The European Parliament adopted a legislative resolution approving the Council position at first reading with a view to the adoption of a regulation of the European Parliament and of the Council on addressing the dissemination of terrorist content online.

The proposed regulation establishes uniform rules to combat the misuse of hosting services for the dissemination of terrorist content online. It will provide Member States with additional tools to ensure the swift removal of terrorist content if necessary. It will apply to hosting service providers offering services in the EU, irrespective of their principal place of business, insofar as they disseminate information to the public.

In particular, the new Regulation provides for the following:

- the possibility for the competent authorities of the Member States to issue removal orders requiring hosting service providers to remove or block access to terrorist content in all Member States. These providers will then have to remove the content or block access to it within one hour;

- strengthening the role of the host Member State with regard to removal orders with cross-border implications through the introduction of a scrutiny procedure;

- the obligation for hosting service providers to take specific, reasonable and proportionate measures to protect their services against the dissemination of terrorist content online, the choice of such measures being left to each hosting service provider;

- a clear scope and uniform definition of terrorist content in order to fully respect fundamental rights. In particular, the Regulation provides for effective remedies, both for users whose content has been removed and for service providers wishing to make a complaint;

- rules on penalties for breaches of the Regulation by hosting service providers: hosting service providers could face penalties of up to 4% of their global turnover if they systematically or persistently fail to comply with the one-hour rule to remove or disable access to terrorist content.

The Council adopted its position at first reading with a view to the adoption of the Regulation of the European Parliament and of the Council on addressing the dissemination of terrorist content online.

A clear legal framework

The proposed regulation establishes a clear legal framework that sets out the responsibilities of Member States and hosting service providers with a view to addressing the misuse of hosting services for the dissemination of terrorist content online, in particular concerning:

- the responsibilities of hosting service providers to ensure the safety of their services and to swiftly and effectively combat, identify and remove or block access to terrorist content online;

- the measures to be put in place by Member States, in accordance with Union law and subject to appropriate safeguards to protect fundamental rights, in particular freedom of expression and information in an open and democratic society, to identify terrorist content and to ensure its prompt removal by hosting service providers.

Europol could support the implementation of the provisions of the Regulation.

Scope of application

The Regulation should apply to hosting service providers offering services in the Union, irrespective of their principal place of business, insofar as they disseminate information to the public.

Materiel disseminated for educational, journalistic, artistic or research purposes or for awareness-raising purposes to prevent or counter terrorism should not be considered terrorist content. This also includes content expressing polemic or controversial views in a public debate on sensitive political questions.

Removal orders

The competent authority in each Member State should have the power to issue a removal order requiring hosting service providers to remove or block access to terrorist content in all Member States. The Council position provides for the removal of terrorist content within a maximum of one hour after receipt of the removal order.

Except in duly justified emergency cases, a 12-hour advance notification including information on the applicable procedures and deadlines, should be given to those hosting service providers that have not previously received a removal order from that authority.

Thorough examination of removal orders

The Council position strengthens the role of the host Member State in relation to removal orders that have cross-border with implications by introducing a scrutiny procedure.

The competent authority of the Member State where the hosting service provider has its main establishment or where its legal representative resides or is established may, on its own initiative, scrutinise the removal order to determine whether it seriously or manifestly infringes this Regulation or the fundamental rights and freedoms guaranteed by the Charter of Fundamental Rights of the European Union.

Upon a reasoned request from a hosting service provider or content provider, the host Member State should be obliged to carry out a thorough examination to determine whether such a breach exists.

Specific measures

Hosting service providers should take specific, reasonable and proportionate measures to protect their services against the dissemination of terrorist content online, the choice of such measures being left to each hosting service provider.

The Council's position makes it clear that the hosting service provider could adopt different measures to combat the dissemination of terrorist content, including automated measures, which may be adapted according to the abilities of the hosting service provider and the nature of the services offered.

If the competent authority considers that the specific measures put in place are insufficient to address the risks, it may require the adoption of appropriate, effective and proportionate additional specific measures. This requirement should not, however, lead to a general obligation to monitor or engage in active fact-finding or to an obligation to use automated tools.

In order to ensure transparency, hosting service providers should publish annual transparency reports on the measures taken against the dissemination of terrorist content.

Content and data retention

Terrorist content which has been removed or access to which has been disabled as a result of removal orders or of specific measures must be preserved for six months from the removal or disabling, a period which can be prolonged if and for as long as necessary in relation to a review.

Remedies and complaints

In addition to the possibilities of judicial redress guaranteed by the right to an effective remedy, the Regulation should put in place a number of safeguards and mechanisms allowing content providers to lodge a complaint about the removal or blocking and requesting the restoration of content or access to it.

