Dual-Use Regulation: European Parliament limits Commission Proposal
Considerable challenges restricted to business area of Internet and telecommunications surveillance
In autumn 2016, the Commission adopted a very controversial proposal for a recast Dual-Use Regulation [we reported on this here], cf. also the statement issued by the BDI. This draft recast regulation not only met with considerable resistance from the business sector, but it also became apparent that a large number of Member States would not support this draft in the Council.
The European Parliament has now adopted a draft regulation which considerably limits the Commission’s draft and therefore paves the way for further negotiations with the Council.
It is above all the controversial extension of the “catch-all provision” which has been limited. To date, the export of items not specifically listed is only subject to restrictions in exceptional cases, for example if there is positive knowledge of a potential use in connection with NBC weapons or rocket carriers or military end-use in a country which is subject to an arms embargo. The Commission proposal also provided for the introduction of similar restrictions in cases where there is a risk of serious violations of human rights and acts of terrorism being committed. The Commission intended to impose considerable due diligence obligations on undertakings with respect to intended use by recipients.
The European Parliament has now recognised that this extension would create “considerable legal uncertainty” and would ultimately lead to a “criminalisation of the economy” by burdening European exporters with additional due diligence “hardly possible in practice”. It therefore (1.) completely deleted the use-related restrictions in the case of acts of terrorism. In the case of the risk of serious violations of human rights it (2.) limited restrictions to the export of surveillance technologies.
The European Parliament is therefore not returning either to the list approach which has applied to date, which provides that only particularly high-grade technologies which are listed in a separate annex are subject to export restrictions. The European Parliament in fact proposes items specifically constructed for surveillance technology should also be subject to the general usage-related restrictions. This will confront companies which manufacture and use cyber technologies with considerable challenges. Other sectors have at least been exempted from the usage-related restrictions which are hardly manageable in practice.
The European Parliament is proposing that manufacturers/users of surveillance technologies be subject to a notification obligation if they have knowledge of any possible use in connection with violations of human rights. A vaguely defined due diligence obligation also continues to exist. These companies are now facing the challenge of developing an internal compliance system which protects them against the accusation of a negligent breach in the event of their products not being used for their proper purpose.
The European Parliament’s interest in preventing authoritarian regimes from spying on their citizens with the help of surveillance technology from the EU is in principle to be welcomed. However, a list-based approach will probably be more effective at achieving the objective due to improved and much more legally certain manageability. It is to be welcomed in this context that the export of encryption technology is to be made easier.
Any Questions? Please contact: Dr. Bärbel Sachs, Dr. Christian Pelz
Practice Groups: Regulatory & Governmental Affairs, Compliance & Investigations