NEW DIRECTIONS IN EU DIGITAL REGULATION POST-2015: REGULATING DISRUPTION

This paper explores the gradual change of direction in the European digital policy on the content layer that took place after the introduction of the 2015 Digital Single Market Strategy. It argues that, while the main objectives of the pre2015 policy have been the promotion and facilitation of the free movement of digital services through liberalisation, the post-2015 digital strategy changes direction to the defence against real and imagined threats and downplays the liberalising credo it was originally based on. The first part outlines the objectives of the EU digital policy pre-2015 and argues that low-key regulatory intervention in information society services and robust intermediary liability regime are its cornerstones. The second part explores the main regulatory methods post-2015: the emergence of platforms, new types of rules and new regulatory principles. The final section gives a critical overview and explains why the current approach is inadequate for the future.

. Introduction: Eu Digital Policy Pre- An average Internet user today mostly takes the existence and smooth operation of this most global of mediums for granted. The fact that it is (nearly) universally available, (mostly) constantly improving in speed and coverage and providing an ever-increasing amount of content is taken as a sign of its vitality and occasionally even ascribed the force of natural law. That regulation does (or ought to) play a part in establishing and preserving the Internet's success is rarely if ever questioned. Those who have a background in or an understanding of the regulation of networked industries, however, know that telecommunications at least had long been considered a natural monopoly 1 and, therefore, heavily regulated. 2 To this day, the carrier layer 3 remains under the control of relatively strict rules controlling authorisation, access, universal service, etc. The point here is that telecoms, at least, need to be regulated in order for them to perform the role it is expected of them. The question then becomes: what role do laws play in keeping the Internet free?
The fact that the Internet content layer had not been subject to heavy regulation should invite curiosity. Put in very simple terms, this is a result of various political decisions made in the United States and the EU at various points throughout the 20 th century. The policy choice was to treat the Internet not as a telecoms network (subject to the rules mentioned above) or a regular service (subject to sector-specific regulation) but as an information society service. The choice was to subject it to significantly less regulation than either telecommunications networks and services or broadcasting media with editorial control. 4 The enormity of this policy choice should not escape us for it created a curious pattern: while cables and radio waves used to convey the Internet were regulated, the content largely remained free. Similar regulatory patterns were copied in Europe, thus creating the feel of the "free" and unregulated Internet. To be precise, the Internet was not "free" of privacy, copyright, consumer protection, civil, jurisdiction and other laws, but was "free" of special (sector-specific) regulation requiring authorisation or determining the conditions for providing the services, their extent, their content or the scope of their reach. In other words, the Internet was free of laws applying only to it and having a particular political purpose. This is a significantly different approach not only from the edited media (TV, radio, newspapers, non-linear streaming services) but also from telecoms.
The "free" Internet was not only a result of the decision not to treat it as a telecoms service (i.e. not to conceptually equate it with telecoms) but also a result of active policy choices. These too were, partially at least, American in origin. In 1997, Ira Magaziner, the then-US President Bill 2 First to mitigate the negative effects of such a monopoly, then to liberalize. For history of the regulatory paradigm for telecoms, see Savin Telecoms cables and radio spectrum used to carry the Internet content. A common division of the digital world is into the carrier layer -which represents the telecoms infrastructure and the content layer -which represents electronic communication services and audio-video media services. The carrier layer is relatively regulated through ex ante asymmetric rules applied to telecoms companies with the significant market power. See Savin Clinton's senior policy advisor, played a decisive role in outlining the scope of regulatory reach towards information society services, thus defining the shape of the modern Internet. His main contribution was a "hands off " approach to regulating the content layer of the Internet. 5 The policy principles that Magaziner introduced were deceptively simple. The Internet is a medium with enormous potential for "promoting individual freedom and individual empowerment". In order to preserve this, where possible, the rules that govern it "should be set by private, non-profit, stakeholder-based groups". Governments should refrain from intervening unless absolutely necessary. This approach resulted in a firm policy based on a simple idea -private sector should lead and, where regulation is needed, it should be kept to a minimum and should foster "predictable, consistent, and simple legal environment" 6 . This created a regulatory pattern on the content layer completely different from the one seen in many other networked industries. 7 T he American approach had inspired the European Union. Even before the 1997 Clinton Memorandum, the EU's Electronic Commerce Initiative 8 largely matched the Clinton-Magaziner strategy. 9 Th at paper based the entire Internet policy on four principles: -no regulation for regulation's sake; -all regulation based on Single Market freedoms; -all regulation to take account of business realities; -all interests to be reached effectively and objectively.
