Despite the hype ISP adblocking is a no-go in Europe
Several UK internet service providers are signalling their interest in blocking advertising across their network. Despite the hype this is a non-starter. A new EU regulation will make this impossible, and ISPs will not be able to fudge the issue by giving users an opt-in.
It is not particularly difficult for an internet service provider (ISP) to block ads on its network – despite what vendors of ISP adblocking technology would suggest. ISPs have done it before. In January 2013 the second biggest ISP in France, Free, blocked ads for a week by pushing an update to home routers.[1. This only affected homes with the ISP’s latest “Freebox” router, about half of Free’s subscribers.] Within a week, however, a government minister had intervened and Free changed its blocking scheme from a default option to one that users had to opt-in to.
There were calls for widespread ISP blocking before this. In the mid 2000s, for example, a wave of concern about domestic security in Europe prompted calls for censorship of the Web at the service provider level. In 2007 my argument to the contrary became the most cited source in the European Commission’s own impact assessment deciding against pursuit of Web censorship across the EU.
Now there is a renewed interest in ISP adblocking as a default option following announcements by UK ISPs O2 and EE, and Digicel‘s recent introduction of adblocking on its Caribbean network. Note that EE and O2 already operate parental blocks on age-restricted content.
Digicel’s announcement explicitly refers to adblocking as a tool to force “companies like Google, Yahoo and Facebook to enter into revenue sharing agreements”. The UK ISPs are understandably also attracted to the idea of using adblocking on their networks as a new bargaining chip with which to force Google and other advertising companies to share revenue with them.[2. despite EE and O2 having signed the an “Open Internet Code” that refers to a “general principle that legal content, applications and services, or categories thereof should not be blocked”. See the UK Broadband Stakeholder Group’s Open internet code of practice: voluntary code of practice supporting access to legal services and safeguarding against negative discrimination on the open internet, p. 4.]
However, advertisers and publishers need not fear because new network neutrality rules will make ISP adblocking illegal across the EU by the end of 2016. This fairly robust position on network neutrality was not inevitable. The first version of the Telecommunications Single Market Regulation was proposed by the European Commission in September 2013. Successive drafts emerged from fraught negotiations between the Commission, the Council of Ministers (of Member State governments), and the European Parliament.
Joe McNamee, Executive Director of European Digital Rights (EDRi), believes the negotiation was so difficult because the regulation includes an end to roaming, which the Parliament was very eager to see adopted. The Council of Ministers felt it could pressure the Parliament to accept weaker net neutrality proposals or risk taking the blame for failing to end roaming. “The Council refused all meaningful discussion for four months”, McNamee says. Read EDRi’s analysis of the turbulent process that led to the final draft of the regulation, which was approved in a vote at the European Parliament in late October.
New EU rules
The result is good news for advertisers: The new Telecommunications Single Market Regulation will make it impossible for ISPs across the EU to block content unless national or European legislation has provided otherwise. The final text of the new regulation states that:
“providers of internet access shall treat all traffic equally, when providing internet access services, without discrimination, restriction or interference, and irrespective of the sender and receiver, the content accessed or distributed, the applications or services users or provided, or the terminal equipment used.” [4. Telecommunications Single Market Regulation, article 3, paragraph 3. Note: you can download the text here.]
The regulation does permit ISPs to “implement reasonable traffic management measures”. [5. ibid., article 3, subparagraph 2] However, these must be “transparent, non-discriminatory and proportionate, and shall not be based on commercial considerations but on objectively different technical quality of service requirements of specific categories of traffic”. Moreover, in doing so the ISPs “shall not monitor the specific content” and the measures “shall not be maintained for longer than necessary”.
European regulations include parts called recitals, which are preambles that explain the logic of the regulation. Paragraph 15 of the recital elaborates on what ISPs can and can not do when managing traffic:
“The need to apply traffic management measures going beyond the reasonable traffic management measures in order to prevent or mitigate the effects of temporary or exceptional network congestion should not give providers of internet access services the possibility to circumvent the general prohibition on blocking, slowing down, altering, restricting, interfering with, degrading or discriminating between specific content, applications or services, or specific categories thereof.”[6. ibid., paragraph 15, subparagraph 2]
In other words, blocking is not permitted.
