European Union and the Right to Open Internet: To Boldly go where no One has Gone before

Abstract The discussion of the need to establish a ‘right to the internet’, ongoing now for over thirty years, has not brought about a clear resolution. Despite the growing importance of online services to both the economy and social life, there is no consensus on the limits of such a right, nor on the need to define it at all—not to mention controversy over its inclusion in the catalogue of fundamental rights. However, the discussion about the right to internet access in the context of the EU legal system now seems obsolete. This is so, because—not through the direct modernisation of the Charter of Fundamental Rights but as part of new telecommunications legislation—a new subjective right, called the right to open internet, has emerged. The aim of this Article is to clarify the content of this right and its relationship to the principle of network neutrality. Against this background, recent judgments of the Court of Justice will be examined and discussed. Although closely related to the telecommunications market, these judgments may serve as a starting point for further discussion on the meaning of the right to open internet in the EU legal system, including its relation to the protection of human rights.


I. INTRODUCTION
For many years, the European Union has supported the transformation of the economy and the creation of a friendly regulatory environment for initiatives related to its digitisation. In its 2021 strategy, the European Commission defined four main directions for the development of the EU in the current decade, among them increasing the digital competence of society, the transformation of enterprise, and the digitisation of public services. 1 Ambitious public policy goals are also reflected in legislative work the EU has undertaken. In 2020, the European Commission presented a whole series of legal proposals for reforming the EU framework for digital services, in place for the last two decades. 2 This was followed by the introduction of a draft AI Regulation in April 2021-a new piece of legislation aimed at establishing common rules for the design and implementation of state-of-the-art algorithmic systems. 3 It is worth noting that the AI Regulation is going to be the first such comprehensive act of this kind in the world. The new legislative initiatives also confirm the EU's leading role in setting international standards for the protection of fundamental rights in cyberspace. 4 The announcement of the European Union's new Digital Strategy came during the fight against the coronavirus pandemic. As a result, conducting the digital transformation while paying special attention to the needs and expectations of the individual gained additional significance. For a considerable part of the population, the use of many types of services during the pandemic-including public ones-has only been possible through electronic means. Health care, education, and even meetings with friends have taken place using online services. On the one hand, this has led to the dynamic development of a range of online services but, on the other hand, has also highlighted the risks associated with the digital exclusion of a significant part of the society. 5 Since the 1990s there have been lively discussions on whether the internet per se and the services provided through it require a specific form of legal regulation; 6 in particular whether it is merely a new form of communication, ie one of the many that humanity has developed in its history. 7 An increasing number of researchers have pointed out that cyberspace is not only a means of communication but also a way of building interpersonal relationships, and thus a phenomenon affecting the functioning of entire societies. 8 It seems that the question of whether the digital economy needs a new digital law is still regarded by many as unresolved, as demonstrated by the ongoing discussion on the need to introduce a new right into the catalogue of fundamental rights, called the 'right to internet access'.
In implementing a bold programme for the digitalisation of society, the European Union cannot ignore this issue-it is difficult to expect that the objectives of the Digital Strategy can be met without simultaneously ensuring that individuals can use modern digital services. This problem has been recognised and partially addressed by Regulation 2015/2120 (Open Internet Regulation), 9 which establishes specific rules for the provision of internet access services within the EU. Though the introduction of the Regulation did not receive widespread public attention, the act defines important guarantees-and consequently, obligations-affecting the exercise of rights and freedoms in cyberspace. For many, the Regulation was viewed as just part of the EU telecommunications regulatory framework, ie a piece of legislation of mainly sectoral importance and thus having no impact on the protection of basic rights.
However, the purpose of the regulation is not so much to establish a 'right to internet access' throughout the European Union, but to ensure that telecommunications service providers' practices do not restrict users from freely accessing information and that they do not introduce anti-competitive practices. As a result, the Open Internet Regulation deals more with the concept of net neutrality-and hence with the right to an open internet-than with conceptualising the right to internet access.
In recent years interpretation of the rights laid down in the Regulation has been the subject of a series of rulings by the Court of Justice. While the cases before the Court have, in fact, dealt with a very specific issue relating to the application of the EU telecoms framework, the interpretation provided clarifies how the right to open internet should be understood.
The aim of this Article is to discuss the content and scope of the right to open internet, as well as the purpose of its possible inclusion in the catalogue of fundamental rights. To this end, in the first section the ambiguities related to the right of internet access will be discussed. Although both concepts-namely the right to internet access and the right to open internet-were developed independently, it is impossible to fully understand the importance of open internet without first presenting a discussion about the right to internet access. Only then can the genesis of the right to open internet and its relation to the principle of net neutrality be properly explained. The regulatory model introduced by the Open Internet Regulation and the interpretation of the open internet provided by the Court of Justice will then be discussed. These analyses will make it possible to present conclusions regarding the future of the right to open internet in the EU legal model-in particular the legitimacy of recognizing it as a fundamental right.

II. CONTROVERSIES REGARDING THE RIGHT TO INTERNET ACCESS
Discussion on the essence of the right to open internet should begin by referring to another proposed right that has been discussed over the years-namely the right to internet access. The relationship between these two concepts seems to be strict: the lack of recognition of a right to access the internet de facto eliminates the need to discuss the inclusion of the right to open internet in the catalogue of fundamental rights. Access to the internet obviously is a necessary condition to the free use of it: What would be the purpose of the legal protection of net neutrality if public authorities could arbitrarily control the Internet access itself? Moreover, in the case of both the right to internet access and the right to open internet, similar problems need to be addressed: First of all the very existence of this right, its nature (whether it is an independent right) and its relationship to the system of subjective rights (in particular, whether it should be included among fundamental rights). It is astonishing that in the case of a right to internet access, experts in the field have been unable to reach consensus on any of these issues.