The simple set of principles continued to inform EU policy on the content layer for the following decades. 10  There is little evidence that the EU policy was directly inspired by the US approach. This remains one of the more intriguing still unresolved questions in the history of EU Internet regulation. A meeting of both sides had conspicuously been held on July 8, 1997, just a week after the publication of the Clinton-Magaziner document. Prior to that, in May 1997, both sides agreed an outline of a common strategy, but the first EU document dates to April 1997, well before the Clinton-Magaziner paper. See http://europa.eu/rapid/press-release_IP-97-620_en.htm. 10 The carrier (telecons) layer has been and remains regulated in a largely similar manner in the US and the EU and is not the subject of this paper.
the policy also added a goal of making Europe the most dynamic 'knowledge-based economy in the world' by 2010, 11 something that was preserved as a guiding principle until today and that, significantly, required not just the removal of obstacles but also active promotion of trans-border flow of goods and services. In order to achieve the ambitious goal, the EU needed better Internet access (on the carrier layer), but also better e-commerce rules. It is at this point (post 1999) that the EU digital policy established the idea of enabling and promoting the Digital Single Market as its main goal. No longer was the idea of a free market for digital services just an instrument for achieving a better Single Market, but it became a goal in its own right. The 2010 Digital Agenda for Europe 12 was an of ficial policy blueprint that took over the goals from the 1999 Communication. It is a comprehensive outline of EU digital policy both on the content and carrier layer, each with its own set of goals and tools. On the content layer, the Agenda points out to the fact that digital markets are fragmented and that a "more vibrant" market is needed. The authors of the Agenda are worried that the EU is "falling behind" other developed economies and that access to content needs to be "opened up". Furthermore, online and cross-border transactions need to be made "more straightforward". The actions proposed burst with permissive language: "simplifying", "enabling", "enhancing confidence", "promoting diversity", which confirms the Agenda's status as a document that builds on the basic liberalising movement of the late 90s and early 00s.
As a result of this approach, the EU passed a number of framework directives coupled with special directives. While the former gave a general supporting structure, the latter regulated specific topics. Thus E-Commerce Directive had been passed in 2000 as the general framework for regulating information society services 13 and AVMS D irective 14 for audio-video services. In both of these instruments the guiding principle, in line with the policy outlined above, has been to liberalise the services. This is apparent in both framework directives. The E-Commerce Directive starts from the principle that digital services do not need a special approval regime (Article 2), that they should be subjected to the law of the home state (Article 3) and that intermediaries, as a rule, should be subject 11  A policy (any policy) consists of a set of objectives, guiding principles and tools. The EU's digital policy as outlined above, is guided by a general objective of achieving a unified Digital Single Market, with a complete freedom of movement for digital services. The guiding principle that controls that objective is: Single Market-informed business-oriented legislation only if and where necessary. The tools for achieving it are, among others, home country control and insulation of bona fide ISPs from liability.
The low level of regulation is the idea that a) no special approval is needed for conducting the business, b) that information society services are not subject to sector-specific regulation (i.e. regulation that applies to them only on the account of them being such services) and that c) no special regulatory oversight is put on those services. A distinction is needed here. An ISS can and often is subject to a set of rules arising out of a particular field. Thus a streaming service needs to abide by copyright rules, audio-video rules, e-commerce rules, contract law, competition law, etc. but, would be subject to few (if any) initial constraints.
The second idea that enabled the free Internet is that intermediaries 15 should, as a rule, not be liable for the illegality of the content they convey unless they produced that content or did not take action when alerted to its illegality. This idea, firmly established in American and EU law, 16 enabled the intermediaries to establish business models based on free circulation of information.
As we will see below, it is precisely the two ideas we discussed here that came to be challenged as the new Internet emerged in the second decade of the 21 st century. Such Internet, subject to fake news, election fraud, uncertain data ownership and increased circulation of the illegal content, suddenly required the rethinking of both the notion that IS services can be provided without authorisation and oversight and the idea that lack of liability is the default position. Calls are increasingly heard for more regulation of all platforms and for a refit of the limited liability regime. 17 Such calls are becoming not only part of the official policy but are gradually resulting in concrete legislative proposals, some of which will briefly be analysed here.
At the core of the changes we suggest are happening in EU regulation is disruptive innovation which can be described as innovation that at the same time creates new markets and disrupts existing ones. 18 In Schumpeter's words, creative destruction is the process of industrial mutation "that incessantly revolutionizes the economic structure from within, incessantly destroying the old one, incessantly creating a new one" 19 . Traditiona l industries have repeatedly been subject to challenges that have wiped out some and forced most to adapt. The Fourth Industrial Revolution, 20 which denotes the blurring of the boundaries between physical, digital and biological, brought with it the disruption of platforms, AI, robotics, blockchain, biotechnology, Internet of Things and numerous other factors.
Disruptive innovation is largely (albeit not completely) mediated by platforms. 21 Platfor ms, as multi-sided markets for bringing users together in order to facilitate a transaction, drastically simplify the transactions and lower the costs, increasing the opportunities and facilitating transactions. But platforms also challenge laws, posing questions about adequacy of competition, labour, contract, tax and laws on illegal content, to name but a few.
Our main claim in this paper is that the relatively coherent, permissive and liberal regulation of the platform-free 90s and 00s has turned into a less coherent attempt to provide a response to the challenges brought by disruption. We claim that the disruption that is shaking the industry and society is deeply affecting the ways laws are made and enforced and offer the basic analytical framework for understanding the relationship between disruption and regulation in the EU. In this section we gave an outline of the EU digital policy pre-2015. The second part traces the three elements that characterise the EU policy post-2015: platforms, the shift from laws to decrees and the change of principles. The last part looks at the consequences this regulation might have.

