Coronavirus and digital finance: public consultations and other initiatives

The current coronavirus pandemic made our financial lives exclusively digital. This raised new challenges but also opened new opportunities for the financial sector. It is of no surprise therefore that within the EU Commission's overall focal point on fighting the coronavirus health emergency and its social and economic consequences, digital finance gained a pivotal role. There are currently a couple of initiatives that we wished to share with you.

Public consultations 

A couple of days ago the Commission opened two important public consultations.

The first focuses more generally on setting out the new Digital Finance Strategy/FinTech Action Plan later in 2020 that would identify policy areas and policy measures for the next 5 years (on the current FinTech Action Plan we reported here). The consultation is organized around three priority areas:

1. ensuring that the EU financial services regulatory framework is fit for the digital age;
2. enabling consumers and firms to reap the opportunities offered by the EU-wide Single Market for digital financial services;
3. promoting a data-driven financial sector for the benefit of EU consumers and firms.

At the same time, the EU Commission opened a separate consultation on retail payments as a key step towards the adoption of a retail Payments Strategy for Europe.

Both consultations can be contributed to by the 26th of June 2020.

Online roundtables

Within its initiative of Digital Finance Outreach 2020 DG FISMA moved its planned roundtable events online. They are organized around current topical issues and are run weekly until the end of May. The events aim to raise awareness of the work of DG FISMA and to connect relevant stakeholders. They are free to attend and encourage contribution, so if you have anything to add, feel free to raise your hand.

Pan-European Hackaton

Finally, in collaboration with Member States the Commission opened a very interesting call for participation in a pan-European Hackaton, within the #EUvsVirus challenge, to develop innovative solutions for the new challenges raised by the current coronavirus crisis. One of the domains of the hackaton is digital finance with a range of challenges. One important challenge for us is how to develop innovative solutions to support the the most vulnerable, the digitally excluded such as the elderly, who currently struggle to access financial services and products. There is also a challenge to solve other problems in the current climate such as to development of coronavirus related health insurance (see the list of challenges here). The hackaton will be held 24-26 April. Registration is still open (access link here), so if you have ideas for workable solutions, please register. The full agenda is also available here and much of the event is livestreamed on Facebook. 

Long live the E-Commerce Directive? First discussions on the Digital Services Act

Last week we informed about the Council's adoption of the first part of the New Deal for Consumers – directive on better enforcement and modernisation of EU consumer protection rules. With the next European Commission soon beginning its mandate, public attention is gradually shifting to the possible new initiatives affecting consumers in the digital market. Political guidelines of the (then-candidate) Ursula von der Leyen, shed light on two major areas: online platforms and artificial intelligence.

In both fields the initiatives are likely to build upon prior developments in the outgoing Commission. To recall, earlier this year the High-Level Expert Group on AI appointed presented Ethics Guidelines for Trustworthy Artificial Intelligence. The guidelines consider many issues of relevance to consumers such as human agency, safety, privacy, transparency, fairness and accountability. So far, however, it remains rather unclear how the guidelines will inform further actions at the EU level. 

By contrast, we are gradually hearing more and more about possible initiatives on online platforms. In this regard, the Commission has so far followed a “problem-specific approach” as illustrated by the targeted amendments to the consumer acquis, audio-visual media law or copyright law, the adoption of P2B regulation as well as multiple soft law measures on tackling illegal content. The E-Commerce Directive has technically remained unaffected, even though the tendency towards more responsibility of platform operators has been quite clear. According to the more recent reports, the Commission under President von der Leyen is expected to step up these efforts under the banner of “Digital Services Act”. The discussion about its shape are also at an early stage, yet it is not excluded that the new approach will turn out to be still more of essentially the same. According to the recent presentation from the Commission to the Council experts, current discussions appear to be centred on strengthening the cooperation between national regulatory authorities and potentially common rules on tackling different types of illegal content (such as hate speech) at the EU level. Consultations are expected to be launched at the beginning of 2020, potentially leading to more concrete proposals by the end of that year. Stay tuned!

