Key Legal Developments
2020 will see important legal developments, particularly in the telecommunications and media space. The chief development in telecommunications will be the auction of frequencies for 5G networks, and legislation intended to restrict mergers and acquisitions of telecommunications companies. In media, the 2019 amendment to the Sat. Cab. Directive (93/83/EEC) will be implemented. Finally, the ECJ’s Tomkabinet ruling is highly relevant for the distribution of digital content in the Netherlands.
The introduction of 5G in the Netherlands
2020 will see the auction of the first 5G frequencies in the Netherlands. There are three primary advantages to this new technology. The first is enhanced mobile broadband, whereby the capacity of mobile networks and the user’s maximum data transmission speeds will be increased. The second is improving machine-to-machine communication by increasing the number of devices that can be connected within an area to support Internet of Things applications. Finally, the reliability and security of networks will improve, making new services possible in health care, among others.
The Dutch government will auction frequencies in the 700 MHz, 1400 Mhz and 2100 MHz bands in the second quarter of 2020. After 2022, the Dutch government expects to carry out a spectrum auction for frequencies in the 3.5 GHz band. This band is currently being used for satellite communications by Dutch intelligence services. The largest operators of the country – KPN, Vodafone Ziggo and T-Mobile Netherlands – are all likely to take part in the auction. During the auction, no official information will be publicly shared about the bidding process. After the auction is completed, the winners’ names and the bidding process will be made public. The minimum revenue of the auction is estimated at EUR900 million.
Some main principles for the auction are already known. One example is that only 40% of the frequencies may be owned by one operator, to ensure fair competition. It is also expected that high security standards will be required for service and product vendors. In addition, the Dutch government has been working on measures to protect telecommunication services from threats such as espionage and sabotage.
For more information on these trends in security and cyber sovereignty, please refer to the macrotrends overview below.
Legislative proposal of the Unwanted Control Telecommunication Act
In December 2019, a draft of the Dutch Unwanted Control Telecommunication Act (WOZT) was introduced to protect Dutch telecoms companies from a change of control. One of the goals of this draft act is to implement the obligations of Regulation (EU) 2019/452 on establishing a framework for the screening of foreign direct investments into the European Union.
The WOZT will grant the Minister of Economic Affairs and Climate Policy the power to take measures if a change of control results in “relevant influence in the telecommunications sector”. It will provide the Minister with powers to block or reverse any potentially undesirable (friendly or hostile) takeover bids or any investments leading to predominant control in a telecommunications party in the Netherlands. The proposed legislation includes internet, mobile and fixed telephone providers, companies that offer other vital services such as internet exchange points, data centres, hosting services and other services that are important for the continuity, reliability and safety of telecom services and infrastructure.
A party, either national or foreign, wishing to take over or invest in a telecommunications party must give prior notice to the Ministry of Economic Affairs and Climate Policy if certain thresholds have been met. In case of a public offering regarding a listed telecommunications party, the aforementioned notice must be made at the time of the announcement of the public offering, at the latest. A notice is obligatory if the telecommunications party in which predominant control is obtained meets one or more of the following important thresholds:
The government may add categories by decree.
After the notice, the Minister must decide within eight weeks if he will prohibit the transaction. If required, he can extend this by an additional six months, in which case parties can move forward with the transaction but with a risk that it may be reversed if the Minister concludes that there is a threat to the public interest. If the parties involved have the option to choose the jurisdiction in which they will give notice of a takeover or investment, the Netherlands is a good option as its time frames are much shorter than those of many other countries.
Implementation of the amended Sat. Cab. Directive
In 1993 the Sat. Cab. Directive was adopted, regulating the secondary communication to the public by means of satellite transmission and cable transmission of copyrighted works in broadcast signals. For this secondary making available to the public, the consent of the copyright owner was required.
As a result of new technology and ECJ case law, the Sat. Cab. Directive needed to be amended. For instance, the online distribution of programs needed to be regulated, and the secondary communication to the public through cable does not exist anymore. Last but not least, the ECJ decided in 2015 that the direct injection of television signals does not constitute a making available to the public at all.
The amended Sat. Cab. Directive was adopted on 17 April 2019 by the European Parliament and the Council, and is to be implemented on 7 June 2021. On 11 September 2019, the draft amendment of, amongst other acts, the Copyright Act implementing the Directive (EU) 2019/789 was published by the Ministry of Security and Justice.