. Digital Regulation Post-
Few changes to the original regulatory model have been made seen since 2001 when the E-Commerce Directive had been passed. That model relied on silo-ed regulatory structure where a framework directive 18 28 , maintaining the same regulatory model. The post-2015 regulation is a fundamental change characterised by the following factors which will each be analysed in the sections below. First, the elementary unit of regulation is no longer an "information society service" but a loosely defined "platform". Second, the model based on a central framework directive, distinctly operating within its own silo, and followed by a set of satellite directives is changed to a model relying on sector-specific regulation based on vaguely defined regulatory objectives coupled with decrees with distinct law-making ambitions. Third, the "no regulation for regulation's sake" non-interventionist approach from the 90s is modified towards the principle of 'level playing field' and "what is valid offline must be valid online" approach.

. The Emergence of Platforms
In 2015, updating the EU digital policy, the Commission concluded that true Digital Single Market had not yet been achieved and quoted a number of examples of areas which needed to be improved. The Strategy then adopted was, officially at least, not an abandonment of the objectives and principles outlined above, nor even a significant change. Instead, it resembled a patchwork of ad hoc measures, designed to address temporary hiccups. Indeed, the very intro to the document speaks of 'modernising' , 'simplifying' and 'breaking down national silos' . A closer look, however, reveals a different picture. Buried in the Strategy, as item 3.3, is a section with the title "a fit for purpose regulatory environment for platforms and intermediaries". A reader could easily miss the significance of these words. In the EU approach to the issue up to that point, platforms did not feature as distinct subjects of regulation. If they are mentioned at all, this is always in general terms and without a particular objective. 29 At t his point, they make an entrance not only as something that needs to be regulated but also something that is distinct from the EU's basic unit of digital regulation on the content layer -information society service providers. 30 The 2 015 Strategy not only distinguishes platforms from intermediaries but claims that platforms might need to be subject to regulation in their own right. 31 The Co mmission then promises to look specifically into four issues: transparency of search results, platforms' use of information they collect, relations between platforms and suppliers, cross-platform movement and illegal content. The choice of subjects reveals that illegality is high on the Commission's list of relevant issues and that other issues can squarely be placed in the area of unfair competition. The Strategy had been followed by a number of documents (discussed in the section below) but also by some concrete proposals the main feature of which is that they target platforms rather than intermediaries.
The 2015 Digital Single Market Strategy updated the 2010 goals, 32 effectiv ely replacing the 2010 Agenda as the EU blueprint for digital regulation. A superficial look may lead the reader to believe that the Strategy is informed by the same values as the 2010 Agenda. This is only partially true. In 2020, a new digital strategy was published. 33 The gene ral impression one gets when reading that document is that of a list of sector-specific issues that each need to be addressed in order to prevent the EU from falling behind. Thus, white paper on AI is promised, as are accelerated investment in gigabit connectivity, a European Data Strategy and a number of action plans and initiatives. While each of these can be discussed in 29 Thus a statement that converging technologies lead to "platform independence" can be found in the 1997 Green Paper on Convergence, 3 light of the merits for their respective fields, the dominant impression is that of a patchwork of measures rather than a coherent vision. Buried within the multitude of initiatives are two fundamental changes that are key to understanding the EU approach to disruption post-2015. The first is the promise to pass the Digital Services Act, which is meant to increase and harmonise "the responsibilities of online platforms and information service providers and reinforce the oversight over platforms' content policies". This act, which is nothing other than a fundamental revision of the E-Commerce Directive, promises thus to subject platforms to special regulation. This should have as the effect of increasing the "responsibility" of the platforms (which is the continuation of the narrative from the earlier communications) and reinforcing the oversight over their "content policies".
The significance of the statement is considerate. In the pre-2015 model, responsibility did not exist as a separate category. Platforms were, essentially, exempt in Articles 12-15 ECD as long as they did not provide the content (i.e. were not primary providers) and acted in good faith. The latter is presumed to be the case until the moment they were notified and failed to act on notification. In CJEU's case law, the degree of platform's engagement (active v. passive) was taken as a measure of the level of its liability. While this distinction could easily deal with a number of clear cases where intermediaries engaged directly (and thus lost the protection), it was less subtle in handling the cases where the intermediary had some (but not full) degree of knowledge and some (but not full) degree of engagement. 34 The new syst em builds on the notion that platforms can and do play roles that do not lend themselves easily to the active/passive division and must, therefore, be subject to a different (as yet undefined) system of liability. While little is known about the Commission's plans, it seems that liability might be conditioned on a degree of active engagement in filtering out the pre-defined illegal content (including child pornography, hate speech and IP-rights violations). In addition to looking at the responsibility of platforms, the 2020 Strategy suggests that oversight over platforms be increased. No indication is given as to what measures would be taken to achieve that goal. Any combination of EU or national agencies can be imagined as having that role, with the latter being a more likely option.