DSM directives published

Many of us have been waiting for this moment: on May 22 two Digital Single Market directives have been published in the Official Journal: Digital Content Directive (Directive 2019/770) and the new Consumer Sales Directive (Directive 2019/711). 

 

Time to update our frame of reference.

DSM proposals approved by the Parliament

We have announced in December that the work on the DSM proposals (on digital content and on the sale of goods) was moving more smoothly and that we expected the first EP reading to take place in March 2019 (2019 forecast...). This reading took place yesterday, with the EP approving proposals for both directives and passing the ball along to the Council for their formal approval. Since the changes introduced by the Parliament have previously been discussed with the Council, this final approval should really be just a formality and we may expect these new Directives to start binding in the Member States within the next 3 years. 

A few remarks on digital content

Just a reminder, one of the novelties of the DSM proposals is the stipulation that consumers who pay with their data for access to digital content or online services will need to be provided with consumer rights just like paying consumers (Recital 24). However, unless the Member States stipulate differently, if the trader only collects metadata or where consumer gets access to digital content by exposing themselves to advertisements - these situations will not fall within the scope of protection of the directive. The Directive on digital content also provides for different remedies in case of non-conformity of the digital content (price reduction or reimbursement) than of goods (whether purchased online or offline), but the same longer reversal of the burden of proof (non-conformity manifests itself with in 1 year from the date of supply, with the possibility for the Member States to extend this to two years for goods) and a two year guarantee period (with a possibility for the Member States to extend this for goods). The Directive on digital content fully harmonises requirements for conformity, remedies for non-conformity or a failure to supply and the modalities for their exercise, as well as the modification of digital content or service, thus it adopts the model of targeted full harmonisation. The Member States retain however the right to regulate some matters related to lack of conformity of digital content, e.g. liability of third parties, such as developers of digital content who are not traders. Curiosity: recital 23 recognises e-vouchers as a digital representation of value, digital currency, which is a method of payment and therefore on its own is not a form of digital content. See the final text here.

A few remarks on sale of goods contracts

The Directive on the sale of goods fully harmonises requirements for conformity, remedies for non-conformity and the main modalities for their exercise, thus it adopts the model of targeted full harmonisation. It allows the Member States for example to elect to provide consumers with the right to repudiate the goods shortly after delivery or to regulate sellers' duties to warn. It will apply to 'smart' goods, that is goods embedded with digital elements (whether digital content or digital services), where the goods would not perform their functions without the digital content and where the digital content was provided as part of the same contract. Recital 49 changes the nature of assessment whether the seller is able to bring the goods back into conformity, as the new Directive will allow sellers to refuse to replace the goods or repair them when one of these two remedies is impossible and the other one could only be provided at a disproportionate case (contrary to the Weber and Putz approach to impossibility/disproportionality assessment). See the final text here.

European Blockchain Partnership: should consumer concerns be addressed?

On the 10th of April 22 Member States entered into the European Blockchain Partnership, pledging to cooperate and share technical and regulatory expertise and experience on the use of blockchain.

For many of us, it may be hard to understand what blockchain is. It is the best described as a database that stores and distributes information with the so called distributive ledger technology (see a very good paper by Bacon et al on Blockchain Demystified). In terms of its purpose, perhaps it is easier to think about blockchain as a technology akin to the internet. It operates differently, it is decentralized, and data integrity and reliability is said to be its the greatest advantages, but we as consumers, will probably use blockchain in a similar fashion like we use now the internet.

Blockchain is successfully used in the Fintech sector for example for the operation of cryptocurrency platforms like Bitcoin. As far as I now, currently there are not many direct applications where consumers would be able to make use of the blockchain technology. However, the new technology has huge potential, and according to the plans of the EU Commission, it will overtake almost all spheres of public and private lives. Blockchain is seen an integral part of the Digital Single Market.