The argument that there is no need to recognise a right of internet access has endured for years. In his famous article, Vinton Cerf stated that 'technology is an enabler of rights, not a right itself". 10 In doing so, he favoured the internet as a communication medium, and the ability to access it as a manifestation of other rights and freedoms-such as freedom of speech. This is an oft-repeated argument, with its proponents usually pointing out that no other analogous rights, such as 'the right to a telephone', have been established in history. 11 However, the fact that both the United States and the European Union have had mechanisms in place for years that guarantee access to a so-called universal service, makes such examples erroneous. The aim of introducing such guarantees was precisely to protect individuals from the risk of technological exclusion, as well as enable them to benefit from advantages associated with technological progress. While universal service per se is not an individual right, given the purpose of the regulations establishing it and the manner in which it is guaranteed (in the case of the EU, through public regulatory measures), one can justifiably call it 'the right to a telephone'.
Nevertheless, Cerf's argument requires a more detailed analysis. Does the fact that the internet is a 'technology enabler' preclude access to it as a subjective right? Indeed, it seems that the reasoning presented by Cerf should be read differently: the right to access the internet is unnecessary because such a right is already guaranteed by the legal system. In other words, the right to access the internet de facto exists in current guarantees, such as freedom of communication or the right to information. Such a conclusion would also explain why it is so difficult to define: if the right to access the internet only supports the implementation of other rights, there is, in fact, no value in the protection for which its establishment would be necessary.
In the same way, however, it can be argued that there is no need to introduce many other subjective rights, including those nowadays categorised as fundamental ones. For many years data protection was treated solely as a component of the right to privacy. 12 Even today, in many legal systems, guarantees for data protection are derived exclusively from the protection of privacy. 13 In a large number of countries, data protection is not a fundamental right at all. 14 So, can technological developments alone give rise to new subjective rights? With regard to the EU data protection model, this has been the case. The scope and importance of automated data processing in information systems has led both the EU legislature and the courts (including the Court of Justice for the European Union ('CJEU') and Member States' constitutional courts) to recognise the need for more effective protection of individual rights, thus confirming that the right to privacy is not sufficient in itself to provide adequate protection and that new guarantees need to be derived in this area. Today, in the EU legal order, the protection of privacy and the protection of personal data are two different and independent subjective rights. 15 A separate issue is the problem of whether internet access should be recognised as a fundamental right. 16 The post-war system of human rights was built on the conviction that there is a core set of basic rights that should be universally protected. Hence, the first generation of rights that was enshrined in the international human rights system focused on the protection of fundamental freedoms and liberties-such as the right to life, prohibition of degrading treatment, freedom of expression, and protection of privacy. Thinking of human rights in terms of inherent rights (and thus belonging to the individual regardless of the will of the political power) seems to stand in the way of including in this category the right of access to a specific technology. Bearing this in mind, it would be difficult to expand the catalogue of human rights in a way that went beyond the most important guarantees of personal freedom and security.
The Charter of Fundamental Rights lists a number of rights, freedoms, and principles that are not to be found in the constitutional provisions of not only third countries but also EU Member States. 17 It would therefore seem that, when thinking about rights, one cannot lose sight of the values and objectives shared in a given society. The fact that, even among democratic countries, the mere existence or scope of application of certain rights is debated (such as the right to data protection or the right to access public information, mentioned above) should not lead to the conclusion that these rights are essential in all other societies and different models of governance. Therefore, it seems that discussion on the inclusion-or not-of internet access in the catalogue of fundamental rights should not be based on the assumption that norms of natural law are the only source of fundamental rights and freedoms. 18 In the European legal order, the meaning and limits of fundamental rights are subject to the interpretation of not only constitutional courts but also European courtsin particular the European Court of Human Rights. The Court has for years stressed in its jurisprudence that the prime condition for the recognition of a new individual right and its incorporation into the body of other rights guaranteed by the Convention is the readiness of other countries to ensure its protection in their own legal systems. 19 In this way, the European model of human rights protection has evolved through the search for common values recognised by democratic societies. For this reason, the Court has in the past been critical of attempts to derive from the provisions of the European Convention such rights as, for example, the right to abortion, 20 16 S Tully, 'A Human Right to Access the Internet? Problems and Prospects' (2014) 14 Human Rights Law Review 175. 17 An example is the right to public information-included in the Charter but not explicitly defined in the constitutional provisions of most Member States. 18  the right to be a biological parent, 21 and the right to enter into same-sex marriages. 22 Reaching consensus in the discussion on whether a right to internet access should actually exist, and if so to what extent, therefore requires first of all establishing whether European societies recognise the need for such a right. Only some Member States have constitutional provisions containing an explicit reference to rights relating to the development of the information society. 23 However, changing trends in this area may have been signalled by the successive judgments of constitutional courts acknowledging the existence of a right to internet access and recognising it as a fundamental right. An example is the 2009 ruling of the French Constitutional Council (Conseil Constitutionnel), which recognised that the right to information also implied freedom of access to publicly available online services. 24 Similar rulings have also been made in other Member States. 25 However, it cannot yet be considered an established standard that would make it possible to ascertain the precise scope of the right to internet access.
At the same time, when discussing the need to establish the right to internet access one should not lose sight of the social and economic differences between different regions of the world. Respect for the right to internet access should be linked, first of all, with the obligation to provide this access to the public. Although from the perspective of the European or American telecommunications market this access is in practice already guaranteed today, this is not the case in many other regions of the world. It is difficult to talk about a universal nature of this right in a situation where a significant part of the population lives in regions at risk of poverty and with limited access to basic media or public services.
Moreover, the discussion on the existence of a right to internet access is not directly related to the manner of using online services, in particular to guarantees related to the lack of interference with access to specific content. It turns out, therefore, that from the perspective of developed telecommunications markets-such as the EU'sa discussion about rights related to access to online content is more necessary than the right to use the Internet itself.

