Message 001
Communication from the Commission - TRIS/(2023) 1729
Directive (EU) 2015/1535
Notification: 2023/0352/FR
Notification of a draft text from a Member State
Notification – Notification – Notifzierung – Нотификация – Oznámení – Notifikation – Γνωστοποίηση – Notificación – Teavitamine – Ilmoitus – Obavijest – Bejelentés – Notifica – Pranešimas – Paziņojums – Notifika – Kennisgeving – Zawiadomienie – Notificação – Notificare – Oznámenie – Obvestilo – Anmälan – Fógra a thabhairt
Does not open the delays - N'ouvre pas de délai - Kein Fristbeginn - Не се предвижда период на прекъсване - Nezahajuje prodlení - Fristerne indledes ikke - Καμμία έναρξη προθεσμίας - No abre el plazo - Viivituste perioodi ei avata - Määräaika ei ala tästä - Ne otvara razdoblje kašnjenja - Nem nyitja meg a késéseket - Non fa decorrere la mora - Atidėjimai nepradedami - Atlikšanas laikposms nesākas - Ma jiftaħx il-perijodi ta’ dewmien - Geen termijnbegin - Nie otwiera opóźnień - Não inicia o prazo - Nu deschide perioadele de stagnare - Nezačína oneskorenia - Ne uvaja zamud - Inleder ingen frist - Ní osclaíonn sé na moilleanna
MSG: 20231729.EN
1. MSG 001 IND 2023 0352 FR EN 07-06-2023 FR NOTIF
2. France
3A. Ministères économiques et financiers
Direction générale des entreprises
SCIDE/SQUALPI - Pôle Normalisation et réglementation des produits
Bât. Sieyès -Teledoc 143
61, Bd Vincent Auriol
75703 PARIS Cedex 13
3B. Ministère de l'économie, des finances et de la souveraineté industrielle et numérique
Direction générale des entreprises
SEN - Pôle Régulation des Plateformes Numériques
Bât. Necker -Teledoc 767
120 Rue de Bercy
75012 PARIS
4. 2023/0352/FR - SERV60 - Internet services
5. Ministry of Economy, Finance and Industrial and Digital Sovereignty
Directorate-General for Enterprises
SEN – Digital Platforms Regulation Centre
Bât. Necker -Teledoc 767
120 Rue de Bercy
75012 PARIS
6. Information Society Services
7.
8. Article 1 of the draft law to secure and regulate the digital space – hereinafter referred to as the SREN draft law - confers on the Regulatory Authority for Audiovisual and Digital Communication (Arcom) the task of developing a binding repository setting out the technical requirements to be met by age verification systems set up for access to sites containing pornographic content, with regard to the reliability of age verification of users and the respect of their privacy. Arcom may impose a pecuniary penalty in case of non-compliance with this repository.
Article 2 gives Arcom an administrative injunction power against infringing pornographic sites. The Article also provides for the possibility for Arcom, in the event that the contentious sites do not comply with these injunctions, to order Internet access providers to block access to these sites, without being obliged, as was the case before, to have that injunction issued by the judge. This Article also enables Arcom to require search engines and directories to delist these sites. Finally, the Article provides for the possibility for Arcom to impose pecuniary penalties in the event of non-compliance with their obligations by these actors.
Article 3, like the existing provisions on the removal of terrorist content, creates an obligation for hosting providers to remove child pornography content, by injunction of the administrative authority, within 24 hours. Failure to comply with this withdrawal obligation is punishable by law.
Article 4 extends Arcom’s powers to implement European restrictive media measures, including broadcasting bans, to new operators: on the one hand, publishers and distributors of audiovisual communication services, satellite network operators and their technical providers, and on the other hand, online pubic communication services.
Article 5 provides that the judge, when convicting a person for online hate, cyberbullying, or other serious offences, may impose a further penalty of suspending the account of access to the online platform service used to commit such offences. This Article also provides that the platform service provider will have to implement measures to block any other accounts held by the party concerned and prevent the creation of new accounts by the same person.
Article 6 concerns the deployment of a national cyber security filter for the general public to alert Internet users via the display of a warning message in their browser when they wish to access an internet address for which there is a proven risk of fraud or scam, in particular with regard to their personal data. Malicious cyber sites will be identified by authorised officials of the administrative authority under the supervision of an independent qualified person attached to the French Data Protection Authority (CNIL). When the facts persist beyond a period of 7 days or when the publisher of the service associated with the internet address is not identifiable, the administrative authority may request internet service providers, domain name resolution system providers and internet browser providers to take any action to prevent access to the site.