The intersection of blockchain and consumer protection has not been greatly explored. As every innovation it can greatly benefit consumers. Blockchain is set to be particularly advantageous in terms of certainty and reliability that it provides for transactions, however, there may be hidden dangers and all sorts of new interesting legal questions that may not yet be apparent, such as those connected to the use of smart contracts. Traditional  grounds for consumer detriment such as information deficit may also appear in the new context, with new dimensions that regulators will need to consider.

The Commission's initiative to prompt EU-wide cooperation is welcomed. However, it should also make sure that consumer interests are in the forefront of the new initiatives. Do you see any particular aspects of consumer protection that should raise special concerns?

EP votes on the geo-blocking regulation

After a political agreement on the proposed regulation prohibiting unjustified geo-blocking had been reached in November last year, there was a general expectation that new rules will formally be adopted in early 2018. The first step was made today by the European Parliament, which approved the proposal in a plenary vote.

The new rules define three specific situations in which a different treatment of customers (consumers and businesses as end-users) from different Member States is considered unjustified and is therefore prohibited. These include:

• The sale of goods without a request to deliver them to a territory in which the trader does not operate (the customer orders a product and collects it at the trader's premises or organises delivery himself);
• The provision of (some) electronically supplied services, such as cloud, data warehousing, website hosting;
• The provision of services which are received by the customer in the country where the trader operates (e.g. hotel accommodation, car rental).

In the abovementioned circumstances customers across the EU should be able not only to access online interfaces directed to customers from other Member States and compare a wider range of offers, but also finalise transactions on conditions offered in those territories.

Contentious issues

An element which caused controversy from the very beginning related to the interface of the geo-blocking proposal with the provisions of private international law. In particular, concerns were raised that traders who decided to serve a consumer from another Member State, in compliance with new rules, would be considered to "direct their activities" to the country of that consumer, within the meaning of Article 6 of  Rome I and Article 17 of Brussels I regulation (recast). The text adopted today includes additional wording which aims to mitigate this risk (recital 13).

An even more controversial topic referred to the material scope of the proposal, especially the treatment of electronically supplied services providing access to copyright-protected content. Should, for example, Belgian customers be allowed to buy their Netflix or Spotify subscription for the price offered in the Polish market? This raised concerns not only about price arbitrage, but, more importantly, about the impact of such a solution on the territorial licensing schemes. And these points of criticism were even stronger than in the previous discussions on cross-border portability.

At this point it is worth recalling that audio-visual services were kept out of the scope of the Commission's proposal from the very beginning, even if, at the internal level, this choice was not entirely unanimous. The decision was explained by the need to establish consistency between the scope of the new measure and Article 20 of the Services Directive. Besides, the issue of digitally distributed AV content was to be addressed by the copyright package. 

Limitations of the scope of the act adopted today do not stop here, however. No dramatic change of the status quo is also expected with respect to services providing access to other copyright-protected content such as music (e.g. streaming services), literary works (e.g. e-books) or video games. Services of this kind have technically been kept within the remit of the act (thus falling under the provisions on automatic re-routing or payment methods), but have been excluded from its core access provision (Article 4). 

Concluding thought

The compromise reached in November and, consequently, the final draft must come as a relief to the creative industry. What is left for those hoping for a border-free access to copyrighted works - at least to the extent allowed by existing licensing arrangements - is a "review clause" requiring the Commission to assess, after two years, if the scope of the act should be extended. Until this happens, one can be advised to rather focus on the impact of the geo-blocking regulation - as it currently stands - on the e-commerce market (e.g. Rome&Brussels I litigation, developments in package delivery) as well as the on-going copyright reform, particularly the proposal on online transmissions.

The proposed geo-blocking regulation is now awaiting a vote in the Council and is expected to come into force later this year.

Digital content proposal extended to IoT

Last month we have reported on the updated proposals for the Directive on online and other distance sale of goods (Towards a more coherent...). This proposal is part of one package together with a proposal for a Directive on the supply of digital content. Last week, in the first reading at the European Parliament certain amendments have been introduced to this latter proposal (see here for the full text of amendments). 