The second promise is equally far-reaching. It is the idea that ex ante rules are needed to ensure that large platforms with significant network effects acting as gatekeepers, "remain fair and contestable for innovators, businesses, and new market entrants". This seemingly innocuous remark hides a potentially revolutionary idea. The ex ante sector specific regulation is the current regulatory model applied to electronic communications (telecommunications). Unlike ex ante regulation, traditional competition law applies ex post by identifying a problem that has already occurred. A remedy is subsequently applied to it. Telecommunications regulation, which has gradually been liberalised in the 80s and regulated from the 90s onwards, required a significantly different regime. Rather than waiting for the various market failures to occur, it was necessary to identify the failures in advance to then apply appropriate remedies in order to prevent future occurrences. A hybrid regime has been created. While the guiding principles and market definition came from traditional competition law, the enforcement mechanism was based on ex ante application of remedies. The ultimate aim -as yet unachieved -was for only the competition laws to apply.
While there is no indication as to how the ex ante regulation to platforms would function, there are sufficient elements to make some preliminary conclusions. All ex ante regulation is sector specific and asymmetric by definition. The "sector specific" element suggests that it applies not across all electronic services but in certain sectors, where and when needed. The asymmetry refers to the fact that regulation does not apply equally to all providers but that it applies to some and not to others. Since regulation is ex ante, it would presuppose that providers with significant market power (a concept borrowed from competition law) are identified in advance, prior to any remedies being applied. The remedies themselves would have to be carefully chosen in order to achieve a previously defined result. Finally, the enforcement mechanism would involve national regulation authorities tasked specifically with the procedure, not unlike the ones in telecommunications.
In electronic communications, the procedure outlined above has been in operation since the late 80s and is well established. Its original emergence was due to the fact that competition law alone was not capable of solving the problem of uncompetitive telecoms markets. Its potential application in the content field, however, is unexplored and fraught with risk. One of those risks is that only larger platforms would be targeted because their market dominance is easier to establish than their smaller counterparts. Another would be the mechanism created for infrastructure, where the issue is often the access to the incumbents' resources, would simply not be suitable in more complex situations involving a mix of variety of market failures. To that must be added the complexities of enforcement mechanisms which would require a designated national authority to be put in charge of platforms.
In addition (and in pursuance of) broad or specific promises on platform regulation made in the 2015 and 2020 strategies, the EU lawmaker has engaged in sector-specific regulation of platforms. This regulation, unlike its more general counterpart in E-Commerce Directive, affects only particular kinds of platforms or only platforms in particular scenarios. Three prominent laws have been passed: the 2018 Regulation on fairness and transparency on business platforms, the 2019 directive on copyright affecting the news providers and user uploads and the 2018 proposal on terrorist content online. Common for all three is the relatively wide scope and the defensive approach.
It is important to emphasise that the move towards platform regulation is simultaneously taking place on the carrier (telecoms) layer. While the new consolidated European Electronic Communications Code 35 introduces only moderate measures (putting some number-based OTT providers under some obligations some of the time), the proposed ePrivacy Regulation 36 does a more thor ough job by subjecting all OTT providers to the proposed (now revised and extended) spectrum of obligations of the new Regulation. 37 The latter, in p articular, signifies that the regulator believes all platforms should be subject to the same privacy rules on the telecoms layer, irrespective of their status (incumbent or OTT), size (global or local) or purpose (business, entertainment, public service).
The 2019 Directive on Copyright in the Digital Single Market 38 contains a secti on on measures "to achieve a well-functioning market in copyright". Of particular interest in that section are articles 15 and 17, the former creating a sui generis right for press publishers, the latter demanding that user-generated platforms enter into licensing mechanisms or engage in comprehensive filtering. While both articles are problematic in their own right and have been extensively criticised, 39 even more fascin ating is the open move from intermediaries to platforms, hitherto not seen in 35  a directive but supported in the post-2015 EU policy papers on the digital world. This move is not accidental, a potential clash between the new rules and the E-Commerce Framework already having been envisaged and addressed in the Proposal itself. 40 The key is Artic le 17(3) which provides that platforms falling within the obligations of Article 17 do not benefit from the insulation of Article 14 ECD except for cases falling out of the scope of the article. This means that the DSM Directive carved out a special regime for platforms distributing content uploaded by users. Regular platforms are subject to the notice-and-takedown procedures of Articles 12-15 ECD. They only become liable for the content posted by others where, upon notification, they refuse to remove the content. The platforms distributing user-uploaded content, on the other hand, only have two choices: licensing or measures to prevent illegal uploads (filtering). Another example of a clear move to regulate platforms is the proposed Regulation on terrorist content online. 41 The proposal is m eant to introduce measure for preventing the dissemination of terrorist content online as well as to improve cooperation between competent authorities. While currently heavily debated, the Proposal is remarkable as another example of sector-specific regulation. While Copyright in the DSM Directive targeted one specific class of platforms (those hosting user uploads), this Proposal targets "hosting service providers" defined as "provider[s] of information society services consisting in the storage of information provided by and at the request of the content provider and in making the information stored available to third parties". The definition is only slightly narrower in scope than the definition of information society services, which effectively subjects a large section of platforms to sector-specific regulation.