III. FROM NETWORK NEUTRALITY TO THE RIGHT OF INDIVIDUALS
The technological transformations which took place in the first decade of the twentyfirst century enabled telecommunications operators to implement innovative mechanisms of bandwidth management. It became possible, among other things, to prioritise particular types of transmission, and to also impose restrictions on available bandwidth or even block certain types of services. As a result, telecommunications operators began to commercialise these possibilities-for example, by entering into agreements with providers of streaming media, on the basis of which they guaranteed an appropriate quality of service to end-users. 26 Using the same technical capabilities, they then began to hinder (or prevent) the use of certain modern services, such as Voice over Internet Protocol ('VoIP'), only because they threatened traditional voice services. Traffic management mechanisms thus became not only a tool for ensuring the correct operation of a telecommunications network, but also a means of implementing the commercial policies of service providers-which had to be considered also in the context of anti-competitive practices. 27 This problem was recognised by EU institutions working to reform the regulatory framework for electronic communication networks and services. As a result, the telecom regulatory model was supplemented by the introduction of an obligation requiring national supervisory authorities to 'promote the ability of end-users to access and distribute information or run applications and services of their choice'. 28 Thus, for the first time, there was a direct reference in a legally binding act to the need to ensure the freedom of individuals in how they used electronic communications services. However, this standard only affected the practices of regulators; it did not create any obligations on the part of service providers, and nor was it the basis for formulating end-user rights.
At the same time, the Commission, in its declaration accompanying the text of Directive 2009/140, emphasised the importance of ensuring an open and neutral internet by pointing to the need to 'enshrine net neutrality as a policy objective and regulatory principle to be promoted by national regulatory authorities'. 29 While the Commission's declaration clearly signalled its intention to undertake further legislative work, it did not provide a definition of the term 'net neutrality', and nor did it explain how net neutrality was supposed to differ from the principle of an open internet.
Neither were such definitions provided in the Commission's Communication 'The Open Internet and Net Neutrality in Europe', published in 2011, 30 which formed the basis for discussion over the following years, ultimately leading to the development 26 The literature extensively discusses practices in the US market, mainly concerning agreements between mobile service providers (mobile network carriers) and streaming service providers. and adoption of the Open Internet Regulation. In its position paper, the Commission emphasised the need to take into account in the debate on net neutrality the preservation of the principle of openness while respecting fundamental rights, and to avoid solutions that constituted a barrier to the development of innovative services. 31 At the same time, however, it indicated that achieving this objective did not require the adoption of new legal regulations.
The problem with a lack of a precise definition of the terms used was noticed by the Body of European Regulators for Electronic Communications ('BEREC'), whose analysis proposed that the term 'net neutrality' should be understood as a state in which 'all electronic communication passing through a network is treated equally', 32 whereby equal treatment should be understood as prohibiting discrimination on the basis of content, the application, service, or device used, as well as the address of the sender and receiver of the transmission.
Net neutrality was supposed to ensure that users would be able to take full advantage of the benefits of modern technology and would not be limited by arbitrary decisions made by the service provider. Nonetheless, one must not lose sight of the fact that the way telecommunication services are provided requires decisions related to the management of network capacity and efficiency, which, from the perspective of end user, may be perceived as restricting the ability to freely use online services. Examples include temporarily imposed restrictions on the use of certain types of protocols (eg P2P) or services (eg video streaming) intended to protect the stability of services provided to all users. Such practices, in order not to lead to suspicion of anti-competitive behaviour, must be transparent, non-discriminatory and applied in well-defined situations. Similar conclusions were reached by the US Federal Communications Commission ('FCC'), which, in parallel to the EU, developed its own regulations aimed at promoting the idea of a free and open internet (the so-called Open Internet Order of 2010). 33 The FCC recommendations were based on four main principles: transparency; no blocking; no unreasonable discrimination; and reasonable network management. 34 Although the aim of the principles established by the FCC was similar to those discussed in the EU, the different nature of the measures adopted to achieve them is noteworthy. Obligations to respect the principle of an open internet were not introduced in statutory law but through binding recommendations issued by the regulatory authority. 35  addressed only to a group of supervised entities. Telecommunication operators questioned whether the regulator could impose such far-reaching restrictions on their activities based on the powers it had. In subsequent cases, federal courts held that the FCC had exceeded the scope of its authority, a decision which limited the actual impact of the rules established on the functioning of the US telecommunications market. 36 The scope of the net neutrality principle remains a topical issue in US federal regulatory policy for telecommunications markets. It should be noted that the FCC issued a new Open Internet Order in 2015, 37 which was then revoked in 2017 under President Trump's administration. As a result, until recently, telecommunication companies were not obliged to treat all internet traffic equally. 38 However, President Biden's administration is currently leading efforts to restore net neutrality as part of the FCC's regulatory policy. 39 Separately, it is also worth taking note of legislative work which, if successful, will result in stronger legal mechanisms related to the prohibition of traffic discrimination in the United States. 40 The activities of both EU and US institutions can be perceived as part of a broader discussion on the permissibility of various forms of traffic discrimination and the importance of the principle of net neutrality that has been taking place among regulators around the world. 41 Against this background, the relationship between the concepts of 'net neutrality' and 'open internet' needs to be clarified-in particular whether they can be considered synonymous. As a rule, the principle of net neutrality should be associated with treating all traffic in a non-discriminatory way (without unjustified promotion or restriction of particular types of transmission). On the other hand, according to the open internet concept, the end-user should be able to access all content and services online, without arbitrary restrictions introduced by the third parties. In this understanding, technological neutrality is a necessary yet not sufficient condition for ensuring the openness of the internet. The latter concept has a broader meaning, as it also includes practices applied by other providers of digital services (in particular-content providers) and producers of consumer devices (eg vendor lock-in as a 36  design feature preventing the use of applications or services of third parties) as well as content filtering measures applied by public entities.
