With Vincenzo Gallotto, Lawyer and Data Protection Officer, legal consultant of Assoprovider, we explore the new obligations of providers on the topic of Parental Control.
Parental Control, a highly debated topic in the TLC sector in recent times: ISPs and associations like Assoprovider are working to identify the technical solutions to implement and which types of content should be disabled.
There are still some open issues, but the obligations outlined in the AgCom Guidelines are already clear in many areas.
Assoprovider discussed doubts and answers regarding the regulation with lawyer Vincenzo Gallotto, the association's legal consultant, during a webinar dedicated to the topic.
Parental Control: What the Law Provides
It all begins with Article 7-bis of Decree Law 28/2020, which introduced the obligation for Operators to implement "parental control systems." The regulation refers to a "filter for inappropriate content for minors and blocking of content reserved for audiences over eighteen years of age."
In particular, the systems must be:
- Pre-activate on the lines, in case of a contract with minors;
- Free;
- Deactivatable only upon consumer request.
Following the law, AGCOM initiated a public consultation on the subject to implement the requirement, involving operators and associations, who could propose technical solutions and offer their opinion on the types of content to be blocked.
Following the consultation, the Authority issued a series of guidelines, sent for an opinion to the European Commission, before the final adoption with resolution 9/23/CONS.
The deadline to comply with the guidelines is November 21, 2023, exactly 9 months after the publication of the AGCOM resolution.
What do the AgCom guidelines provide?
According to AGCOM guidelines, the parental control system is:
- Mandatory in offers intended for minors;
- Available for activation by the contract holder for offers aimed at adults;
- Not mandatory for business users.
As previously mentioned, the Operator must offer the basic parental control service free of charge, but may offer additional paid services. For example, consider the unlocking of the system during certain time slots, or the selection/deselection of specific content (block list and allow list), or even the logging of visited sites.
ISPs are also required to adequately inform users, including those already under contract. Communication can take place via billing, through reserved areas on websites/apps.
Finally, Operators are also required to provide free technical assistance on the tool.
How to implement the block?
Among the unresolved issues, there is the crucial one of the technical solution for the implementation of parental control. In this regard, AGCOM gives operators the possibility to use the solution that best suits their business.
The main alternatives are two:
- Installation by the end user of an application provided by the operator on the various devices used.
- Content filtering at the transport or application level, with a specific filtering program installed on a proxy/gateway or setting up a DNS service. This latter type is already widely used, for example, for CNCPO lists or for blocking gambling and copyright-protected content.
"My advice," explained lawyer Gallotto, "is to inform AGCOM in advance about the design and implementation phases of the service, to receive prior approval and understand if the correct path is being followed."
What happens if one does not comply?
As things stand, the lawyer explains, "there is no provision for monitoring and sanctioning activities by AGCOM in the event of non-activation or incorrect activation of parental control." Nevertheless, "AGCOM is obliged to notify and report the anomaly to the operator, who will have 60 days to comply. If the operator fails to comply, proceedings could still be initiated."
Which content to block? An ongoing issue
Among the topics still under discussion is the one concerning the types of content to be blocked. The Decreto Legge 28/2020 establishes that AGCOM should identify them. In the guidelines, however, the Authority suggests the adoption of a new public consultation with operators, so the issue remains open.
However, the AGCOM measure already provides some indications. In particular, it highlights certain categories of content, even if excessively generic:
- Adult content (consider pornographic content sites);
- Gambling/betting;
- Weapons;
- Violence, including sites that depict or promote self-harm and suicide;
- Hate and discrimination against any individual or group;
- Promotion of practices that can harm health in light of established medical knowledge (for example, sites that support anorexia, bulimia, alcohol and tobacco use);
- The so-called "Anonymizers," which provide tools and methods to make online activity untraceable;
- Websites promoting cults (spells, curses, magical powers, etc.).
Pending more specific definitions, AGCOM suggests that ISPs use lists of domains/subdomains and content, determined according to their own service specifications and/or provided by third parties.
Doubts remain, as explained by lawyer Gallotto, "the indicated contents are extremely vast: there is an objective difficulty in selecting and blocking these types of content, because in some cases they may be found on sites that offer perfectly lawful and legitimate services or information."
To stay updated on the latest regulatory developments in the Internet and TLC sector, join Assoprovider!
With us you can:
🔵 Access the dedicated AP-Legal newsletter
🔵 Participate in online and offline events to explore the latest developments
🔵 Request information from our legal advisors
For information, visit www.assoprovider.it