Penalties

Member States should lay down rules on penalties applicable to infringements by the hosting service providers of the Regulation. Penalties could take different forms, including formal warnings in the case of minor infringements or financial penalties in relation to more severe infringements. The Council position sets out which infringements are subject to penalties and which circumstances are relevant for assessing the type and level of such penalties. Hosting service providers could face sanctions of up to 4% of their global turnover if they systematically or persistently fail to abide by the one-hour rule to remove or disable access to terrorist content.

The Committee on Civil Liberties, Justice and Home Affairs adopted the report by Daniel DALTON (ECR, UK) on the proposal for a regulation of the European Parliament and of the Council on preventing the dissemination of terrorist content online.

The committees recommended that the European Parliament's position adopted at first reading under the ordinary legislative procedure should amend the Commission's proposal as follows.

Purpose and scope

The proposed Regulation shall provide rules on reasonable and proportionate duties of care to be applied by hosting service providers in order to tackle the public dissemination of terrorist content through their services and ensure, where necessary, its swift removal.

It shall apply to hosting service providers offering services in the Union to the public, irrespective of their place of main establishment. It shall not apply to content which is disseminated for educational, artistic, journalistic or research purposes, or for awareness raising purposes against terrorist activity, nor to content which represents an expression of polemic or controversial views in the course of public debate.

The Regulation shall apply without prejudice to the fundamental principles of Union law and national law relating to freedom of expression, freedom of the press and freedom and pluralism of the media.

Terrorist content

The legislation shall cover material that, inter alia : (i) incites to commit an offence by glorifying terrorist acts, (ii) soliciting persons to participate in the activities of a terrorist group, including by providing information or material resources, or by financing its activities in any way; (iii) provides instructions for the manufacture or use of explosives, firearms or other weapons or harmful or dangerous substances to commit a terrorist offence.

Due diligence obligations and removal orders

Hosting service providers shall apply certain duties of care, in order to tackle the dissemination of terrorist content on their services to the public. These duties of care should not amount to a general obligation on hosting service providers to monitor the information which they store, nor to a general obligation to actively seek facts or circumstances indicating illegal activity.

Where hosting service providers obtain knowledge or awareness of terrorist content on their services, they shall inform the competent authorities of such content and remove it expeditiously. They shall remove terrorist content or disable access to it as soon as possible and within one hour from receipt of the removal order.

If the competent authority concerned has not previously issued a removal order to a hosting service provider, it should contact the latter by providing information on the applicable procedures and deadlines at least 12 hours before issuing a removal order.

Members introduced new provisions to clarify the consultation procedure for removal orders and the cooperation procedure for issuing an additional removal order.

Proactive measures

If it establishes that a provider of hosting services has received a substantial number of removal orders, the competent authority may send a request for necessary, proportionate and effective additional specific measures to be implemented by the provider of hosting services.

Transparency obligations

Only hosting service providers which are subject to removal orders for that year should be obliged to publish annual transparency reports containing meaningful information about action taken in relation to the detection, identification and removal of terrorist content. Competent authorities shall also publish annual transparency reports.

The Commission shall set up an online register listing all competent authorities and the designated contact point for each competent authority.

Sanctions

Member States shall lay down the rules on penalties applicable to systematic and persistent breaches of the obligations by hosting service providers under this Regulation.

The Committee on Civil Liberties, Justice and Home Affairs adopted the report by Daniel DALTON (ECR, UK) on the proposal for a regulation of the European Parliament and of the Council on preventing the dissemination of terrorist content online.

The committees recommended that the European Parliament's position adopted at first reading under the ordinary legislative procedure should amend the Commission's proposal as follows.

Purpose and scope

The proposed Regulation shall provide rules on reasonable and proportionate duties of care to be applied by hosting service providers in order to tackle the public dissemination of terrorist content through their services and ensure, where necessary, its swift removal.

It shall apply to hosting service providers offering services in the Union to the public, irrespective of their place of main establishment. It shall not apply to content which is disseminated for educational, artistic, journalistic or research purposes, or for awareness raising purposes against terrorist activity, nor to content which represents an expression of polemic or controversial views in the course of public debate.

The Regulation shall apply without prejudice to the fundamental principles of Union law and national law relating to freedom of expression, freedom of the press and freedom and pluralism of the media.

Terrorist content

The legislation shall cover material that, inter alia : (i) incites to commit an offence by glorifying terrorist acts, (ii) soliciting persons to participate in the activities of a terrorist group, including by providing information or material resources, or by financing its activities in any way; (iii) provides instructions for the manufacture or use of explosives, firearms or other weapons or harmful or dangerous substances to commit a terrorist offence.

