Accept Refuse

EUR-Lex Access to European Union law

This document is an excerpt from the EUR-Lex website

Document 52018AE2477

Opinion of the European Economic and Social Committee on — Proposal for a Regulation of the European Parliament and of the Council on the implementation and functioning of the .eu top-level domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004 (COM(2018) 231 final — 2018/0110 (COD))

EESC 2018/02477

OJ C 367, 10.10.2018, p. 112–116 (BG, ES, CS, DA, DE, ET, EL, EN, FR, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)

10.10.2018   

EN

Official Journal of the European Union

C 367/112


Opinion of the European Economic and Social Committee on

Proposal for a Regulation of the European Parliament and of the Council on the implementation and functioning of the .eu top-level domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004

(COM(2018) 231 final — 2018/0110 (COD))

(2018/C 367/22)

Rapporteur:

Philippe DE BUCK

Consultation

European Parliament, 28.5.2018

Council, 5.6.2018

Legal basis

Article 172, first paragraph, of the Treaty on the Functioning of the European Union

Section responsible

Transport, Energy, Infrastructure and the Information Society

Adopted in section

28.6.2018

Adopted at plenary

11.7.2018

Plenary session No

536

Outcome of vote

(for/against/abstentions)

133/1/0

1.   Conclusions and recommendations

1.1.

The EESC supports the objectives contained in the proposed Regulation on the implementation and functioning of the .eu top-level domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004. The aim is, on the one hand, to deal with outdated provisions and, on the other hand, to be able to react more quickly to upcoming developments.

1.2.

The EESC wishes to underline the fact that due to the importance of an internet identifier for EU citizens, companies and organisations, the .eu domain name has to be considered as a Service of General Interest (SGI). This is the reason why it should be considered that the registry has to be a non-profit organisation, dealing only with the operational management of the domain name, and that any surplus has to be passed to the EU budget.

1.3.

The EESC takes note that the registry is appointed after an open tender procedure but wants to stress that everything should be undertaken to maintain .eu operations without any disruptions. An open tender procedure could have a negative effect on the stability of the staff involved, on stable relations with the multiple registrars and on the trust and reputation of the domain name. All the selection criteria should therefore be clearly defined well in advance. In particular if the registry could or could not be a commercial company. In any event, it requests that the entire process is made wholly transparent.

1.4.

The Commission should define if the registry has to be a non-profit organisation or not.

1.5.

The EESC supports the creation of a Multistakeholder Council and wishes to be represented in it.

1.6.

The EESC endorses the widening of the eligibility conditions for physical persons to obtain a .eu domain name. Residence within a Member State of the European Union is no longer a prerequisite. Allowing any national of a Member State, whatever their country of residence, to obtain a .eu domain name will not only increase the profile of the EU, but will also explicitly demonstrate an affinity with the EU.

1.7.

Brexit will have consequences for the eligibility criteria when, and if, the UK leaves the European Union, or when any potential transition period comes to an end. All the bodies dealing with the governance and the operational responsibilities of the .eu domain name should prepare for the new circumstances, and the .eu domain name owners concerned should be informed in good time about the withdrawal of their rights. Realistic deadlines should be fixed.

1.8.

The EESC asks for a smooth transition period with the current incumbent operator. As the contract of the current registry, namely EURid, is coming to an end in October 2019, and it is likely that the new regulation and the implementing acts of the Commission will not be fully enforceable at that time, a transition period will be required, which means that the contract with EURid will either need to be extended or renegotiated. The EESC considers that, as the contract may need to be amended, those negotiations should start as early as possible in order to avoid any disruption to the operation of the .eu domain name.

2.   Introduction

2.1.

The .eu top-level domain (TLD) is the domain name of the European Union and its citizens. It is assigned to the EU and is managed by the European Commission. The .eu TLD was set up by Regulation (EC) No 733/2002 on the implementation and functions of the .eu top-level domain. It is further governed by the rules laid down in Regulation (EC) No 874/2004, and subsequent amendments, which sets out public policy rules concerning the implementation and functioning of the .eu TLD and the principles governing registration. The .eu TLD was delegated by ICANN (the Internet Corporation for Assigned Names and Numbers) in March 2005, and was launched in April 2006 after a so-called sunrise period in December 2005.