It is possible to indicate several problems with this approach without going too deeply into the merits of the Proposal. First, the wide scope takes in a number of services where terrorist content may not be a problem. The broad definition may not be precise in targeting hosting sites the main purpose of which is wide dissemination of content with other sites which, although disseminating content, have a different scope and purpose. Second, the obligations to which platforms are subjects are problematic in various respects. The one-hour deadline (Proposal, article 4(2)) may be too narrow a window. The definition of terrorist content (referral to Directive (EU) 2017/541) may also create problems in catching acts that are not terrorist in nature. Finally, article 6 demands proactive monitoring measures, an idea contrary to the spirit of articles 12-15 ECD, in 40  spite of the guarantee given in Recital 5 that liability protection would not be lost by doing so.
Finally, another law targeting platforms and bringing sector-specific regulation is the Regulation on fairness and transparency for business platforms. 42 The work on the tr ansparency of B2B platforms had been already announced in the 2015 DSM Strategy, while transparency in search results, platforms' usage of information they collect and relations between platforms and suppliers have been flagged as areas of interest. In 2018, the Commission proposed a Regulation on promoting fairness and transparency for business users of online intermediation services. 43 In justifying the n eed for a regulation, the Commission pointed out to the fact that platforms are gatekeepers of the Internet. The Commission declared that the perceived asymmetry between dominant large platforms on one side and a number of small suppliers on the other underlines the relationship of dependence and the possibility for abuse. In order to address this, a number of measures were suggested. The regulation would apply to providers of online intermediation services and, in certain cases, online search engines. The core of the regulations consists in various measures that would increase transparency in target platforms' actions towards business users. While some obligations would appear to be straightforward (clarity in standard terms, statement of reasons for service suspension, etc.), others are more problematic. Thus Article 5 establishes requirements for a description of the main parameters determining ranking of business users in search results. Although the article does not demand that trade secrets as defined in EU law be revealed, it remains doubtful to what extent can search ranking criteria parameters be disclosed without also revealing the trade secret components.
The regulation has as its purpose increased transparency and fairness in situations where important platforms are in the position to significantly impact their business clients. In that respect, the Regulation introduces measures for ensuring better terms and conditions, forces platforms to state reasons in cases where they restrict or suspend services and introduces mechanisms of redress. Although the instrument speaks of "online intermediation services" and uses well-known definitions, the Preamble talks of platforms. The ultimate effect is to extend the set of obligations to all ISSs which provide services to business users (who offer goods and services to consumers).
In summary, the pre-2015 regulatory environment is siloed but with clear definition of the targeted units. In ISS silo, the scope is exceptionally wide, with almost any electronic provider falling within the definition but with regulatory burden being relatively low. In post-2015 world, platforms become the new focus (while maintaining the regime applied to ISSs) but more onerous sector-specific regulation starts to emerge (copyright, terrorist content, B2P transparency etc.) Thus, a path is opened for a different model of regulation -one that has the potential to break down the rigid silos. The most important feature of that regulation is not the fact that it applies to a wide spectrum of relatively poorly defined platforms. It is the fact that it brings deep and permanent changes to the way platforms function. Copyright in the DSM Directive thus bring an obligation to monitor through state-of-the art technology addressed to all platforms where users share content. The terrorist directive brings monitoring obligations to content-distribution platforms. The B2P transparency regulation brings obligation to reveal ranking criteria. As we will argue in the last section, while these changes may give the impression of a novel and deep intervention, they belie the fact that EU reaction is essentially targeted to preserving traditional solutions and minimize the effects of disruption.

. Rule-By-Decree
We have indicated above that the dominant EU model of regulating the digital world has been the use of framework directives coupled with special directives. This model relied on minimum harmonisation while reverting to full harmonisation in exceptional cases 44 and left significant manoeuvring space to Member States. Although other regulatory models, such as soft law, self-regulation or co-regulation, 45  The 2020 Strategy was followed by EU's AI 52 and data 53 strategies. Although non-binding papers are relatively frequently used by EU regulators, 54 the documents mentioned above are interesting for outlining not only an increased EU interest in platforms but also as a signal for a change in regulatory approach. Two significant elements of that approach are the use of platforms as the main point of interest and the use of a communication as a tool for establishing desirable regulatory goals which are to be achieved through proper laws should the appropriate reaction from the Member States fail to materialise. A hybrid system is thus created consisting, in reality of three elements: • traditional siloed IT rules such as the E-Commerce Directive, the AVMSD and the EECC; • new sector-specific platform rules discussed in the section 2.1 above; • soft laws in the form of communications and guidelines as a way of indicating the true desires of the policymaker.
Even the titles of the three documents are revealing. The 2016 Communication on platforms suggests that platforms (rather than ISSs, networks or electronic services) are a legitimate target of the regulator's interest. The 2017 Communication on Tackling Illegal Content Online is even more revealing. Its subtitle, "Towards an enhanced responsibility of online platforms", indicates not only that platforms ought to be regulators' legitimate targets, but contains an outline of a complete IT policy. The 2018 Recommendation is equally revealing, speaking of measures to "effectively" tackle illegal content online, suggesting that this has so-far not been the case. A more detailed look at the documents reveals even more significant shifts in approach. Preamble 41 of the 2016 Communication demands that both Member States and "hosting service providers" supply "all additional information" in order to allow "monitoring" of actions taken in response to Recommendation. On the basis of this information, the Commission will assess whether the response is adequate and whether "binding acts of Union law" are needed. This thinly veiled threat to legislate is surprising. Even though the EU sometimes resorts to soft law, followed by a vague threat that more stringent measures might be needed, this approach is used rarely and is very specific in terms of goals that need to be achieved. The present proposal, however, goes further in the specifics of its threat.