The regulation was criticised for not adequately protecting network neutrality, but its protections appear to be tightly defined where adblocking is concerned. It permits three exceptions under which ISPs can discriminate between traffic.[8. ibid., article 2, subparagraph 3] These exceptions do not offer good grounds for adblocking.
The first exception arises where the EU or a national government legislates to explicitly permit ISP blocking.[9. ibid., paragraph 13] One can anticipate, for example, that the UK government will legislate to permit the CleanFeed programme of ISP blocking of websites considered “child abuse material” [10. categorisation of which was made part of the EU legal framework in the 2011 Child Exploitation Directive] to continue.
The second exception refers to measures to “protect the integrity and security of the network”, including cyber attack and spyware.[10. Telecommunications Single Market Regulation, paragraph 14] This exception raises the remarkable prospect that the very same ISPs who once dealt with companies like Phorm to snoop on their own subscribers might now refer to malvertising and advertising-based data snooping as a rationale for an exception. However, ISPs could not use this to implement ongoing adblocking because the exception says that any measures taken shall be of only limited duration.[11. ibid., article 3, paragraph 3, subparagraph 3]
The third exception concerns measures to “prevent impending network congestion”.[12. ibid., paragraph 15] This applies to “specific situations of short duration”, and the recital gives the example of a service outage as a result of broken cables. The regulation explicitly states that this exception “should not give providers of internet access services the possibility to circumvent the general prohibition on blocking” and other discriminatory measures. The paragraph ends by putting the onus on ISPs to solve their own congestion problems: “Recurrent and more long-lasting network congestion which is neither exceptional nor temporary should not benefit from that exception but should rather be tackled through expansion of network capacity”.
Opt-in is not an option.
Since they can not block by default some ISPs may be tempted to ask consumers to opt-in to blocking. However this also raises two problems for the ISP.
First, to block advertising traffic an ISP would first have to monitor the traffic in some manner in order to distinguish ads from the rest of the content being downloaded. This is forbidden under the new regulation.[4. ibid., article 3, paragraph 3, subparagraph 2]
Indeed, as recently as 2011 European ISPs argued at the European Court of Justice that monitoring traffic would threaten their subscribers’ privacy. The Court agreed, and found that active monitoring by ISPs of internet users’ traffic would both contravene the E-Commerce Directive and infringe on the right to privacy and to freedom of expression.[4. See Judgment of the Court (Third Chamber) of 24 November 2011. Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM).]
Second – the ECJ’s decision notwithstanding – is the issue of consent. If the prohibition on monitoring could be circumvented by seeking an Internet service subscriber’s consent then a further problem arises according to legal expert TJ McIntyre: In a world where a single subscriber’s network router often serves several users over a wide area, who can give the required consent for personal communications to be monitored by the ISP? The subscriber or the user? Consent would have to be given by all adult users of the connection whose communications were being monitored. This is a major obstacle at the very least.
What happens next:
The EU electronic communications regulator, BEREC, will review the regulation and advise Member States on how to implement it.
The implementation of some aspects of the regulation remain subject of discussion. BEREC held a stakeholder dialogue in late November querying interpretations of several terms in the regulation – but not blocking. The regulation is clear on that issue, and makes explicit reference to “the negative impact on end-user choice and innovation of blocking”.[7.Telecommunications Single Market Regulation, paragraph 11]
- BEREC will publish draft net neutrality guidelines for public consultation after its plenary in June 2016.
- BEREC will issue its implementation guidelines on or before 30 August 2016.
- The new rules are due to enter into force on 30 April 2016.
- The new rules will have impact in Member States by 31 December 2016.
- The European Commission will review the regulation’s network neutrality provisions in 2019, and every four years thereafter.