In practice, however, the term 'open internet' is used as a synonym for net neutrality. Therefore, although the stated goal of both US and European regulations is an open internet, these regulations focus on ensuring net neutrality.

IV. EU'S OPEN INTERNET REGULATION
In the case of European regulations, the net neutrality rules have been based not on decisions by regulators made according to existing laws (as in the US model) but on a new piece of legislation detailing the regulatory framework for the telecommunications market.
The EU legislature decided to set out these rules in a directly applicable regulation that did not require transposition into national law. 42 This was all the more important as the most important telecom rules are typically adopted in the form of directives, 43 which gives Member States freedom in the choice of forms and methods necessary to achieve the legislation's aims. The choice of a regulation to introduce the principle of open internet resulted from the belief that only harmonised rules of conduct applied uniformly across the internal market could prevent the adoption of divergent national solutions.
Open Internet Regulation pursues two objectives: firstly, ensuring access to an open internet (understood as respecting the principle of net neutrality); and secondly, protecting end-users rights. 44 The subject of the Regulation is therefore the internet access service, and the obliged entity its providers, providing services to end-users. However, the aim of the Regulation is not to establish the 'right to the internet' understood as an obligation to provide end-users with access to the network. Therefore, the rights guaranteed by the Regulation do not modify (let alone replace) universal service laws.
The Regulation does, however, introduce in Article 3(1) the right of access to an open internet, understood as 'the right to access and distribute information and content', regardless of the application used, the location of the end-user's device or the source and destination of the transmission. The entitled persons are end-users, ie all users (not only consumers) using electronic communication services-including content or application providers. Thus, the right enshrined in the Regulation protects both the freedom of users to access the content they search for and the right to share it freely with others. 42 In fact, the final regulation is the result of several years discussion among Member States and differs significantly from the draft originally proposed by the Commission. See ibid. 43 Indeed, this also applies to subsequent legislation-in particular, the European Electronic Communications Code, which replaced earlier framework directives and was also adopted in the form of a directive (Directive 2018/1972). 44 See Recital 1 of Open Internet Regulation. In EU telecommunication law, the terms user and end-user should not be confused. While the first term covers all recipients of electronic communications services, the second one covers only users that do not provide telecommunication services (and thus does not include telecommunications service providers).
The broad scope of the definition adopted means that respect for the right guaranteed by the Regulation precludes telecommunications operators from implementing rules that discriminate against traffic on the basis of not only content or application but also the access device employed by the user. Lucas Lasota even defines free choice of terminal equipment as 'a fundamental principle of net neutrality', as it enables end-users to remain autonomous in their decisions regarding access to the internet, utilising devices they trust for security, privacy, and data protection. 45 Though the right is matched by an obligation to respect it, this extends only to internet access providers. The provisions of the Regulation-in particular its open internet access guarantees-do not establish any obligations incumbent upon other entities, including mobile apps developers. 46 In order to strengthen the guarantees introduced, the EU legislature has also established additional safeguards that prevent the limiting of, or in extreme cases completely excluding, the right to open internet. To this end, pursuant to Article 3(2) of the Regulation, contractual provisions agreed between the service provider and the user concerning financial and technical conditions of the services provided cannot restrict the exercise of the right to open internet. Neither may 'any commercial practices' applied by service providers have such an effect. This can therefore be deemed a mandatory rule, which excludes the introduction of contradictory regulations by way of freedom of contract.
In practice, the indiscriminate application of the right to open internet could conceivably hinder or even prevent the provision of certain types of modern online services. For this reason, the legislature has confirmed that the obligation to treat all transmissions equally does not preclude operators from establishing necessary traffic management measures. However, such measures must be 'transparent, nondiscriminatory and proportionate' and must not be dictated by commercial policy.
The legal nature of the provisions regarding the right to open internet requires a separate discussion. Undoubtedly, they define a subjective right that, due to the way it has been established (by a legislative act defined in Article 289 of the TFEU), places it below both primary law (including the Charter of Fundamental Rights) and the general principles of law in the hierarchy of EU legal norms. 47 At the same time, however, in the legal systems of Member States, due to the principle of supremacy, it is placed above domestic law, including (still a controversial matter) constitutional law. 48 49 In fact, it has a similar status to the right to data protection before the adoption of the Lisbon Treaty, when the principal source of EU regulation on personal data was Directive 95/46.
The introduction of guarantees to ensure an open internet has led to the strengthening of several fundamental rights established by the Charter, in particular the right to information and freedom of expression. At the same time, exercise of the right to open internet may result in the restriction of other rights that obliged entities have. One example is the freedom to conduct business, now prohibited from providing services in a manner contrary to the Regulation.
There is no doubt that the right to open internet is not an absolute right. At the same time, the EU legislature has prevented it being limited by the purely economic interest of the service provider. What is more, the compulsoriness of the Regulation's provisions means that even if a user and service provider mutually consent to it, the right cannot in any way be limited under the Regulation. It follows that the purpose of framing the right to open internet in this way is not only to protect individual service users, but also to safeguard the common good-which in this case is free access to and distribution of information in cyberspace. In this way, the right to open internet enshrined in EU law serves to strengthen pluralism of thought and opinion and to ensure that service providers, in pursuit of their own economic objectives, cannot arbitrarily shape the market for digital services and media.