Content-wise, the 2016 Communication on platforms calls for flexible and future-proof policies concentrating on self-regulation and co-regulation, that would complement and reinforce existing legislation. The Commission suggests four principles for platform regulation: • a level playing field for comparable digital services; • responsible behaviour of online platforms to protect core values; • transparency and fairness for maintaining user trust and safeguarding innovation; • open and non-discriminatory markets in a data-driven economy.
Translated into a more comprehensible language, the principles sounds thus: • platforms are disrupting traditional business models and ought to be regulated more; • platforms act irresponsibly; • platforms act in a non-transparent manner and/or unfairly; • there is regular discrimination in a data-driven economy.
While there can be little doubt that some of the platforms sometimes act in a manner described above, it is surprising that the Commission's main regulatory paper on a widespread and important phenomenon takes a defensive approach. Particularly significant is the insistence on the level playing field. This, in simplest terms, is the idea that like services should be regulated alike. In a regulatory context, this usually means that laws applying to incumbent services are relaxed while those applying to disruptive are increased to reach a certain level.
That action had as its purpose the enforcement of consumer law and targeted companies with a view to reducing unfair contract terms and addressing fraud and scams that mislead consumers when using the social networks. When translated into comprehensible political language, this is a targeted attempt to commit very large platforms to action that would be difficult or impossible to achieve through traditional legislation. The development listed above may look like nothing more than the Commission's increased interest in platforms. It is not so. Rather than giving the Commission ex ante enforcement powers, the Treaty only gives it the right to propose laws and to occasionally partake in oversight of the ones that already exist. In other words, the Community constitutional documents have not envisaged the rule-by-decree which is essentially a style of governance characterised by quick and unchallenged edicts. Nowhere is this more apparent than in the 2018 Recommendation on the illegal content where the Commission promises that it will "closely monitor" whether its measures are followed and then legislate if they were not. Where laws do not exist, because the proper agreement lacks, it is questionable to which extent they can or should be replaced by letters demanding action from individual corporations, white papers or recommendations.

. The Change in Fundamental Regulatory Principles
The third development that characterises the EU response to digital disruption is the change in regulatory principles. These can best be defined as main ideas or key values guiding the regulation in a particular field. Regulatory principles in the digital world are different from general EU principles. They should also be distinguished from regulatory tools (e.g. competition law v. sector-specific regulation or full v. partial harmonisation).
Looking only at the content layer, the three main principles of the pre-2015 regulatory approach are "no regulation for regulation's sake", the Single Market basis and the technology neutrality of regulation. These can largely be extracted from the preambles of framework and other directives but also from policy papers.
The first principle means nothing more than regulatory restraint. As an EU approach, regulatory restrain has several manifestations, most importantly the idea that laws should follow the subsidiarity and proportionality and the idea that laws should have a proper legal basis. In its effort to achieve a Digital Single Market, regulatory restraint means that no unnecessary laws should be passed or, put differently, that the lawmaker should demonstrate regulatory restraint in all cases where it is not clear what the nature of the problem being regulated is. The legislation should help the EU make better use of technology, innovate and become a knowledge-based society.
The second principle, the Single-Market binding of EU digital laws, is also well-known and well-understood. In its simplest form, it means that EU legislation pertaining to the digital world should pursue Single Market aims. Since the digital world is cross-border in its nature, this principle has not caused practical difficulties, nor has it often been invoked in a digital content. Furthermore, since the matter is largely harmonised, courts have not had to resort to interpreting the constitutional embodiment of the Digital Single Market, as has often been the case in other types of services. In its more ambitious guise, the principle means that legislation should actively pursue a unified digital Single Market.
The third principle is technological neutrality of laws. Rather than relate to specific technologies, neutrality dictates that digital laws should be made neutral by applying to all technologies including the future ones. As such, the principle has been applied consistently, with few EU digital laws relating to specific technological solutions. As a means to achieving greater stability, tech neutrality has worked. The framework directives are modified rarely and few of the IT-related laws required frequent modifications.
The new EU regulatory principles are to be found both in the 2015 and 2020 strategies and in other policy papers. They are not hidden or buried deep in text but are instead boldly proclaimed. Two, in specific, determine the direction and the tone of EU digital regulation.