Article 7 lays down the principle of a guideline for business practices of offering cloud computing assets to user companies, as regards their validity period and renewal conditions, and prohibits the practice of charging user companies a fee for the transfer of their data to their own infrastructure or those of third-party providers. A sunset clause is provided for in the draft law.
Article 8 establishes the obligation for cloud computing service providers to ensure the conditions for the portability and interoperability of their services with third-party services. A sunset clause is provided for in the draft law.
Article 9 provides, in order to ensure the implementation of the portability and interoperability requirements referred to in Article 8, that the Electronic Communications, Postal and Print media distribution Regulatory Authority (Arcep) may specify the rules and conditions for the implementation of these requirements, in particular through the enactment of open interoperability and portability specifications. Article 9 will also promote transparency on supplier practices through an obligation to publish a technical reference offer detailing the implementation of these requirements.
Article 10 provides that the control of the system resulting from Articles 8 and 9 is entrusted to Arcep and establishes the powers of investigation and access to the data necessary for this purpose. Arcep will also have the power to resolve disputes over the interoperability of cloud computing services.
The purpose of Article 17 is the generalisation of a system for the centralisation of tourist furnished lodgings rental data to be transmitted to municipalities by digital platform operators. This system aims to facilitate, through the creation of a platform for the centralisation of information, the transmission of data provided for in the Tourism Code between digital platforms for renting tourist furnished lodgings and municipalities, particularly in order to allow the monitoring of compliance with the regulation limiting the rental of main residences to 120 days per year.
Article 36 provides for sunset clauses.
9. The draft law carries important political priorities of the French government and structuring measures to address several sensitive digital issues.
Article 1 ensures that users wishing to access pornographic content published by an online public communication service are adults. Thus, only adults will henceforth have access to sites with pornographic content through an age verification system that will strengthen everyone’s privacy.
Article 2 strengthens Arcom’s powers of intervention in the fight against access of minors to sites with pornographic content. These provisions are likely to greatly facilitate Arcom’s monitoring tasks, which are currently forced to use bailiffs to address these concerns, and will enable to secure and increase efficiency and speed in the collection of evidence in the context of the procedure for blocking pornographic sites.
Article 3 strengthens the fight against the broadcast of child pornography content.
Article 4 enables to ensure that operators concerned by the European restrictive measures are prohibited from broadcasting.
Article 5 enables to limit repetition of cyberbullying offences after conviction.
The system, defined in Article 6, aims to protect citizens from phishing attempts and to reduce the risks of financial scams (counterfeit payments), identity theft, the misuse of personal data for malicious purposes or the collection of personal data through fraudulent, unfair or unlawful means.
Article 7 aims to regulate certain business practices that are currently prevalent in the cloud services market that alter freedom of choice and competition when a company wishes to contract with a cloud computing services provider or change the provider. The provisions address the twofold problem of lock-in of users within the environment of their first provider: business users are strongly encouraged to conclude a contract with providers that offer them cloud computing assets, and then become captive to these first providers because of the commercial and technical barriers to portability and interoperability. In particular, these providers may then charge high tariffs, based on the impediment to migration represented by the fees charged for data transfer, which are unrelated to the actual cost of the operation, as well as by the lack of technical interoperability with third-party services offered by other providers or developed by users.
Article 8 will make it easier for business users to migrate to more competitive offers, or to use several third-party services simultaneously, and will encourage the development of European offers. Today, companies that are customers of cloud computing service providers are generally technologically captive to solutions they first purchase, since these solutions do not offer the possibility of being gradually made compatible with third-party solutions.
Articles 9 and 10 ensure the relevant governance and application of the provisions described in Articles 7 and 8.
Article 17 consists in sustaining and extending the trial of an application programming interface known as furnished API, which has proved to be a success. Unlike the current situation where each municipality has to contact each digital operator to retrieve data relating to furnished rentals, this centralisation platform will become the single point of contact for these operators and the communities concerned.
10. References to basic texts: There are no reference texts
11. No
12.
13. No
14. No
15. No
16.
TBT aspects: No
SPS aspects: No
**********
European Commission
Contact point Directive (EU) 2015/1535
email: grow-dir2015-1535-central@ec.europa.eu