V. NET NEUTRALITY AND OPEN INTERNET IN THE COURT OF JUSTICE CASE LAW
A. Internet Access with a 'Zero Tariff' Option From the outset, work on Open Internet Regulation mainly considered its impact on the practices of telecommunications operators. 50 Although, according to the principle of network neutrality, unauthorised discrimination of traffic is inadmissible, establishing mechanisms for different treatment of traffic when necessary to ensure the proper operation of a telecommunications network has never been in question. However, this criterion has not always been sufficiently precise; hence, there has been some discussion about what types of practices can be deemed necessary, and therefore acceptable, and from whose perspective this necessity should be assessed. 51 A number of doubts about the new regulations have centred on how they relate to the realities of the wholesale market, as well as their impact on the development of services provided to digital service providers. An example of this were services based on the so-called zero rate. 52 An inherent feature of such services is providing end-users with access to designated online services, without a data transmission limit. Zero rate services were offered in very different forms. 53 Some were additional services-independent of the internet access service-which users could activate for a fee. In other cases, zero-rated services were part of the internet access package offered. The offers also differed in how providers responded to users surpassing their agreed data limit. Usually, reaching the limit resulted in a reduction of bandwidth and therefore downloading/uploading speed. However, most operators offered zero-rate packages where data transfer incurred using certain e-services did not count against the package's overall data limit, and, even if the latter limit was exceeded, quality restrictions were not imposed on services included in the zero-tariff package. In this way, users had unlimited access to certain types of services (eg social networks or streaming media) without affecting their package's data limit.
What all zero-rate offers have in common is their commercial nature and the fact that the user has no influence over the list of services included in a package. This calls into question the compatibility of such commercial practice with the principle of net neutrality-in particular, the different treatment of certain types of transmission (preferential treatment for transmission related to services included in the zero-rate package). Such doubts have led to a series of preliminary questions being raised on the interpretation of rights and obligations established by Open Internet Regulation.

B. Court of Justice Interpretation
In its first case, the Court examined the zero-rate offer of Hungarian telecoms operator Telenor Magyarország Zrt. as part of its telecommunications contract with end-users. 54 The referring court sought to clarify the guarantees provided by the 51 It is worth noting that this problem did not only concern the EU legal system-similar doubts about the permissibility of zero rating and its compatibility with the principle of net neutrality have arisen in other countries as well. Regulation-in particular, whether it was compatible with EU law to establish discriminatory mechanisms aimed solely at a specific end-user, and with no adverse effect on other users. 55 In fact, the question sought to clarify ambiguities regarding the scope of eligible entities and the nature of the service provider's obligations under the Regulation.
The Court stated that Open Internet Regulation, in establishing the right to open internet, uses the term 'end-user', which has its legal definition in EU law. 56 This concept covers not only consumers, but any user of electronic communications services who is not themselves a telecommunications operator. An end-user is both the recipient of information (e.g. an individual user) and its sender. The group of end-users may therefore include information society services, such as social networking or media streaming platforms. 57 This suggests that the ban on commercial practices infringing the right to open internet should not be interpreted too narrowly. As the Court pointed out, the EU legislature has clearly indicated that commercial practices ( plural) which may lead to discrimination against an end-user-understood as 'any end-user'-are prohibited. The concept of commercial practices must therefore apply to all practices and not be limited to one specific contract. The aim of the legislature was to prevent a commercial policy from restricting users' freedom to choose online services. The Court recognised that zero-rating might affect the rights of other users in two main ways. Firstly, it might adversely affect service providers whose services are not covered by a zero-rate offer. Secondly, it might also negatively affect recipients of the information-as the indiscriminate use of such offers might lead to a market design that limited users' choice. In this regard, the Court pointed to the cumulative impact of zero-rating, which, as well as violating individual users' rights, might also violate the very essence of the right to open internet. 58 In the Court's view, Open Internet Regulation precludes not only prohibited commercial practices or contractual terms, but also technical measures that have the effect of 'blocking, slowing down, altering, restricting, interfering with, degrading or discriminating between specific content, applications or services'. 59 It therefore follows that any measures (apart from necessary traffic management measures) resulting in arbitrary discrimination between transmissions cannot be reconciled with the Regulation's provisions-regardless of whether and how this practice might affect end-users' rights. 60 This interpretation leads to an important observation: Open Internet Regulation is the source of two distinct obligations imposed on internet service providers. The first, arising from Article 3(2), concerns respect for end-users' 55  right to a free internet, and is effected by the prohibition of contractual provisions and commercial policies that might infringe this right. The second, defined in Article 3 (3), prohibits any unnecessary traffic discrimination measures, apart from very specific exceptions. Such restrictions thus respect the principle of net neutrality. As the Court found in the Telenor Magyarország case, the Hungarian operator's zero rating offers were incompatible with EU law because they violated both prohibitions. Furthermore, this incompatibility with the net neutrality principle pre-determined that the open-internet right had been violated, without any further need to decide if the right had actually been violated.
Consequently, any unlawful traffic discrimination by a telecoms operator-being incompatible with the principle of net neutrality-violates EU law. It is irrelevant whether a measure actually restricts the right to open internet. Such an interpretation also allows one to assess the validity of various zero rating offers: in fact, since they all apply unlawful traffic discrimination, and for commercial reasons, they must all be regarded as incompatible with EU law. It is irrelevant whether they are a separate element of an offer-independent of the basic internet access service-or an integral part of it. It is also irrelevant how diverse a range of online services are included in the bundle or whether access to the services included in the bundle is subject to quality restrictions once the data limit has been reached. This position was confirmed by a series of judgments the Court of Justice handed down on 2 September 2021. In Vodafone v Germany, the Court held that the application of a zero-rate offer-in which domestic transfers relating to selected online services were not included in the data cap, whereas transfers relating to the same services while roaming were included in the cap-violated the principle of net neutrality and were therefore incompatible with EU law. 61 Another case considered whether traffic could be discriminated against on the basis of a user's device. 62 Here the operator was offering a package of zero-rated services where transfers to other devices belonging to the user (to which internet access was provided using tethering) did actually count towards the allocated data limit. In this case the Court also found that such practice was not compatible with EU law-the incompatibility stemming from traffic discrimination rules based on commercial consideration rather than technical aspects of telecommunication network management. 63 Similarly, the Court also found EU law to have been infringed in the Telekom Deutschland case, 64 where the contract between operator and user stipulated that, should the agreed data limit be exceeded, the consequent reduction in quality of internet service would also apply to online services accessed as part of the zero-rate package.
