The EU has agreed new rules requiring ISPs to ensure net neutrality. The rules take effect on 30 April 2016 and will allow national regulators to impose major financial and other penalties. ISPs will have to comply with the rules, and anyone involved in M&A deals in the comms sector should add this new legal risk to their due diligence.

The new EU rules are almost identical to US rules introduced earlier this year. But they don’t go as far as Dutch law, which has some of the strictest net neutrality rules in the world:

Click here to view table.

The EU rules contain some carve-outs, allowing ISPs to:

  • comply with laws or court orders (so unlawful content can be blocked);
  • ensure security (eg to combat viruses and hacks); and
  • minimise network congestion. 

ISPs may also develop specialised services. These are bandwidth-intensive innovative services, like high-definition video-conferencing, automated driving and telesurgery (which allows doctors to perform surgery remotely via an internet link). ISPs may prioritise specialised services, as long as they don’t harm the principle of open internet access – this is controversial among net neutrality advocates, who say it will foster a two-tier internet.

The EU Commission has also voiced concerns about how ISPs process personal data when managing traffic, particularly by using deep packet inspection. The new rules limit data processing to what is necessary to manage traffic.

Meanwhile, in the US, the largest broadband providers have launched a legal challenge to the FCC’s Open Internet Rules. They argue that the FCC should not have been allowed to reclassify ISPs as ‘Title II’ common carriers – that gave the regulator extra powers to regulate broadband providers in the same way as telecoms companies. The dispute will be heard by a US appeals court in December.