One of the amendments changes the scope of the proposal by making it apply not only to the supply of the digital content but also explicitly to digital services. Amendment 11 clarifies that the Directive would also apply to dual purpose contracts. Amendment 14 leaves it to the Member States to regulate remedies for 'hidden defects' as well as to continue to provide for the short-term right to reject. 

One of the most controversial amendments is Amendment 18 which extends the scope of application of the Directive to smart goods (IoT) (further confirmed by Amendments 25 and 31). Whenever the digital content or digital services come pre-installed in goods, 'the trader should be liable under this Directive to the consumer for meeting his obligations only in respect of the embedded digital content or digital service. Liability for the other elements of those goods should be governed by the applicable law.' The same rules would apply to IoT goods purchased online and offline. Whilst the liability of producers and traders of software for IoT goods should then not extend to covering other elements of IoT goods, traders of IoT goods would be subject to the conditions of the proposed Directive which require digital content and digital services providers to guarantee a high standard of security and interoperability. The European Parliament considers these adjustments necessary to guarantee that the proposed Directive remains relevant when faced with the reality of the use of modern technology. Apparently, however, the Council is likely to object to these amendments (European Parliament pushes on IoT device security and interoperability). We will continue to observe the fate of these proposals.

Towards a more coherent European contract law (once again)? Major amendments to the sales proposal

Last Tuesday the Commission published an amended proposal for a directive on certain aspects concerning contracts for the (online and other distance) sales of goods, introducing far-reaching changes to the original file. Most importantly, the scope of the proposal was extended to cover face-to-face sales of goods, meaning that the European lawmakers are now looking into a much broader reform of consumer contract law. Like the original proposal, which extended only to distance sales, but unlike the currently applicable Directive 1999/44/EC, the amended proposal is based on a full harmonisation approach. Impact of such a fully harmonised set of rules is discussed in the Staff Working Document accompanying the proposal. Should the newly presented file go through, Directive 1999/44/EC on consumer sales would be repealed completely. 

The idea of having two distinct sets of contract rules for distance and face-to-face sales did not seem to sit well with anyone from the very beginning. A potential extension of the scope was already envisaged in late 2015, when the original proposal was tabled. Concerns with regard to the original file were also voiced by stakeholders and co-legislators. Indeed, up till now reports about the progress made in the European Parliament and the Council with regard to the sales proposal were not very encouraging. Much more attention seemed to be devoted to the second proposal adopted at the same time, concerning contracts for the supply of digital content. Analyses were nevertheless ongoing - for further reading see in particular the results of the Commission's REFIT exercise or the impact assessment carried out the the European Parliamentary Research Service. 

This is not to say that the amended proposal will not be a source of controversy. Past experience with regard to the harmonisation of European contract law shows that this is a very tricky ground. Even if the potential inconsistency between the rules applicable to different sales channels is now removed and material scope of the proposal is largely based on Directive 1999/44/EC, the full harmonisation approach is bound to raise concerns. Suffice it to recall that this was one of the key issues raised by BEUC with regard to the original proposal. Heated discussions concerning the particular solutions provided for in the proposal are thus to be expected.

E-commerce: consumer confidence grows significantly

Yesterday, the Commission published the 2017 edition of the Consumer Conditions Scoreboard. 

Next to the observation that the share of consumers buying online has pretty much doubled over the last 10 years (from 29.7% in 2007 to 55% in 2017), the most striking finding is that consumer trust has increased quite dramatically since the 2015 edition. The study records a 12 points increase of trust vis à vis "national" retailers and 21 points(!) improvement when ordering cross-borders. 

copyright European Union

The study also checked whether consumers were aware of certain key rights (right to return a product bought at distance within 14 days without giving any reason; right to a replacement and/or the repair of faulty products;  right to neither pay nor return unsolicited products) that they enjoyed when shopping online. Only 12% of the surveyed consumers gave correct answers in respect of all three rights, showing 3 points improvement compared to 2015.