The draft introduces a new article 47c in the Copyright Act. In principle, for online broadcasting the consent of the collecting societies in all EU countries is required. This new article contains "the country of origin principle" for copyrighted works used in certain online broadcasting support services, which means that publishing of content in the context of online support services by a broadcaster is deemed to take place in the country of origin of the broadcaster only. The principle applies to copyrighted works in online services that support radio and television programmes on news or current affairs, and television programmes of the broadcaster that are fully funded by the broadcaster. As a result, the consent for the online broadcasting in all EU countries can be obtained from the collecting society in just one EU country: the country of origin of the broadcaster.
Secondly, the draft act requires mandatory collective management for the transmission of copyright protected works in radio and television programmes by a party other than the broadcaster. As a result, the rights relating to the transmission of programmes by a party other than the broadcaster can only be exercised collectively. In this context, transmission means a simultaneous, unaltered and integral transfer of a broadcast (by wire or over the air, including satellite broadcasting). Programmes that are (only) broadcasted online are not covered by the mandatory collective management regime. To achieve this, article 12 of the Copyright Act and article 26a of the Copyright Act will be amended.
Finally, the draft act introduces a regulation for broadcasting copyright-protected works in radio and television programmes by means of direct injection, which is defined in a new article of the Copyright Act. An action is deemed to be qualified as "direct injection" if a broadcaster provides the programme-carrying signals directly to the person who handles the transmission to the public by wire or other means without broadcasting the signals to the public itself. The new article 26cc of the Copyright Act imposes mandatory collective management for direct injection; the broadcaster and the company taking care of transmission of the programme-carrying signals to the public are jointly responsible for the use of copyright-protected works in these signals.
The draft will be a topic of discussion in Dutch parliament in 2020.
European Court of Justice’s landmark decision on the resale of e-books
The ECJ issued a landmark decision on 19 December 2019 that effectively restricts the resale of legally purchased e-books. The case involved the Dutch company Tom Kabinet and the Dutch Publishers Society. Tom Kabinet offered second hand e-books for sale through a “Book Club”. The e-books were either purchased by Tom Kabinet or donated by members of the club. Members who donated e-books provided a download link together with a statement that the donor had not previously made a copy of the e-book.
In preliminary questions to the ECJ, the District Court of The Hague asked whether the first sale of the e-book “exhausted” the rights of the copyright owner within the meaning of Article 4 of the Copyright Directive, or whether the use of a download link to effect the sale had made the work available to the public within the meaning of Article 3 of the Copyright Directive, thus precluding any exhaustion of rights.
The ECJ ruled that resale to the public by downloading an e-book, for permanent use, is covered by the concept of "communication to the public" and, more specifically, by that of "making available to the public of authors’ works" within the meaning of Article 3 of the Copyright Directive. Accordingly, author consent was required for the resale at issue in Tom Kabinet.
This decision is noteworthy because the ECJ ruled in the 2012 Oracle/UsedSoft case that the right of distribution of a copy of a computer program is exhausted where the downloading of a computer program from the internet was authorised by the copyright owner. In that case, Oracle distributed a computer program with a licence to use the program for an unlimited period of time. UsedSoft offered existing “used” licences for sale. Customers who bought an already-used licence from UsedSoft downloaded a copy of the computer program from Oracle’s website. The ECJ ruled that this practice was permissible because Oracle’s rights had already been exhausted. This raised the question of whether the same principle should also apply to other works distributed over the internet, such as music, movies and e-books.
It now seems that this is not the case, which has major implications for the types of business models that are permissible in digital media and software. Moreover, the case points to a devaluation of digital goods, turning them into goods that for most intents and purposes are not truly owned.
In addition to these key legal developments, there are several macrotrends emerging in the Netherlands that will affect the business environment, including an increasing interest in security and cyberspace sovereignty, growing dissatisfaction and antagonism against Big Tech, and strong concerns about mass data collection and artificial intelligence.
Security and cyberspace sovereignty
Starting with Stuxnet, it has become increasingly apparent that state actors are growing their cyberspace capabilities and are more and more willing to employ those techniques against other states. At the same time, attacks by private actors have rapidly increased in sophistication, graduating from incidental and haphazard attacks to targeted, persistent attacks on high-value data. This development has run apace with a rapidly increasing centralisation of processing power and data storage, including for government entities, with a limited number of US cloud service providers. These companies have thus far shown themselves at times unable and at times unwilling to adequately protect their systems against advanced persistent threats.