In recent case law the Court has taken the view that the principle of network neutrality-as consenting to such a restriction. In practice, therefore, as the zero-rating offers did not satisfy the principle of net neutrality, they were not examined by the Court regarding their compatibility with the right to open internet.

VI. AN UNCERTAIN FUTURE OF THE OPEN INTERNET PRINCIPLE
A. Regulatory Policy at the Crossroads While the Telenor judgment has been discussed mainly in the context of its impact on the development of telecommunications services, 65 the position expressed by the Court in subsequent decisions-especially in the Vodafone and Telekom Deutschland cases-provokes a broader discussion, taking into account the importance of the right to open internet in the EU legal system. Advocate General of the CJEU Campos Sánchez-Bordona has similarly noted that Open Internet Regulation essentially pursues two objectives: ensuring access to an open internet and protecting end-users. 66 In doing so, he expressed the view that the first objective-that of an open internet-should be regarded as the leading one. This matter requires a brief commentary. To reiterate: the Advocate General, following the EU legislature, 67 refers to the net neutrality as 'open internet access'. 68 It therefore follows that, in referring to the need to guarantee open internet access, he means the principle of net neutrality. 69 It is for this reason that Campos Sánchez-Bordona points to an open internet as the overriding objective of the Regulation, arguing that the rights the Regulation 'confers directly on end-users are those strictly linked to open internet access and, as such, have to do with the terms and conditions of such access'. 70 This inevitably leads to the conclusion that net neutrality, thus defined, is a legal principle of particular importance, not only for the development of the EU telecommunications market but also for the reinforcement of common European values.
To date, the Court has omitted to address this issue in detail. In the opinion of Campos Sánchez-Bordona, the rights guaranteed by the Regulation operate to benefit the public, 'and, therefore, indirectly, to the benefit also of a number of individual rights including the right to information and freedom of expression'. 71 This argument, amongst others, has also not been clearly addressed by the Court, and thus the problem of the relationship between the right to open internet and respect for the rights guaranteed by the Charter cannot be considered sufficiently clarified.
At the same time however, the Court has declared all forms of zero-rating examined so far to be incompatible with EU law. It should be noted that the BEREC previously developed a classification of this type of offer, in which it considered unacceptable only those variants of zero-rating that significantly infringed the rights of end-users. 72 However, after the judgments in the Vodafone and Telekom Deutschland cases confirming the previous position of the CJEU, the BEREC updated its guidelines in 2022 by confirming that the use of zero-rating by internet service providers is unacceptable under EU law. 73 The Court, by prohibiting the use of zero-rating, also significantly restricted freedom of contract, as well as the freedom to conduct business. In accordance with the principle of proportionality, such a restriction may only be considered acceptable if it serves to protect another legally protected value and the interference is not considered unnecessary. Although the Court did not explicitly name this value in its judgments, it is easy to identify. It is not, after all, an abstract concept of net neutrality (which per se is not a subjective right) but the freedom to use various sources of information and to exchange thoughts and opinions. In this way, freedom of speech-a fundamental human right-in modern digital media is closely related to the right to open internet. 74

B. Open Internet as a Basic Right?
The issue of the interrelationship between freedom of expression and the right to open internet remains unresolved. The reason for the confusion is the lack of certainty about the direction of the future evolution of the open internet concept. It is thus possible that the implementation of the proposal to extend the substantive and personal scope of the right to open internet will clear the way for its recognition as an independent right. In such a case, the relationship between freedom of expression and the open internet would be similar to that between privacy and the protection 71 Ibid. of personal data: the purpose of the provisions on freedom of expression will be to introduce mechanisms to be applied in the event of an infringement; while the regulations on the open Internet will set the standards for service providers, who are supposed to counteract violations. 75 For years, freedom of expression was mainly associated with negative obligations of the state, and the main role of legal safeguards established was to prevent unauthorised interference by public authorities. It is only in recent years that more attention has been paid to the positive obligations of states to ensure respect for the right to information. 76 An example is the ongoing discussion in Member States on the need to establish standard measures against hate speech 77 or to limit the use of censorship introduced by online content providers. 78 In addition, EU institutions are devoting an increasing amount of attention to the protection of media pluralism-not only a legal principle introduced in the Charter but also a constitutional norm functioning in the a large number of Member States. 79 Interestingly, many arguments advanced during discussion on the legal protection of media pluralism are almost identical to those made in debate on the right to open internet. The similarities are all the more interesting because, in both cases, there is a clear connection to the right to information. 80 75 This relationship can be observed between privacy and data protection. For example, the lack of implementation of the so-called information obligation by the data controller results in a breach of EU data protection law. At the same time, such action per se does not infringe the individual's right to privacy. However, this right may be violated as a result of further data processing activities, which the entity will not be able to prevent due to the lack of knowledge about the data collection that occurred. In this way, the information obligation-laid down in the data protection law-protects the information autonomy of the individual, while preventing violations of their right to privacy at the same time. 76 This issue is also being discussed in the United States, where the existing interpretation of the First Amendment-which guarantees freedom of expression-has so far focused on the state's negative obligations to refrain from unauthorised interference. As Ellen Goodman aptly notes, 'constitutionally protected free speech is the freedom to speak without government constraint rather than a freedom to speak because of government rules that combat private constraint'. E P Goodman, Media pluralism protects the information market, while an open internet protects freedom of access to content. Although there is still debate on whether media pluralism can be considered an independent subjective right (and if so, whose right is it?), defining it as a legal principle obliges states to influence changes taking place in the media market in a way that will limit the creation of information monopolies. Would protection of the right to information be threatened without the existence of a separate norm concerning media pluralism? In a word, no. Nevertheless, the evolution of the media market, especially changes in ownership related to progressive globalisation and digitisation, have brought to light risks that were previously absent or far less significant. Consequently, in adapting the model of protection of fundamental rights to present day challenges, both Member States and the EU legislature are increasingly emphasising the need to strengthen mechanisms guarding media pluralism.