While the study also investigated complaints and dispute resolution and paid some attention to the issue of vulnerability, the results are less striking in these areas. 

The full report can be downloaded here and a factsheet can be downloaded under yesterday's press release.

GDPR, e-Privacy and beyond (part 2): the struggle over privacy and data protection continues

The European Union has traditionally aimed to set comparably high standards of privacy and personal data protection. Indeed, the protection of personal data constitutes a fundamental right, enshrined in Article 8 of the Charter of Fundamental Rights and in Article 16(1) of the Treaty on the Functioning of the European Union. This part of the picture is also closely linked to the protection of privacy set out in Article 7 of the Charter. Therefore, it is not surprising that the question of personal data was already addressed in 1995, in a dedicated instrument, while the importance of confidentiality and anonymity was consequently underlined in the first "e-directives": on e-privacy and on e-commerce. At the same time, processing of personal and non-personal data is an element of the freedom to conduct a business and its free flow is crucial from the point of view of the internal market and international trade. All of these dimensions are, of course, highly relevant to the European consumers and have gained even more prominence in the era of digitalisation. 

Last year brought several major developments in that regard, with General Data Protection Regulation as a top highlight. While the GDPR is certainly a quantum leap, it is by no means the only measure which had spurred heated debates. Let us summarise the state of play. 

GDPR and e-Privacy 

Five years after first consultations about the need for a legal reform of personal data protection framework in Europe had been launched, a new instrument - General Data Protection Regulation - was finally adopted on 27 April 2016 and will soon replace the existing Directive 95/46/EC. The regulation entered into force on 24 May 2016 and will become directly applicable in all Member States from 25 May 2018 (see also our earlier post on this topic here). 

One of the important novelties concerns the act's extraterritorial reach. Applicablity of the European regime will no longer depend on “the use of equipment” situated in a Member State, but rather on the context and effects of the processing of personal data. The content of the GDPR largely builds upon the existing Data Protection Directive. The instrument strengthens the conditions for a valid consent and defines an age threshold for the consent of a child. More emphasis in placed on the rights of data subjects such as the right to information and access to one’s personal data as well as to rectification and restriction of the processing. Article 22 reiterates the right not to be subject to a measure based on automated data processing and explicitly clarifies that this includes profiling. Furthermore, the GDPR introduces a widely cited right to be forgotten and an equally important right of data portability. Rights of data subjects are correlated with respective obligations of data controllers and data processors, in accordance with the newly formulated principles of data protection ‘by design’ and ‘by default’. 

Throughout 2016 preparatory works on the review of the Directive 2002/58/EC on privacy and electronic communications were also carried out in order to ensure the consistency of this sector-specific instrument with the overall framework enshrined in the GDPR. As we have already reported, the proposed e-Privacy Regulation was eventually tabled on 10 January 2017. 

Apart from the shift in the legal form (from a directive to a directly binding regulation), the proposal provides for a number of substantive changes. A major difference concerns the scope of the measure, which would be extended to all electronic communications providers, i.e. not only telcos, but also over-the-top players. Requirements relating, among others, to the confidentiality of electronic communications, would therefore also apply to providers of services such as voice over IP or instant messaging (Skype, Whatsapp, Messenger). The proposal also clearly refers to machine-to-machine communications - a circumstance which, together with a broad definition of personal data in the GDPR, has not been warmly welcomed by the tech companies. Other novelties include an updated approach to cookies and enhanced protection against spam. With respect to the former, the Commission eventually opted against the principle of 'privacy by default' - a reason for relief for the industry. Emphasis is now placed on the availability of privacy settings in the relevant software applications (such as internet browsers) and not on the ubiquitous pop-up windows. The reform should further ensure terminological consistency not only between the GDPR and the e-Privacy Regulation, but also with the updated telecom framework. In the proposed e-Privacy Regulation itself, the concept of ‘electronic communications data’ was introduced, covering both content data and metadata. As before, electronic communications which remain under protection may contain both personal and non-personal data, for example data related to a legal person. From the Commission’s perspective, the new framework should ideally apply from the same day as the GDPR. 