The first principle is the "what is valid offline should also be valid online" adage or, as it is put in the 2020 Strategy, "principles that apply to our traditional industry [...] also have to apply to digital industries". While there is a certain temptation to believing that cyberspace is not as special as its self-perception dictates, 56 the new principle goes deeper than simply challenging IT world's self-perception. The 2020 Strategy, rather than suggesting that a common set of principles be found, or that the current approach be rethought, declares that the offline principles ought to apply online. Policy-wise, this is a completely different approach than attempting to redefine regulatory principles altogether. That this is so, is confirmed in the two manifestations of the "online like offline approach". The first is the "level playing field" approach to platforms. 57 The essence of the level playing field as an approach is that every actor on the market has the fair (though not necessarily equal) chance of succeeding. To strive towards a level playing field means to set the conditions in the market so that no one group is particularly disadvantaged compared to another. In practical terms, in the digital world level playing field becomes most prominent in a situation where a disruptor/innovator quickly gains a market share over an incumbent company, prompting the latter to lobby (often successfully) for a change in the regulatory approach. If this change happens, it can go in the direction of relaxing the laws that apply to the incumbents or, as is more often the case, in an attempt to increase the regulation of the disruptors.
In the EU, the typical 'level playing field' response has been a drive to extend the regulation applied to the incumbents. This has happened both on the content and the carrier layers. On the latter, a persistent drive to regulate OTT providers has resulted in both the new European Electronic Communications Code and the proposed ePrivacy Regulation to extent the regulation of OTTs, the latter in a more dramatic way than the former. On the content layer, the ISS paradigm had been replaced with platforms which, in turn, had been exclusively regulated with the idea that comparable services should be subject to the same or similar rules. The specific regulatory principle used to achieve the result outlined above has been functional equivalence. 58 F unctional equivalence as a regulatory methodology is the process of subjecting functionally equivalent services or those that serve the same purpose to the same regulatory framework. 59 F unctional equivalence is similar to analogy which is a wider category from legal methodology (e.g. analogy in judicial reasoning, analogy in applying legal concepts etc.) The advantage of functional equivalence as an approach should be sought primarily in political gains -subsuming a disruptive phenomenon to an already existing law avoids the political strife arising from lobbying and the clash of political interest. Rather than subjecting a new proposal to a 57 In more detail see Savin prolonged battle of interests, the existing law is applied. Further to that, functional equivalence brings the familiarity of already known enforcement and supervisory mechanisms.
There are situations where functional equivalence is the right approach. 60 In order to determine if this is the case, three questions need to be asked: • are disruptive service innovative? • does the service become impossible or hampered by being subjected to traditional legal framework? • are there any other reasons justifying its regulation under traditional rules (e.g. public policy)?
If the answer is negative to the first two and positive to the last question functional equivalence as a regulatory approach may be appropriate. The problems that arise from the drive to subject online phenomena to legacy laws are twofold. First, it has been demonstrated that overregulation may have negative effects on innovation. 61 Second, innovative service can become more difficult to provide as a subject to inflexible regulation. Third, functional equivalence reduces political but increases the economic and social cost making it potentially the more expensive approach.
The second principle is the idea that social costs of disruption should be as small as possible, that judicial restraint should be used instead of neoliberal approach and that destabilizing effects should be mitigated through both positive and negative integration. 62 Put in different terms, this principle dictates that legislation has moved from enabling markets to constraining/restraining disruptive market forces. The pre-2015 legislation, as a result of a deliberate political choice, even when protecting consumers, sought to open up markets and innovation and create new opportunities. The new approach does not take decisive steps towards opening new markets.
The clearest manifestation of the new approach is to be found in the 2020 Strategy. The Strategy has three key objectives, each with a set of 7-8 key actions. Out of the 23 declared actions comprising both the content and the carrier, full 13 are either directly aimed at constraining harmful or problematic practices or containing significant elements to that effect. In the key areas, such as platform regulation, the main theme is protection from harmful effects these platforms may produce. In other areas, the focus is on mitigating the effects of disruption.
The same can be deduced from almost all post-2015 laws. The GDPR is a revised but (in essence) unchanged Data Protection Directive, the EECC is little more than a codification, the laws on platforms (affecting geoblocking, transparency, copyright or terrorist content) are universally cantered on harmful effects. At the same time, there are few clearly formulated principles on the key challenges of the century such as the role of AI, robotics, data ownership and others. The 2001 E-Commerce Directive has been opening the markets. The post-2015 laws are not.

. Concluding Remarks: The New Directions
A review of the foregoing imposes a number of interesting observations.
First, there seems to be a lack of political direction in the Commission's policymaking. The main idea in the post-2010 strategies is the statement that Digital Single Market had not been achieved and the belief that various sector-specific measures would be able to address the shortcomings. Where there is a more coherent response, as is the case with platform directives and regulation mentioned above, this is directed towards producing different defensive strategies or addressing very narrow issues or issues confined to a specific set of circumstances. In such a context, symbolic acts enable the EU to claim credit where real achievements are lacking. 63 A reader of the 2020 Strategy seeking to list political choices that apply to the digital world would look in vain. Since a strategy is, by definition, a plan to achieve a long-term aim, the document's chaotic approach is anti-strategic in its intentions.