If media pluralism is considered an important component of freedom of expression, then non-discriminatory access to diverse information and services can hardly be viewed differently. Hence, it can be said that the right to open internet is a natural consequence of the protection of media pluralism. To put this in another way: freedom of expression requires not only diversity of expression (pluralism) but also free access to this content (an open internet).
However, any attempt to include the right to open internet in the catalogue of fundamental rights faces two significant obstacles. Firstly, the limited personal scope of the right is difficult to justify. Currently, the right to open internet is accompanied by obligations and restrictions imposed only on internet service providers. As pointed out earlier, ISPs are not the only group of entities that are capable of introducing traffic discrimination mechanisms. Secondly, establishing such a right would also require the imposition of positive obligations on states-in particular, clarifying whether and to what extent the right to open network per se implies an individual's right to be provided with access to the internet. 81 Clearly, a person without access to the internet cannot enjoy the benefits of digitisation. Since the right to open internet is intended to further the development of society by making it an information society in the current sense of the term, it is all the more necessary to introduce measures counteracting digital exclusion. It would therefore appear that any discussion concerning the inclusion of explicit online-related rights in the Charter must be preceded by obliging states to provide universal access to the internet. Universal service-in the form determined by current telecommunication regulations 82 -is not such a measure. Confirmation of the open internet as a fundamental right would also provide greater impetus for the development of the EU cybersecurity model. The process of building a modern legal framework in this area, going on for several years now, has mainly focused on increasing the resilience of key infrastructure to threats against the availability of systems and the confidentiality of information they process. 84 The strengthening of guarantees concerning freedom of speech by including an open internet in the catalogue of fundamental rights would undoubtedly influence the direction of legislative changes regarding cybersecurity. European countries already recognise the risks associated with using suppliers from certain third countries in the building of next-generation telecommunications network (so-called 5G). 85 In addition, public attention has recently been drawn to the problem of some smartphone manufacturers including software/pre-installed apps that filter content searched for by users. While such filtering mechanisms cannot be considered a priori unacceptable, a 2021 Lithuanian Ministry of Defence report states that a list of keywords which blocked access to specific content on mobile devices made by China's Xiaomi Corp also included phrases of a political and ideological nature. 86 Countering practices of this kind-including the exclusion of such products from the EU market-is one problem in cybersecurity that can be solved effectively by recognising the (open) internet as a fundamental right.

C. Forthcoming Reforms and Dusk of the Open Internet Concept?
As an alternative to the scenario of systematically strengthening the open internet concept and its evolution towards an independent fundamental right, it is not impossible that the opposite trend-consisting of a gradual erosion of the principle of net neutrality towards a subsequent significant reduction in the scope of the right to an open internet right-could be observed in the upcoming years.
The principle of net neutrality-defined in a strict sense, namely as the prohibition of traffic discrimination-has been criticised by ISPs for years because of its 84 Cybersecurity is also one of the pillars of the Commission's Digital Strategy over the next decade. In recent years, the EU has adopted a number of acts that form the basis for the EU's cyber security model -in particular Directive 2016/1148 (NIS Directive) and Regulation 2019/881.. In December 2022, a new-significantly expanded-version of the NIS Directive was finalised (NIS2 Directive) and a regulation on digital resilience for the financial sector (the so-called Digital Operational Resilience Act, DORA) was enacted. Additionally, the need to strengthen cybersecurity mechanisms in the consumer product market is also becoming increasingly apparent. See  negative impact on the development of the telecoms market. Telecommunications companies argue, not without reason, that they have to bear the entire financial burden of respecting this principle, while they also remain responsible for financing modern broadband networks. 87 They point out that in effect the principle of net neutrality introduces a barrier to the co-financing of the development of high-speed networks by content providers, thus slowing down the digital transformation process. Indeed, it is content providers that develop services requiring ever-increasing network speeds, and therefore they should contribute to the costs of building the network infrastructure. In the opinion of telecommunications companies, agreements concluded with content providers for the prioritisation of specific network traffic are precisely the mechanism that allows for this type of participation. However, this is also a type of agreement that, in light of the current CJEU jurisprudence, is inadmissible due to the infringement of end-users' rights under the Open Internet Regulation. As a result, strict adherence to the principle of net neutrality is slowing down investment in the construction of fibre networks, as research published in 2022 indicates. 88 The position of ISPs is of course not unreasonable. In fact, the current scope of the right to open internet entails obligations imposed solely on this group of service providers, with the result that they alone bear the economic impact of its establishment. According to an analysis published by ETNO in 2022, several of the largest content providers (Alphabet, Apple, Meta, Microsoft, and Netflix) account for 56% of internet traffic. 89 At the same time, these entities do not co-finance the development of the infrastructure required for the provision of their services.