As for now, preparatory works at the Council appear to be at a very early stage. The responsible committee in the European Parliament is the Civil Liberty, Justice and Home Affairs (LIBE). Two weeks ago the committee held a hearing to discuss the proposal. The plenary vote on the committee’s report is expected in October. 

Transatlantic dimension 

Further notheworthy developments refer to data transfers between the EU and the United States. This strand of the debate clearly shows that there is no single, universally recognised approach to data protection and privacy online. As seen from the efforts to ensure extraterritorial application of both GDPR and the proposed e-Privacy regulation, the European legislator would like to see its framework applied also where data of European citizens are processed outside the Union. A similar approach is observed with respect to cross-border data transfers. According to an established rule, dating back to the 1995 Data Protection Directive, personal data of the European citizens may only be transfered to third countries that ensure “an adequate level of protection”. In the United States, home country to the thriving tech industry, the European approach is often regarded as paternalistic. The importance of transatlantic data flows for the international trade forces European and American decision-makers to meet halfway. 

Until October 2015, transfers of personal data between the EU and the U.S. had been governed by the so-called Safe Harbour Decision. Following the Snowden revelations, the decision was, however, successfully challenged before the Court of Justice. In the widely cited Schrems case, the Court confirmed that the Commission's decision, and therefore the underlying agreement with its U.S. counterparts, failed to ensure that the level of personal data protection in the United States was “essentially equivalent” to the one guaranteed within the EU. After renegotiations a new agreement was reached and, in the decision of 12 July 2016, the European Commission reconfirmed the adequacy of the American framework. The so-called EU-U.S. Privacy Shield provides for a number of new safeguards, including the entirely new Ombudsperson mechanism, the functioning of which shall be monitored annually. 

As expected, a few months after the decision came into force, the Privacy Shield was challenged by privacy advocacy groups before the General Court. The Commission is naturally defending its compromise, but the stance taken by the new U.S. administration is not helping its case. Only last week the European Parliament adopted a resolution  voicing its concerns about new U.S. laws allowing National Security Agency to share diverse personal data with other agencies and criticising the rejection of the rules preventing unrestricted sharing of customers’ browsing data. While in the current resolution these issues are discussed only in the context of the Privacy Shield, one may wonder if similar concerns cannot be raised with respect to the Umbrella Agreement - another transatlantic agreement adopted last year, this time in the field of law enforcement. 

Have your say 

As seen from above, the wealth of issues and regulatory approaches to privacy and data protection as well as the pace of new developments are astonishing. Even where new rules have already been developed with all these needs and concerns in mind, they are likely to face criticism and require further modifications. Sceptics argue that the GDPR will be out-dated from day one. For what it's worth, European policy-makers appear to be aware that the struggles over privacy and data protection are bound continue. Most recently, the European Commission launched a series of public consultations as part of its Next Generation Internet Initiative. Over the coming weeks a number of questionnaires will be available online, allowing everyone to share their views. The first questionnaire, entitled “New technologies for disrupting the economy: business, employment and skills”, is available here. We invite our readers to have a say.

Putting an end to silos enforcement of consumer (data protection) rights?

Last month, BEUC and the European Data Protection Supervisor (EDPS) held a joint conference on the enforcement of fundamental rights- notably, the right to privacy- in the age of big data. 

BEUC urges all competent authorities to coordinate their actions and strategies in this field, putting an end to "silos" enforcement, which is unable to guarantee equal respect of consumer rights across policy areas. 