An informed observer of the developments in the EU digital world regulation would get an overwhelming feel that legacy tools are used to achieve legacy objectives. In the telecoms world, this is even formally confirmed with the new EECC being labelled a "Recast" -a rearrangement of the previous directives into a new instrument. In the content world, the main directives -ECD, AVMSD, GDPR to name the most relevantremain intact in terms of both the ideas they are based on and the tools they utilize. While there is little doubt that not all models may need to be modified, the fundamental legislative premises are unchanged.
There are two main problems with maintaining the current laws in their unchanged political state.
The first is that lack of initiative would create the need to interpret the existing laws broadly. An overbroad interpretation of existing laws may be politically easy to achieve but costly to democracy, freedom of expression and equality on one side 64 and tech development on the other. Because the new approach is lacking, the conflicting political interests would each lobby for the interpretation that best suits their interests. This is already manifest in the issues created by the interpretation of ISP liability rules or the rules on consent in privacy.
The second problem is that CJEU would continue to play a role in second-guessing the lawmaker it constitutionally does not have. The Uber judgment, treating the platform as a transport provider and not a provider of electronic services might be controversial but is a result of a decided lack of guidance by the legislator. The Google Spain judgment 65 was a result of a lack of guidance on the relationship between various fundamental rights. A multitude of complicated judgments on copyright issues 66 was necessary precisely because no suitable explanations existed in present laws. These uncertainties will continue if unaddressed and would encompass both national courts and CJEU, moving the latter towards the role the US Supreme Court plays.
A general consensus in the academic world is slowly emerging that current legal concepts such as property, privacy or contracts, cannot adequately challenge the changes of the digital society and would have to be rethought. In order for these concepts to be able to answer such challenges, it is necessary to understand the nature of disruption, the operation of current legislative principles and the basic premises upon which any future laws should be founded. Put in different words, in order to -for example -adequately answer the issue of data ownership, it is not enough to apply the current concept from the arsenal of property or privacy laws 64  (such as consent), but to rethink the very concept of property. In order to adequately answer the challenge of disruptive platforms, it is not enough to be skilled in distinguishing which parts of sector-specific laws apply to them and which are left to digital laws (as Uber attempts), but it is also necessary to rethink the role disruptive innovation plays. In order to benefit from investment in new telecoms infrastructure, it is not enough to tweak the laws applying to access to incumbents' facilities (as EECC does), but to find mechanisms that enable both the deployment and take-up of next-generation technologies.
While it may be difficult to imagine that a set of radical regulatory choices are even possible, this is precisely how the Internet was born. The fact that Internet infrastructure was not subject to traditional telecoms control made it possible but was a clear political choice and not an accident. The same is true of the content layer. The insulation of intermediaries is not an immaterial accident but a deliberate choice. The Section 230 of the US Communication Decency Act words that "no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider" and their EU ECD counterpart have played an immeasurably important role. 67 We hav e argued above that the post-2015 regulatory response to disruption has been characterized by three factors: the move to regulating platforms instead of ISSs, the change in the structure of the used instruments (from laws to decrees) and the shift from permissive to restrictive, formally manifested in the offline=online adage. The three developments can together be taken as the description of the EU response to disruption. The effect is to slow the economic disruption and mitigate the negative effects, while only marginally addressing its benefits. This appeases the incumbents (incumbent sector-specific providers, incumbent news services, incumbent rightholders, incumbent sales outlets, incumbent media services...) while, at the same time, not imposing an impossibly high burden on new services. 68 While this politically less difficult petrification of obsolete legislative paradigms has had the effect of (somewhat) delaying the negative effects the disruption may have on the traditional industries, it did little to harness the creative and innovative potential that lies in economic and social disruption. The outlines of what new regulation needs to look like are already known. 69 We sug gest that new legislation needs to have three elements to be successful in harnessing the potential of disruption.
The first is the gradual abandonment of the siloed structure and a move from vertical to horizontal regulation. 70 The pr e-convergence era division looks and feels artificial and prevents the flexible solutions from being achieved. Instead of having the telecoms, ISS and AVMS, two structures would be the infrastructure (telecoms) and services.
The second is the recognition that governance of digital structures plays a significantly more important role than has been the case in the early years of IT regulation. Digital governance is the framework for establishing accountability, roles, and decision-making authority in the organisations 71 but al so in the society as a whole. 72 Put si mply, controlling internet resources, setting standards for the Internet, having an impact on digital architecture and having an impact on the content is no longer just an issue of good regulation but also (and possibly primarily) the issue of understanding who governs the net, how it is governed and how regulation can influence that governance and complement it.
The third point is that the original excitement with the Digital Single Market should be made the focus of the lawmakers' effort again. The EU has the most robust privacy and consumer protection laws in existence. At the same time, the many decades of this development have not made the position of the user markedly different to the one in North America or East Asia. The Single Market, on the other hand, has made real and visible improvements to the life of Europeans, as has dramatically been demonstrated when Corona-related disruption hit in early 2020. Digital Single Market is only a natural extension of the new original project and should be embraced with the same enthusiasm. As Schumpeter aptly showed, the destruction of the old economic structure is inherent in economic disruption and cannot be fought for a prolonged period without marked costs for the development of a society. Creative disruption should, therefore, be embraced by the EU legislator and be adequately addressed in the EU digital policy.