2.2.

The .eu TLD was established with the aim of boosting the internet identity of the European Union and its citizens, promoting the EU’s image on the global information networks and raising the profile of the EU’s internal market on the virtual marketplace of the internet.

2.3.

In line with the objectives of the Digital Single Market Strategy, the .eu TLD enables European businesses and citizens to participate in e-commerce and increases their participation in the online single market.

2.4.

The .eu TLD registry is an organisation that is selected by the European Commission based on an open bid and for a five-year period. Since its inception, it has been managed by EURid, a non-profit organisation, which operates under contract for the European Commission. The current contract with EURid ends in October 2019. Until up now the .eu domain name has been well managed. EURid has received an award of best registry based on a satisfaction survey of registrars.

2.5.

The .eu domain names can be registered via a network of ‘accredited registrars’. Currently, the .eu domain name can only be registered by a natural person, company or organisation (‘registrant’) residing or established in the European Union, Iceland, Liechtenstein or Norway (‘residence restriction’).

2.6.

Some names relating to geographical concepts are reserved. These reservations can be put in place by the EU institutions, the Member States, EEA countries, and countries in the EU accession phase, as well as by EURid. Regulation (EC) No 1654/2005 sets out the list of reserved names (for example ‘republicaportuguesa’, ‘hrvatska’) and states that the list of names set out in the annex to the regulation shall only be reserved or registered as second-level domain names directly under the .eu TLD.

2.7.

The .eu TLD ranks among the largest international TLDs. According to the Commission’s data, there are over 3,8 million registrations. After .de, .uk and .nl it is the fourth-largest TLD at European level. There are over 700 accredited registrars worldwide. The growth in .eu registrations since its launch is significant; however, over the last two years growth has begun to flatten. The average renewal rate (80 %) is higher than the overall average rate (70-75 %). In addition, the use of mobile applications, search engines and social media to access online content reduces the visibility of domain names, putting pressure on traditional domain names.

2.8.

Since the adoption of the .eu regulations, the online environment and the EU political and legislative context have experienced significant changes. With the rapid rise of new generic top-level domains (such as .top, .trade, .club or .xyz), competition in the field of domain names has increased considerably. This has had an impact on the registries-registrars dynamics. The latter are now more empowered to decide on which registries get the better visibility when offering domain names to their customers. At the same time, the governance of the internet and the dynamic TLD ecosystem have undergone substantial technical changes. The .eu TLD registry operator needs to respond to increasingly complex quality requirements.

2.8.1.

Additionally, the advent and rise of social media platforms has changed the demand for unique online identifiers. Unique online identifiers are any type of strings (domains, usernames) that allow an online presence. Individuals and SMEs have cheap and convenient alternatives to establish their online presence. This has a significant impact on the domain name market.

2.9.

According to the Commission, the key problems in the current framework to be addressed are:

2.9.1.

The .eu TLD is governed by an outdated and rigid legal framework that cannot be easily updated. The regulations contain very detailed provisions that may not be relevant any more, impacting the day-to-day management of the .eu domain. It does not have the flexibility needed to efficiently cope with a rapidly changing Domain Name System (DNS) market.

2.9.2.

The current structure does not provide for an optimum governance structure in terms of oversight and accountability vis-à-vis the registry operator; it does not take into account the multistakeholder nature of internet governance and does not provide sufficient supervisory powers to the Commission vis-à-vis the registry operator.

2.9.3.

The current rules do not allow the .eu TLD registry to sell .eu domain names directly to customers itself. This may hamper its ability to market its services effectively.

3.   Summary of the Commission proposal

3.1.

The key aspects of the new proposal are:

3.1.1.

A legal framework that will encompass:

principle-based, flexible and future-proof regulations,

comitology procedures restricted to key aspects of the management of the .eu TLD, such as selection criteria for the registry operator or reserved domain names,

a contract between the Commission and the registry operator with all the relevant detailed principles and procedures. That includes the policies and procedures relating to the domain name management as annex. That would mean that any technical changes in the future will have to go through a contractual revision.

3.1.2.