In 2019, the debate around cybersecurity reached a fever-pitch in the Netherlands, with a particularly salient example around year-end: a major Dutch University was forced to close its campus following a ransomware attack for weeks. It paid a ransom in the range of EUR300,000 to regain access to its systems.
The debate around cybersovereignty (the ability and right of a state to maintain sovereignty in cyberspace) has also grown in importance and seriousness, resulting for instance in a spate of concerned and critical articles following the acquisition of data centre providers by foreign data centre companies.
Key legal developments springing from this trend include the forthcoming legislation to protect telecommunications companies from mergers and acquisitions (WOTZ), as discussed above. A further development of interest in this respect is the issuance of a general administrative order that seems specifically intended to be able to prevent Huawei from providing 5G equipment in the Netherlands. On 5 December 2019, a general administrative order was issued pursuant to which, amongst other things, the Minister of Justice may give an order to a provider of telecommunications networks or services to not procure or replace hardware, software or services used in their networks or ancillary facilities. The order may be given with respect to products and services provided by an entity, or by an entity under its influence, with respect to which there are grounds to believe that it intends to disrupt or misuse a telecommunications network available in the Netherlands. Though not specified in parliamentary documents, the order is widely believed to have been created to give the Dutch government the ability to bar the use of Huawei equipment in upcoming 5G networks.
In a further development of interest, the Minister of Foreign Affairs provided a brief on the application of International Law to the digital domain to the Dutch house of commons. The brief was requested following a debate on Russian cyber espionage and a motion by the house of commons requesting an overview of current initiatives to strengthen the international legal order in the digital domain. In brief, the Netherlands takes the view that the actual effects of cyberspace activities should be interpreted in the same manner as if they were caused by intervention outside the digital realm. The Netherlands also explicitly states that it aims to safeguard the internet as a liberal, open and trustworthy sphere for public activity, and is actively participating and supporting a variety of initiatives on this front.
A final notable development is political and public support for the creation of European alternatives to US tech companies. Angela Merkel (DE) and Emmanuelle Macron (FR) launched the GAIA-X initiative to create European alternatives to US cloud services providers. The initiative was received enthusiastically by Dutch industry, and several representatives in the house of commons have indicated that they support the initiative. The Dutch cabinet has thus far not committed, but has indicated that it is investigating the proposal.
Overall, these legislative and political activities underwrite a trend towards a more realpolitik-based view on security and cyberspace. Tech firms hoping to do business in the Netherlands should take account of this more critical view of their activities, and should come prepared with answers on tough questions regarding security, control and access of foreign governments.
Dissatisfaction with Big Tech
2019 has seen a shift in public opinion in the Netherlands on Big Tech, and politicians have been picking up on the sentiment. At the end of 2019, a series of ten highly critical articles in the Dutch Financial Times dominated the debate.
Major software companies such as Oracle were panned as abusing their market power to force organisations into unfair contracts and high settlements for alleged under-licensing. Growing concerns were also voiced in respect of the use of Big Tech’s cloud services where personal data is concerned, with for example Dutch healthcare providers’ intention to start using cloud services leading to public criticism. At the same time, large platform companies such as Uber, Deliveroo and homegrown platforms such as Helpling are facing close scrutiny in respect of their treatment of workers.
Early legal developments following on from these trends include an ongoing discussion on antitrust measures that might be taken against tech companies, a cautious push towards co-ordination and organisation among customers of IT companies when contracting, and a number of lawsuits being brought against platform companies around worker rights.
In respect of antitrust, the Dutch government has taken the position that existing antitrust law already provides a set of tools it can use to manage Big Tech companies’ potential market distortions, and that specific changes to enforcement should be taken in step with the EU. The Dutch government has submitted proposals to that effect, including a proposal to use preventative measures against distorted markets where possible, rather than repressive measures. The key take-away overall is that the Dutch government underwrites tougher antitrust scrutiny of tech firms, but views this as an area for EU co-operation.
At the same time, in the private sector there are calls for more co-operation between enterprise customers in order to create more leverage in commercial and legal negotiations with Big Tech suppliers. More of this is expected in 2020.
With respect to workers of platform companies, the house of commons has debated extensively on the qualification of their relationship with personnel. The debate focuses on whether the current legal framework is suitable to assess these relationships. The question regarding the qualification of the underlying relationship of platform workers was subject to two interesting lower court decisions in 2019.