Interesting conclusions also emerge from an examination of the interplay between competition law and the principle of net neutrality. As Marc Bourreau, Frago Kourandi, and Tommaso Valletti demonstrate, in a diversified market of ISPs and content providers, net neutrality is not needed as a condition for the protection of individual rights. 90 According to the model they present, competition between providers prevents the traffic discrimination rules from restricting individual rights. At the same time, it provides an incentive for ISPs to expand their infrastructure and introduce new services. As a result, the arguments put forward by the authors support the FCC's position, according to which net neutrality is a measure that does not need to be applied in highly diversified markets; such as for example the mobile services sector. 91 It seems that the broad information campaign, 92 which has been carried out by ISPs for years now has, at least to some degree, influenced the position of the European Commission, whose representatives have announced that mechanisms would be introduced in the proposed Connectivity Infrastructure Act to create a legal framework for the participation by content providers in the financial burden of the development of modern telecommunications infrastructure. 93 The draft of this new regulation is not yet known, but it has already provoked criticism from both NGOs 94 and members of the European Parliament. 95 Against this background, it is also important to note the ongoing review by the UK regulator (Ofcom) of the regulatory policy on net neutrality. 96 With the end of the transition period, the UK is no longer a member of the EU and can thus be more flexible in shaping its national regulatory framework for the telecoms market. Ofcom has proposed a partial loosening of the net neutrality rules, including the approval of zero-tariff packages. An additional area of analysis is whether allowing ISPs to charge content providers for carrying traffic will lead to a more efficient use of networks. 97 In a broader context, the question about the financial model behind net neutrality is a question about the future of the right to open internet. Even accepting the argument about the need to distribute costs more evenly-including to content providersdoes not necessarily lead to the recognition that the only way to achieve this goal is to abandon the principle of non-discrimination of traffic. The problem of how modern broadband networks (eg 5G) should be financed can be resolved in various ways; for example by involving mechanisms similar to those previously used for universal service-ie additional charges borne by a certain category of entities (including content providers), set by way of a decision of the telecoms regulator.

VII. CONCLUDING REMARKS
For years, the European Union has been held up as an example of how to build a modern and competitive economy while respecting the rights of individuals. Today, the EU is not only a common economic market but also a union of values.

(F'note continued)
This perception has been confirmed in the area of legal regulations concerning modern technologies. The EU is cited as a leader in data protection law and regulation of the big data market, as well as in emerging law surrounding artificial intelligence. 98 In each of these areas, regulatory issues are complemented by care taken to ensure adequate protection of individual rights and, above all, respect for rights guaranteed by the Charter. 99 The discussion about the right to internet access, which has been going on for years, was mainly focused on searching for universal sources justifying its inclusion in the catalogue of fundamental rights. Ultimately, due to the advances in technology this approach has become partly obsolete. The internet in Digital Europe is a common good, and access to it remains unchallenged. However, the reality of the functioning of the modern telecommunications market has revealed another problem, ie that concerning the admissibility of applying traffic discrimination mechanisms and their impact on the rights of individuals.
There is little doubt that the EU legislature, in adopting the Open Internet Regulation, was responding to a specific regulatory need, and that its actions were dictated by a desire to introduce specific restrictions that disallowed telecom operators to conduct business as they saw fit. The purpose of the Regulation was neither to establish a general right to open internet (the scope of which would go far beyond the obligations of telecommunications operators), nor to introduce this right into the catalogue of fundamental rights. There is thus no doubt that the current legislation indicates the direction of the future evolution of the rules, rather than presenting the target model of protection.
Although the Court of Justice has clarified relatively few aspects of the relationship between an open internet and fundamental rights, it has at the same time taken a very clear position on the inadmissibility of various practices that violate the principle of net neutrality. It seems to be a given that issues not yet fully clarified will become the subject of further analysis in future cases.
At the same time, however, EU institutions and the Member States would be justified in tackling the problem-already clearly visible today-of adequately overseeing the proper development of online services in a way that respects commonly-held values. The course of such evolution includes the discussion on extending the scope of the right to open internet, as well as on explicitly granting it the status of an independent fundamental right.
Although the right to open internet is not guaranteed in the Charter, its link to freedom of expression is so obvious that even today the discussion on net neutrality must take into account the context of protection of fundamental rights. The right to data protection was introduced in the EU legal model several years before it was recognised as a fundamental right. It is possible through that the right to open internet will follow a similar path: from guarantees established by secondary law; through to subsequent interpretations by the Court of Justice; and finally, with the next reform of the treaties, to gaining the status of an independent fundamental right.
At the same time, one cannot lose sight of the fact that the chances for the introduction of the right to open internet into the catalogue of fundamental rights also depend on the extension of its personal scope. Today, the obligation to respect this right applies almost exclusively to internet service providers. However, the concept of an open internet is also (or rather, above all) about freedom of access to information, which in order to be effective must be respected also by other digital service providers. It seems that the principle of non-discrimination of traffic-which is at the core of the open internet concept-should also extend to designers of consumer devices or providers of mobile applications. Otherwise, the efforts (and costs) expended by ISPs to treat all traffic equally will not be enough to ensure the freedom of individuals to use digital services however they see fit.
The ongoing discussion on the economic impact of the right to open internet indicates that perhaps the direction of regulatory evolution advocated in this Articleleading ultimately to the introduction of an open internet into the catalogue of fundamental rights-will not be followed through. The increasing pressure from ISPs, expecting support in the funding of next-generation broadband networks, may lead to a significant reduction in the principle of non-discrimination of traffic. Although the Commission has signalled its openness to such legislative changes, their final form still remains unknown.
Similar discussions on the future of regulatory policy are also taking place in the UK and the US, the EU's main economic partners. While in the case of the UK, Ofcom has proposed changes that in principle go in the direction of limiting the prohibition of traffic discrimination, President Biden's administration is seeking to reinstate the net neutrality rules withdrawn during the Trump administration.
More broadly, the question about the future of the open internet principle is de facto a question about the model of society we want to build. If next-generation broadband services are to be the lifeblood of the modern state, it is not possible to accept a situation where telecom companies can arbitrarily apply traffic discrimination rules motivated by their economic objectives. Therefore, the right question is not whether we need the principle of net neutrality, but how to ensure it effectively-also taking into account a fairer distribution of the financial costs associated with its operation.