Improvements with respect to the governance and management of the .eu TLD by means of:

an advisory body, the Multistakeholder Council, to assist and advise the Commission on the correct implementation of the regulation and the operation of the .eu domain.

new supervisory powers for the Commission vis-à-vis the registry with the aim of better supervising the organisation, administration and operations of the .eu TLD and verifying the registry’s compliance with the regulation. The registry will be audited every two years by an external auditor.

3.1.3.

Expanding the current eligibility criteria for registration of .eu domain names:

EU citizens residing in third countries will be entitled to register a .eu domain; natural persons and undertakings from third countries based in the European Union (with residency/establishment respectively) are also entitled to register a .eu domain.

3.1.4.

Lifting the strict prohibitions on vertical separation:

the Commission could extend the scope of the registry’s services (selling domain names to end-users; direct registrations of domain names on the website of the registry) without prejudice to the application of the rules on fair competition.

3.2.

The Commission will monitor the application of the regulation and submit a report on its evaluation no later than five years after the date of its application. Additionally, the progress of the .eu TLD will be regularly monitored via the submission of a report on the implementation, effectiveness and functioning of the domain name three years after the submission of the aforementioned evaluation report and every three years thereafter.

3.3.

The proposal is consistent with the objectives of the Digital Single Market Strategy, which include promoting European entrepreneurship and start-ups while at the same time reinforcing security and trust in the online environment. The regulation should be implemented in compliance with the fundamental rights in the area of data protection, privacy, security and multilingualism. Personal data protection by design and data protection by default should be embedded in all data processing systems and databases developed and/or maintained.

4.   General comments

4.1.

The EESC supports the objectives contained in the proposed Regulation on the implementation and functioning of the .eu top-level domain name and repealing Regulation (EC) No 733/2002 and Commission Regulation (EC) No 874/2004. The aim is, on the one hand, to deal with outdated provisions and, on the other hand, to be able to react more quickly to upcoming developments.

4.2.

The EESC wishes to underline the fact that due to the importance of an internet identifier for EU citizens, companies and organisations, the .eu domain name has to be considered as a Service of General Interest (SGI). This is the reason why it should be considered that the registry has to be a non-profit organisation, dealing only with the operational management of the domain name, and that any surplus has to be passed to the EU budget.

4.3.

The EESC takes note that the registry is appointed after an open tender procedure but wants to stress that everything should be undertaken to maintain .eu operations without any disruptions. An open tender procedure could have a negative effect on the stability of the staff involved, on stable relations with the multiple registrars and on the trust and reputation of the domain name. All the selection criteria should therefore be clearly defined well in advance. In particular if the registry could or could not be a commercial company.

4.4.

The domain name environment and market are indeed evolving due to new internet stakeholders, the multiplication of generic domain names and the rapid evolution of internet communication on the part of businesses and private users.

4.5.

The EESC supports the fact that the new regulation is based on principles, which means that only the basic and broad principles are fixed in the proposed rules. This means that a number of specific regulatory elements, such as the reserved domain names and the criteria for the selection of the registry, will be set out in detail by the Commission via implementation acts and comitology. Other, more detailed specifications imposed upon the selected registry will be negotiated and fixed as part of the contract.

4.6.

Although the EESC favours a more flexible approach in negotiations on the regulation and the contract, it requests that the entire process for publication of the call for tenders and the negotiation of the contract be made wholly transparent from the very beginning and throughout the process. Applicants should have a clear idea of the obligations, conditions and rights when they prepare their answers to the bid as well as when they prepare the contract negotiations.

4.6.1.

Compared to the current regulation, the new regulation does not exclude vertical integration, which means that the appointed registry may also function as a registrar and offer the .eu domain name to the market. The EESC could accept this innovation, particularly in countries or regions where registrants have a limited choice of local registrars. This would encourage an increase in the market penetration of the .eu domain name, especially for its variants in other scripts.

4.6.2.

Likewise, according to the new proposal, it will not be mandatory for the appointed registry to be a not-for-profit organisation. If the Commission confirms this approach it will, in the EESC’s view, constitute a major change that will have significant consequences. This is because commercial entities will act differently, as they will need to make a profit on the .eu domain name, and the surpluses generated by the registry will no longer be transferred to the EU budget. The EESC wants the Commission to clarify this as soon as possible, so that the legislative process can be conducted with all relevant information made available.