In the case of Deliveroo, an online platform for food services, the court ruled that the underlying relationship of the independent riders qualifies as an employment agreement. This decision is remarkable, as it directly contradicts an earlier case in 2018, where the same court ruled that a Deliveroo courier was an independent contractor, despite the same underlying system, in principle, being assessed by the court. The difference between the 2018 and 2019 case is that the 2018 case concerned the qualification of the contract of one rider, so that the individual execution of the contract could be assessed, whereas the 2019 case was initiated by a trade union that requested a general declaratory decision, which led to a more general assessment of the system of Deliveroo. In the 2018 case, the judge ruled that the rider had significant freedom, whereas in the 2019 case the court ruled that, although couriers have significant freedom on paper (eg, couriers may choose when and if they work, may engage replacements and may choose what mode of transport they use for deliveries), this freedom is illusory. The 2019 case is currently pending at the court of appeal and will probably provide more clarity on the working relationships of platform workers in general.
On the other hand, Helpling (a platform bringing together supply and demand for cleaning professionals) was found to be dealing with its personnel as independent contractors. The facilities created by Helpling do not qualify as employers’ authority but solely facilitate the services. The court rulings show that judges struggle with the qualification of the relationship between a platform and its personnel. They also show that these cases must be assessed on a case-by-case basis.
Overall, we note that government and thought leaders remain pro-tech, but tech business models are no longer being given a free pass. Companies in this space should start taking more care to understand the regulatory environment affecting them and to enter into dialogues, and should no longer assume the benefit of the doubt will be given.
Concerns on Mass Data Collection and AI
The Dutch public has long been neutral towards the mass collection of personal data and the automated processing thereof, but a public debate on these topics is developing rapidly. Both policymakers and the public have started grappling with the risks involved.
Noteworthy early developments springing from this are the Dutch government’s landmark agreement with Microsoft to make Office365 and other online services GDPR-compliant, both legally and technically. This agreement caught worldwide attention and caused changes in Microsoft’s Online Service Terms. Since it only applies to the use of Microsoft’s online services by 350,000 civil servants of the central government, the expectation is that more similar agreements will be negotiated with Microsoft and other suppliers in 2020.
A further relevant legal development is the Data Protection Authority’s agenda for 2020-2023, in which it has specified that it will be focusing enforcement efforts specifically on data brokering and the use of A.I. and algorithms. Within data brokering, the DPA will focus on the following:
Within A.I., the key focus area will be the development of an effective regulatory oversight mechanism within the framework of the GDPR. In particular, the DPA will strive to create a framework that safeguards organisations employing A.I. being able to explain the way their algorithms produce results and being able to argue why those results are legitimate, and providing adequate procedures to contest any such results. This is similar to the approach to A.I. and algorithms of the Dutch Central Bank and the Authority for the Financial Markets in the regulatory oversight of fintech companies.
Overall, we believe the next years will be formative for case law and legislation around data privacy and A.I. Companies in this space have an opportunity to help shape the regulatory environment on these topics and would do well to make use of that, while also taking care to earn the public’s trust and confidence.
Developments in Business
With respect to businesses and their use of TMT, 2019 showed a continuation of existing trends in service delivery models and the slow but steady adoption of new technology.
Trends in business models
Key continuing trends are the transition to as-a-service solutions and cloud-based models for infrastructure provisions. As more solutions are becoming available as a service, the role of IT departments is increasingly under pressure; service providers are increasingly able to work directly with the business within the customer. Similarly, service and architecture integration services for IT departments are also becoming increasingly important, now that customers are working with an ever-larger number of vendors.
From a legal perspective, classic waterfall contracts and SLAs are becoming less common as parties continue to move to agile working and DevOps methodologies. Procurement departments are, therefore, required to change their approach, but are struggling to do so.
Key technologies in TMT that companies are looking to integrate into their business models are primarily A.I. and analytics. There is also growing interest in automated vehicles and other forms of advanced robotics, as well as some relatively newer developments, such as low-code platforms.
The Netherlands’ outsized financial services sector continues to see many fintechs settle in the country, due to the attractive business environment and tax regime, and partly because of Brexit. Dutch regulators continue to support their innovation through initiatives such as the "iForum", which is aimed at improving interaction and co-operation with the technology sector. Blockchain/smart contracts remain at the cutting edge from a technical perspective, but the importance of these technologies is negligible compared to the impact of more germane technological developments such as the increasing use of algorithms in decision making. This may change soon due to an increase in professional offerings from reputable providers.
In respect of new technologies, customers are increasingly struggling to build up internal capabilities to employ these new technologies effectively and, as a result, are relying more on third party service providers.
1017 PS Amsterdam
+31 20 301 7300www.gtlaw.com