Out-Law News 2 min. read

ISPs should check with regulators before using traffic management tools that access the content of communications, say new guidelines

Internet service providers (ISPs) should check with regulators before using tools to control internet traffic that involve looking at the content of communications that are sent over their networks, the Council of Europe has said.

The recommendation was made by the Committee of Ministers at the Council of Europe in new net neutrality guidelines that it has published and is designed to ensure privacy rights of internet users are respected.

The guidelines the Council of Europe have issued are non-binding. The Council of Europe is made up of 47 member countries and is Europe's human rights watchdog. It is not an EU institution and so is not involved in law making at EU level. Instead it creates and recommends collaborative legal measures on human rights issues.

In its guidance the Council of Europe said that ISPs should treat traffic over their network "equally, without discrimination, restriction or interference irrespective of the sender, receiver, content, application, service or device". It described this as "the network neutrality principle".

It said ISPs should, however, not be precluded from using traffic management measures in certain circumstances. The Council of Europe laid out three specific examples where traffic management would be permitted.

"[The network neutrality principle] does not preclude internet traffic management measures which are necessary and proportionate to: give effect to a court order or an order of a regulatory authority; preserve the integrity and security of the network, services provided via the network and end-users’ terminal equipment; [or] prevent network congestion and optimise traffic management when congestion occurs," the new guidance said.

Traffic management measures should be "non-discriminatory, transparent and maintained no longer than strictly necessary", it said.

The Council of Europe said that ISPs should only engage in traffic management that involves the processing of personal data where this is "necessary and proportionate" in pursuit of one of the three exceptions legitimising the use of traffic management provided for in its guidance.

It said ISPs must assess whether the traffic management techniques they intend to deploy respect privacy rights set out under Article 8 of the European Convention on Human Rights as well as legislation. This process should involve liaising with regulators, it said.

"The use of internet traffic management techniques that are capable of assessing the content of communications is an interference with the right to respect for private and family life," the guidance said. "Therefore, such use must be fully in line with Article 8 of the Convention, be tested against applicable legislation on the right to private life and personal data protection and reviewed by a competent authority within each member state in order to assess compliance with legislation."

New laws on net neutrality are set to take effect in the 28 EU countries from 30 April this year, although existing national laws or self-regulatory frameworks which do not accord with the new laws can continue to be operated until the end of 2016 if EU countries notify the European Commission of their intention for this to happen before 30 April.

The new laws differ from the non-binding guidelines set out by the Council of Europe. Although the EU rules prohibit "paid prioritisation" of content delivery online, ISPs will be able to agree deals to deliver services of enhanced speed and quality with content providers in some cases, provided that it has no impact on "the open internet".

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.