4.6.3.

As written in the Impact Assessment, it is worth highlighting the fact that the European Union has benefited from the current registry set-up because it has allowed the Commission to support a series of projects and initiatives such as the EuroDIG and ICANN meetings in Brussels.

4.7.

An important new addition will be the creation of a Multistakeholder Council, which according to Recital 20 will be based on a coherent set of global and inclusive internet principles. The membership of the Council, according to Article 14(2), will be made up of the following six groups: governments of Member States, the private sector, civil society, academics, international organisations and the technical community.

4.7.1.

The EESC can fully support this approach as, with regard to the internet, these stakeholders will be able to advise the EU institutions about shared principles, norms, rules, decision-making procedures and programmes that shape the use and development of the internet. Nevertheless the EESC underlines the importance of better specifying that the role of the Multistakeholder Council will not be to intervene in the .eu operational management. The EESC therefore requests the Commission to clarify the role and scope of such a council. Sufficient financial means have to be provided for this council to be able to function properly.

4.7.2.

It seems logical that the Committee, as a representative of organised civil society, and taking into account the important work that it has produced (including on relevant topics such as the digitalisation of the economy and the evolution of e-commerce), has the necessary credentials to be represented in the Council.

4.8.

The EESC also welcomes the fact that supervision of compliance with the legal obligations of all the processes conducted by the registry will be reinforced by the imposition of an external audit to be performed every two years. In addition, the Multistakeholder Council will advise on how and to what extent an audit should be conducted.

4.9.

The EESC endorses the widening of the eligibility conditions for physical persons to obtain a .eu domain name. Residence within a Member State of the European Union is no longer a prerequisite. Allowing any national of a Member State, whatever their country of residence, to obtain a .eu domain name will not only increase the profile of the EU, but will also explicitly demonstrate an affinity with the EU.

5.   Specific comments

5.1.

As the contract of the current registry, namely EURid, is coming to an end in October 2019, and it is likely that the new regulation and the implementing acts of the Commission will not be fully enforceable at that time, a transition period will be required, which means that the contract with EURid will either need to be extended or renegotiated. The EESC considers that, as the contract may need to be amended, those negotiations should start as early as possible in order to avoid any disruption to the operation of the .eu domain name.

5.2.

The EESC is pleased to see that alternative dispute resolution (ADR) procedures are complemented with online dispute resolution (ODR) possibilities.

5.3.

Recital 16, Article 11(f) allows competent authorities to have access to registry data for the purposes of prevention, detection and prosecution of crime. The current drafting suggests that law enforcement authorities may have unfettered, indiscriminate access to registration data. Any legal obligation for cooperation with competent authorities should also highlight checks and balances and limitations on such obligations.

5.4.

Article 12.1 states that: ‘The Registry shall set up and manage a WHOIS database facility for the purpose of providing accurate and up-to-date registration information under the .eu.’ Achieving data accuracy in the WHOIS is challenging in the Domain Name System (DNS), where data is entered by multiple parties over which the registry has little effective control. E.g. it is typically the registrar who holds the contract with the end-user (registrant). While some registries implement after-the-fact checks for data accuracy, it is not feasible for any domain name registry to guarantee that data in the WHOIS is 100 % accurate or up-to-date. There is a risk that such a provision could set an unrealistic and unachievable level of accuracy.

5.5.

The definition of the term ‘Registry’ (Article 2(a)) includes the wording ‘…and dissemination of the TLD zone files’. The language is ambiguous, and could be interpreted as compelling the Registry to publish its zone file. Most ccTLDs do not publish their zone files for privacy and cybersecurity reasons. The drafting of the definition should clarify that publication of the zone file is not required.

5.6.

Brexit will have consequences for the eligibility criteria when, and if, the UK leaves the European Union, or when any potential transition period comes to an end. All the bodies dealing with the governance and the operational responsibilities of the .eu domain name should prepare for the new circumstances, and the .eu domain name owners concerned should be informed in good time about the withdrawal of their rights. Realistic deadlines should be fixed.

Brussels, 11 July 2018.

The President of the European Economic and Social Committee

Luca JAHIER


Top