On 12 September 2018, the European Commission presented a legislative proposal for a regulation on preventing the dissemination of terrorist content online (COM(2018) 640 final). The proposal introduces a number of measures to prevent the misuse of Internet hosting services to disseminate terrorist propaganda and terrorist content online.

The European Commission is not fully satisfied with the voluntary initiatives in place so far. Although the EU Internet Forum established in 2015 has made good progress, the Commission considers binding, uniform EU rules necessary to further curb the dissemination of illegal terrorist content online. The proposal also reflects calls from the European Parliament and the European Council for legislative action in this area. It is said that terrorist content online is an urgent, real risk to European security and necessitates a rapid response from the EU legislator. In January 2018 alone, almost 700 pieces of official Da’esh propaganda were disseminated over the web and, since 2015, Europol’s Internet Referral Unit flagged over 60,000 examples of terrorist content online.

Against this background, the Commission’s proposal includes the following major elements:

• One-hour rule: Hosting service providers will be obliged to remove terrorist content online or disable access to it within one hour of receiving a removal order issued by a national authority;
• Financial penalties: If a hosting service provider does not comply with the removal order, Member States must put in place effective, proportionate, and dissuasive penalties. In the event of systematic failure to remove terrorist content, providers could face financial penalties of up to 4% of their global turnover for the last business year;
• Duty-of-care obligation: Hosting service providers must take proactive measures to prevent their platform from being abused for terrorist purposes. The measures depend on the risk and level of exposure to terrorist content, but include the deployment of automated detection tools. Providers will also have to report on the proactive measures put in place after receipt of a removal order;
• Increased cooperation: Hosting service providers and Member States are required to establish points of contact reachable 24/7 in order to facilitate follow-up to the removal orders and referrals. In addition, cooperation between the hosting service providers, Member States, and Europol is to be enhanced;
• Increased transparency and accountability: Hosting service providers and Member States will have an obligation to annually report on their efforts; the Commission will establish a detailed programme to monitor the results and impact of the new rules;
• Strong safeguards: Fundamental rights, such as freedom of expression and information, are chiefly protected by the possibility of judicial redress, the possibility for hosting service providers to challenge a removal order, and a complaint mechanism by means of which users may contest the unjustifiable removal of online content.

The new rules will apply to all Internet companies that offer services in the EU, irrespective of their size or location. Companies with headquarters outside the EU will be obliged to designate a legal representative within the EU to ensure compliance with the new legislation. The scope of the new regulation therefore also includes web services that store information or function as a sharing platform, e.g. social media; video streaming services; video, imaging, and audio sharing services; file sharing or other cloud services; and websites where users can make comments or post reviews, etc.

The Commission remarked that it is concentrating on illegal terrorist content online, as defined by the Directive on Combating Terrorism (see eucrim 2/2017, pp. 68/69), because of the urgency of the problem. This does not mean that the Commission will not address other types of harmful Internet content in future proposals, e.g., hate speech, child sexual abuse or counterfeit products.