model including in its free trade
agreements. Governments might also find much to envy in DSA. Disinformation,
hate speech, communal violence, and election interference are acute in many
countries in the Global South. But institutional capacity and resources can be
more limited and civil society institutions/independent press more fragile. States
are often at grave risks of democratic backsliding or already have
authoritarian tendencies w/serious risks for free expression.

Consider Digital Services Coordinator. Not just a
“coordinator”: DSC chooses trusted flaggers w/significant privileges, certifies
dispute settlement bodies—decides who the judges are. Can also demand info from
platforms related to suspected infringement of DSA, including power to conduct
onsite investigations and seize information regardless of storage medium; DSC
can also seek a judicial order to temporarily suspend a platform.

Demands to control social media—take down posts from
political rivals, block full services—are common around the world.

Commission powers: mitigation measures for risks the
platforms may create; crisis protocols. These powers translated into new jurisdictions
might be less trustworthy. Nigeria and Twitter got into a standoff—Twitter deleted
some tweets from Nigeria’s president for stoking violence/civil war. Gov’t
banned Twitter for 6 months; Twitter negotiated a return on undisclosed terms,
which could be characterized as mitigation measures for the risks the gov’t
thought Twitter posed to the Nigerian people. [Consider how many countries—including
some in the EU—think that “promotion” of LGBTQ+ identities constitutes a risk
to the public.]

What about the checks and balances? DSC is supposed to be independent,
and powers exercised in conformity w/EU charter of rights; crisis protocol must
include safeguards to protect charter rights; no filtering obligations and
conditions for being a trusted flagger. But overall there is great fear of
corporations in this and not much fear of gov’t; consider how it might be
weaponized. When we think about fundamental rights, we must always keep in mind
protecting fundamental rights both against private corporations and the state.
The distinction b/t safe harbor and liability might exist for an individual
piece of content, but the DSA has a very substantial liability regime of 6% of
global turnover, 50% higher than GDPR max, that is available to the state. That
itself might be attractive to many govts across the world across the economy.

Q: interaction w/ localization of user data requirements to
facilitate law enforcement?

Urban: parallels to DSA/512. Where a company is making a
decision about which regime to apply voluntarily, that applies to
extraterritorial information. If Russia requires localized data, then the Q of
whether one regime is more efficient doesn’t come up in the same way.

Keller: Americans don’t much trust regulations or regulators,
and we have scar tissue around litigation—if the rule is a little bit ambiguous
someone will litigate and that will cost a lot of money. This causes Americans
to be freaked out by the DSA; Europeans think that it would be fine for other
countries to implement the DSA but maybe that’s not true b/c of the differences
in legal cultures.

Hughes: this is a well-known difference in population, but
not legal community—distrust of gov’t and undue trust for corporations until
recently. Reversed in EU, but that’s more popular culture than legal community.
In the latter, a very large percentage of lawyers have worked in gov’t and have
more trust in the process. [Not sure that characterizes the former gov’t
lawyers I know, especially given the state/federal divide.]

Rosati: EU motto is “United in Diversity.” Sensitivities are
very different country to country. Not a uniform bloc; in the end it was a

Senftleben: don’t ask people about their national gov’ts—a completely
different story to trust in the EU.

Q: what will happen in Hungary? What safeguards will keep
Hungarian authorities from abusing their power under the DSA? American right-wing
populists are watching Orban closely for inspiration, and DeSantis is using his
playbook. Ken Paxton has weaponized investigative powers against tech
companies, and Orban is smart enough to see that. Who cares who the population
trusts? The legal question is what can be done to weaponize these powers and
what safeguards exist against abuse?

Chander: We need to be cautious—the EU project doesn’t have
competence over everything; DSA repeatedly defers to national laws including in
definitions of illegality. Charter is supposed to be followed, but the dispute
settlement system in the Charter has an enormous backlog of cases.

Senftleben: A real risk b/c we know that Hungary is different
from other EU states, but it’s a regulation, so the text of the framework is
beyond the reach of national gov’ts. The competencies are embedded in a European
framework. System would be able to react to extreme tendencies in individual
gov’ts better than previous framework. [But the trusted flagger system now
blesses the idea of deputizing entities to do takedowns—I think the particular
risk is clearly to LGBTQ+ content.]

from Blogger http://tushnet.blogspot.com/2023/04/27th-annual-btlj-bclt-symposium-from_86.html

This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s