The new legislation allows the creation of internet fast lanes for "specialized services" and lets ISPs offer so-called "zero-rating" products — i.e. apps and services that don't count toward monthly data allowances — without restrictions. Critics of the legislation say that the latter loophole will allow big internet companies to favor certain services in commercial deals. (For example, an ISP could agree with Apple to make Apple Music "zero-rated," leaving rival music streaming services at a disadvantage.)

Proponents of the bill argue that letting "specialized services" use an internet fast lane makes sense for devices that deserve priority, such as self-driving cars and remote medical operations, but critics say the legal language used is too vague and will allow big firms to pay for faster access. Companies have reportedly tried to exploit a similar loophole in net neutrality legislation adopted in the US to create fast lanes for TV streaming services.

The newly adopted EU legislation also allows ISPs to speed up or slow down traffic depending on what sort of data is being sent — allowing them to make video calls more important than emails, for example. There are worries that this will lead to encrypted internet traffic receiving slower speeds as ISPs can't determine what sort of data it contains. The legislation also allows ISPs to preemptively throttle traffic before times of increased demand.

Despite these four loopholes, the new laws do state that ISPs should "treat all traffic equally, without discrimination, restriction or interference." Jeremy Malcolm, a senior global policy analyst at the Electronic Frontier Foundation, described the news as a "qualified success," adding that although the final result was "disappointing, this was always going to be a difficult battle, and the result is an ambiguous text."

Julia Reda, MEP for the European Pirate Party, said the legislation delivered only a "broken promise" on net neutrality. "The internet’s open structure is what made it the successful driver of growth and innovation in the digital economy and digital culture that it is today," said Reda in a statement posted online. "That providers will be allowed to discriminate against certain traffic not only creates a two-tier internet, it also removes incentives for carriers to extend their capacities."

Other advocates cautiously welcomed the news but stressed that the European Commission needs to work on closing the loopholes. "For most member states this [legislation] means that, for the first time ever, net neutrality will receive some sort of protection in their country," said Dutch privacy advocate Rejo Zenger of Bits of Freedom. "For the Netherlands, unfortunately, this means a step back: our strong protection will be overridden by the European regulation, which features at least four loopholes."

Critics of the legislation have noted that fatigue among legislators and keenness to end roaming charges may have contributed to its largely unchallenged adoption. Andrus Ansip, the vice president of the EU's digital single market commission and a supporter of the legislation, said that if the new laws weren't passed there would be "a risk of delays, not only [of] months, but years." Opponents pointed out that amendments could have been approved in six weeks instead.

Now that the legislation has been approved by the European Parliament, the Body of European Regulators (BEREC) has nine months to pass on guidelines to individual nations. "The European Commission and BEREC's interpretation will determine to which extent the freedom of the internet user is protected under these new rules," said Zenger. "We will need to convince the [Commission] to close the loopholes that are still present."