Due diligence obligations and removal orders

Hosting service providers shall apply certain duties of care, in order to tackle the dissemination of terrorist content on their services to the public. These duties of care should not amount to a general obligation on hosting service providers to monitor the information which they store, nor to a general obligation to actively seek facts or circumstances indicating illegal activity.

Where hosting service providers obtain knowledge or awareness of terrorist content on their services, they shall inform the competent authorities of such content and remove it expeditiously. They shall remove terrorist content or disable access to it as soon as possible and within one hour from receipt of the removal order.

If the competent authority concerned has not previously issued a removal order to a hosting service provider, it should contact the latter by providing information on the applicable procedures and deadlines at least 12 hours before issuing a removal order.

Members introduced new provisions to clarify the consultation procedure for removal orders and the cooperation procedure for issuing an additional removal order.

Proactive measures

If it establishes that a provider of hosting services has received a substantial number of removal orders, the competent authority may send a request for necessary, proportionate and effective additional specific measures to be implemented by the provider of hosting services.

Transparency obligations

Only hosting service providers which are subject to removal orders for that year should be obliged to publish annual transparency reports containing meaningful information about action taken in relation to the detection, identification and removal of terrorist content. Competent authorities shall also publish annual transparency reports.

The Commission shall set up an online register listing all competent authorities and the designated contact point for each competent authority.

Sanctions

Member States shall lay down the rules on penalties applicable to systematic and persistent breaches of the obligations by hosting service providers under this Regulation.

PURPOSE: strengthen the action of the European Union in combatting the spread of online terrorist content.

PROPOSED ACT: Regulation of the European Parliament and of the Council.

ROLE OF THE EUROPEAN PARLIAMENT: the European Parliament decides in accordance with the ordinary legislative procedure on an equal footing with council.

BACKGROUND: the misuse of hosting service providers by terrorist groups and their supporters to disseminate terrorist-related content in order to spread their message, radicalise and attract new recruits, as well as to facilitate and direct terrorist activities is of particular concern. Efforts at Union level to counter terrorist content online commenced in 2015 through a framework of voluntary cooperation between Member States and hosting service providers, the EU Internet Forum .

The Commission proposes to complement these efforts with a clear legislative framework in order to further reduce accessibility to terrorist content online and adequately address a rapidly evolving problem. This legislative framework seeks to build on voluntary efforts, which were reinforced by the Commission Recommendation (EU) 2018/334 and responds to calls made by the European Parliament in its resolution of 15 June 2017 to strengthen measures to tackle illegal and harmful content and by the European Council to improve the automatic detection and removal of content that incites to terrorist acts.

IMPACT ASSESSMENT: the impact assessment concluded that a series of measures were needed to achieve the strategic objective of reducing online terrorist content. Three main options were considered, in addition to the baseline scenario, with increasing degrees of effectiveness in achieving the objectives set in the impact assessment.

CONTENT: the draft regulation aims to increase the effectiveness of current measures to detect, identify and remove terrorist content online without encroaching on fundamental rights, such as freedom of expression and information.

In specific terms, the proposal:

defines terrorist content as material and information that incites, encourages or advocates the commission or contribution to terrorist offences, provides instructions for the commission of such offences or promotes the participation in activities of a terrorist group; provides for duties of care to be applied by hosting service providers when taking action in accordance with the regulation and in particular, with due regard to the fundamental rights involved; requires Member States to empower competent authorities to issue removal orders and lays down a requirement for hosting service providers to remove content within one hour of the receipt of a removal order; sets out the minimum elements referrals should contain and procedures for hosting service providers to give feedback to the issuing authority, and to inform the latter if it is not possible to comply with the order or if further clarification is required; requires hosting service providers, where appropriate, to take proactive measures commensurate with the level of risk and to remove terrorist material from their services, including deploying automated detection tools; requires hosting service providers to: (i) preserve removed content and related data for six months for review proceedings and for investigative purposes; (ii) explain their policies against terrorist content and to publish annual transparency reports on the actions taken in this regard; (iii) put in place specific safeguards and remedies to ensure that users can challenge the deletion of their content; requires Member States to ensure that competent authorities have sufficient capability and resources to combat online terrorist content and to cooperate with each other and, where appropriate, with Europol, to avoid duplicating work and any interference with ongoing investigations; provides for the establishment of points of contact by both hosting service providers and Member States to facilitate communication between them, particularly in relation to referrals and removal orders; requires hosting service providers which do not have an establishment within any Member State but which do offer services within the Union, to designate a legal representative in the Union; specifies that Member States should lay down rules on penalties for non-compliance and provides criteria for Member States to take into account when determining the type and level of penalties.