BEUC particularly welcomed the EDPS's recently published opinion on "coherent enforcement of fundamental rights in the age of big data", which contains a set of recommendations, Here an excerpt from the study summary:

"The EU institutions and bodies, and national authorities when implementing EU law, are required to uphold the rights and freedoms set out in the Charter of Fundamental Rights of the EU. Several of these provisions, including the rights to privacy and to the protection of personal data, freedom of expression and non-discrimination, are threatened by normative behaviour and standards that now prevail in cyberspace. The EU already has sufficient tools available for addressing market distortions that act against the interests of the individual and society in general. A number of practices in digital markets may infringe two or more applicable legal frameworks, each of which is underpinned by the notion of ‘fairness’. Like several studies in recent months, we are calling for more dialogue, lesson-learning and even collaboration between regulators of conduct in the digital environment. We also stress the need for the EU to create conditions online, as well as offline, in which the rights and freedoms of the Charter may thrive.

This Opinion therefore recommends establishing a Digital Clearing House for enforcement in the EU digital sector, a voluntary network of regulatory bodies to share information, voluntarily and within the bounds of their respective competences, about possible abuses in the digital ecosystem and the most effective way of tackling them. This should be supplemented by guidance on how regulators could coherently apply rules protecting the individual. We also recommend that the EU institutions with external experts explore the creation of a common area, a space on the web where, in line with the Charter, individuals are able to interact without being tracked. Finally, we recommend updating the rules on how authorities apply merger controls better to protect online privacy, personal information and freedom of expression."

According to the opinion, the Digital Single Market strategy represents a good opportunity for taking a more coherent approach. We will see whether the different actors involved will be willing to seize the chance!

Public consultation on the safety of apps and other non-embedded software

The EU Commission has recently launched a public consultation on the safety of apps and other non-embedded software. The consultation has opened on the 9 June 2016 and will close on the 15 September 2016. It aims to give the Commission a better understanding of the possible risks and problems that non-embedded software can pose and possible ways to deal with the problems. This could then define potential next steps and future policies at EU level.

The consultation focuses on the safety of apps and other non-embedded software. This means software and apps which are neither embedded nor contained in a tangible medium at the time of their placement in the market or supply to consumers. According to the Commission, good examples are health and well-being apps, digital models for 3D printing or apps controlling other devices such as electronic appliances. Importantly, the consultation concerns the safety aspects of apps and not the underlying service itself (for example if the app gives access to a service such as transport). Safety or safe use is understood as freedom from unacceptable danger, risk or harm, including security vulnerabilities (so called cyber security) and physical, economic and non-material damage.

Responses may be submitted on any EU language through the online questionnaire (available here).

Third DSM package adopted

On  25 May 2016 the European Commission adopted an extensive set of measures announced in the Digital Single Market Strategy.

The e-commerce package consists of:

1. Proposal for a regulation on addressing geo-blocking and other forms of discrimination based on customers' nationality, place of residence or place of establishment within the internal market
2. Proposal for a Regulation on cross-border parcel delivery services 
3. Proposal for a revision of the Consumer Protection Cooperation Regulation 
4. Guidance on the application of the Unfair Commercial Practices Directive

The content package includes:

1. Proposal for a revised Directive on audiovisual media services
2. Communication on online platforms and the Digital Single Market

Furthermore, on 2 June a communication on a European agenda for the collaborative economy was presented.

A more detailed description of the adopted measures with particular relevance to consumer law will follow shortly. 

A look into the future: What does 2016 hold for consumer law?

There is no doubt that 2015 was quite a busy year for the European institutions. In the light of considerable social, economical and political challenges faced by the EU these days, the European Commission under the presidency of Jean-Claude Juncker proclaimed that it would carefully choose its priorities and focus on feasible initiatives. While it is still too early to predict whether this approach will go beyond mere declarations, an overall policy stance can already be inferred from first two work programmes published under rather high-sounding titles: A New Start and No time for business as usual. Key objectives within ten priority areas have been defined and measures to be taken in order to reach them were announced. But what does this actually mean for consumers?

