ePrivacy regulation is a good first step

Written by Jan Philipp Albrecht on 17 March 2017 in Opinion
Opinion

Data protection rules must apply to all means of electronic communication, writes Jan Philipp Albrecht.

Jan Albrecht

Jan Albrecht | Photo credit: European Parliament audiovisual


With the general data protection regulation (GDPR), the EU delivered strong rules for privacy and data protection for its citizens. It's now time to also update the rules on privacy and confidentiality in electronic communication, as laid out in the 2002 ePrivacy directive. Back then, we did not use Skype or WhatsApp, so it is high-time to catch up. We must also address the cookie notification fatigue that has resulted from the implementation of the 2009 revision.

The proposal for an ePrivacy regulation, which the European Commission presented on 10 January, is a good first step. Including modern communication methods in data protection rules for electronic communication is a long overdue reform. Data protection and privacy rules must apply to all means of electronic communication, especially in a time when SMS and internet messengers are just different apps on our smartphones.

Therefore, it is essential to include all electronic communication methods in the scope of the new ePrivacy regulation. They do not have to have fully identical obligations like the telecommunications incumbents, but they must ensure the confidentiality of communications.


RELATED CONTENT


After all, the ePrivacy regulation does not only further specify the right to the protection of personal data, but it also implements the right to privacy of communications. Therefore, despite the GDPR being applicable to all data processing, generally there is still the need to deviate from some of these rules in order to provide for a higher level of protection.

However, the proposed rules around tracking user activity need important improvements. Service providers should require the consent of users if they want to track their activity. The carve-out for 'web audience measurement' would maintain the current situation where every citizen's online behaviour is constantly being tracked and monitored. 

In order to overcome the current practice of annoying cookie notification banners, it is good that the proposal follows the GDPR approach to allow consent or objection by automated means. It is also good that for the first time, software manufacturers will have an obligation to ensure that this option is available for all electronic communications. But the default setting should always be the most data protection-friendly, as stipulated by the existing data protection regulation.

The Commission's proposal would legalise the emerging practice of tracking persons in the physical space, such as shopping malls, based on their smartphones' electronic signals when searching for a wifi hotspot, even without an option to object to this. 

This is clearly not acceptable if it leads to individualised profiles. We also will have to address the convergence of online and offline tracking and the fact that a growing number of smart devices now listens to our conversations at home.

We also know that intelligence agencies are applying blanket data collection, thereby infringing the essence of the right to confidential communication. Service providers should respond by doing everything technically possible to secure our right to communications privacy.

End-to-end-encryption without any backdoors must become the rule. We also need specific rules for smartphone manufacturers and other end-user devices to make sure safety standards and security updates are being applied to offer users the highest standards of confidentiality of communication.

We expect the European Parliament and Council to bring forward the changes needed to make sure this promising proposal truly delivers for users. This is an opportunity to show that they care about European citizens' fundamental rights.

 

About the author

Jan Philipp Albrecht (Greens/EFA, DE) is Parliament's rapporteur on the general data protection regulation

Interested in this content?

Sign up to our free daily email bulletins.

 

Share this page

Tags

Categories

Related Articles

MEP Awards 2017 MEP awards 2017: A few words from the winners
23 March 2017

Maltese deputy Roberta Metsola hosted the Parliament Magazine's annual MEP awards ceremony recognising MEPs for their outstanding work over the last year.

Marie-Christine Vergiat Data protection rules must apply to all
20 March 2017

The digital revolution presents many opportunities, but embracing it must not come at the expense of fundamental rights, says Marie-Christine Vergiat.

Ana Gomes Fundamental rights and big data: striking a balance
17 March 2017

Citizens and institutions will only be able to reap the benefits of big data if there is public trust in the technology, writes Ana Gomes.

Related Partner Content

Live animal exports PM+: EU disregarding its own rules on animal exports
31 March 2015

Live animals export trade is marring the EU's reputation as a leader in animal protection, says Olga Kikou.

Isis PM+: EU must counter IS's terrorist narrative on twitter
29 June 2015

The European commission must ensure that social media companies will respect national laws against incitement to religious hatred and violence, says Roberta Bonazzi.

Townsend Feehan Policymakers must avoid leading EU into age of data prohibition
17 March 2017

EU policymakers must avoid leading Europe into an age of data prohibition, warns Townsend Feehan.