From the consumer law perspective three areas deserve particular attention:

• Measures designed to create a connected Digital Single Market
• Initiatives aimed to further deepen the internal market
• EU international trade policy, especially the Transatlantic Trade and Investment Partnership (TTIP), which is currently being negotiated by the EU and the USA

As we have already reported, first three legislative proposals implementing the Digital Single Market were presented on 9 December 2015. The first one deals with a fully novel issue of digital content (e.g. streaming music, purchasing e-books), while the second one builds upon the existing regulatory framework for online sales of goods. Both measures are seeking to fully harmonise several core aspects of online business-to-consumer sales of tangible goods and supply of digital content, including rules on pre-contractual information duties, consumer’s right to withdraw from the contract, conformity of goods and digital content as well as relevant remedies. Furthermore, a proposal for a regulation on ensuring the cross-border portability of online content services in the internal market was adopted.

In 2016 the Commission will surely try to further proceed with these measures. Its new approach to the European law-making shall ensure that the Digital Single Market strategy does not share the fate of the Common European Sales Law. Efforts are made to secure a common understanding with the European Parliament and the Council on key initiatives already at an early stage. Despite public concerns about the impact of such arrangements on the democratic process, an inter-institutional Agreement on Better Law-making has recently been finalised. Time will tell whether this approach will produce the desired results. In any case, it seems unlikely that the flagship measures implementing the Digital Single Market, which are by no means uncontroversial, will come into force in the nearest months. Also the Dutch Presidency in the Council seems to be taking a ‘wait and see’ attitude to this issue.

2016 will therefore rather be a time of intense discussions, public consultations and further legislative proposals. We may, among other things, expect a proposal aimed to bring an end to unjustified geo-blocking as well as other forms of discrimination on the basis of residence or nationality. Detailed information on the envisaged copyright reform should be presented shortly. Of particular interest are also measures, which have already been adopted in the previous years – such as Regulation 524/2013 on online dispute resolution for consumer disputes – or those at an advanced stage of adoption. It is worth noting that the European ODR platform has lately become operational and will be made available to consumers and traders on 15 February. While a faster and easier, Internet-based mechanism of resolving disputes between consumers and traders sounds like a good idea, much still needs to be done to ensure its reliability and promote its use among both parties to the contract. Furthermore, in the following months we will almost certainly witness a long-awaited reform of EU data protection law. Following the agreement reached in trilogue last month, it appears very likely that the final texts of General Data Protection Regulation and Data Protection Directive will be formally adopted in the first quarter of 2016.

From the consumer law perspective, particular attention should also be paid to the Commission’s Regulatory Fitness and Performance programme (REFIT), i.e. a systematic analysis whether the existing regulatory framework is fit for its purpose. According to the recently published roadmap, a substantial part of EU consumer law will be subject to evaluation within next 18 months, namely:

• Directive 2005/29/EC concerning unfair business-to-consumer commercial practices in the internal market (Unfair Commercial Practices Directive);
• Directive 1999/44/EC on certain aspects of the sale of consumer goods and associated guarantees (Sales and Guarantees Directive);
• Directive 93/13/EEC on unfair terms in consumer contracts (Unfair Contract Terms Directive).
• Directive 98/6/EC on consumer protection in the indication of the prices of products offered to consumers (Price Indication Directive);
• Directive 2006/114/EC concerning misleading and comparative advertising (Misleading and Comparative Advertising Directive);
• Directive 2009/22/EC on injunctions for the protection of consumers' interests (Injunctions Directive).

Additionally, Consumer Rights Directive 2011/83/EU and Regulation 2006/2004 on consumer protection cooperation are also expected to undergo separate evaluations in the coming months. During the first semester of 2016 public consultations on application of consumer legislation in Member States will be launched, which might well be a spark for another heated debate, reminiscent of the time when the Common European Sales Law was still on the agenda.

Without doubt 2016 will be a very exciting year in consumer law. Like every year, we will keep you posted about the most significant developments, so stay tuned!