ePrivacy Directive consultation launched
The European Commission has launched its public consultation on the ePrivacy Directive as it seeks to gain gather views and opinions on how to review legislation in this area. Open since the beginning of April, the consultation is open for 12 weeks until 5th July 2016.
The ePrivacy Directive (in force since 1997 and updated in 2002 and 2009) sets out rules on how providers of electronic communication services, such as telecoms companies and Internet Service Providers, should manage their subscribers’ data.
It also guarantees rights for subscribers when they use these services, ensures consumers are better informed about cookies and allows for exemptions to certain privacy rules where law enforcement and national security is concerned.
All matters not specifically addressed by the ePrivacy Directive will be covered by the General Data Protection Directive, currently they remain under the Data Protection Directive.
These are the main requirements imposed by the Directive currently:
- EU Member States must ensure the confidentiality of communications over public networks
- Providers must ensure Security of networks and services
- Data breach notifications must be sent to a national authority and, in certain cases, the subscriber or individual
- Traffic and location data must be erased or made anonymous when no longer required for communication or billing purposes, except if the subscriber has given consent for another use.
- Subscribers must give their prior consent before unsolicited commercial communications “spam” are addressed to them
- Subscribers’ prior consent is required in order for their telephone numbers, e-mail addresses and postal addresses to appear in public directories.
- Subscribers must be given the option to decline Calling-line identification
In 2009 the ePrivacy Directive was updated in order to provide clearer rules on customers’ rights to privacy and confidentiality of communications online. But since 2009, the nature of online communication has changed dramatically with the explosion in use of voice and messaging services via mobile devices of particular interest.
Therefore, the European Commission has taken action to modernise relevant legislation to take into account these developments, resulting in the General Data Protection Regulation in December 2015, replacing the Data Protection Directive, in force since 1995. This development has consequently prompted a review of the ePrivacy Directive to ensure compatibility and consistency of legislation while also aimed at modernising existing rules.
Objectives of the review
- Ensuring consistency between ePrivacy rules and the General Data Protection Regulation
- Assessing the need to update ePrivacy rules in necessary areas in response to market and technological developments
- Enhancing security and confidentiality of communications throughout the EU
- Strengthen trust in the online world by increasing the security and confidentiality of communications
- Boost the Digital Single Market
- Deliver legislation for the digital age
The European Commission recently announced that it will come out with a legislative proposal to reform the ePrivacy Directive by the end of 2016, while a public consultation was launched in April this year.
The consultation seeks to gather views on the effectiveness, efficiency relevance, and coherence of the current EU rules, and also on possible approaches for the revision of the Directive.
It asks for input on scope, on how to ensure security and confidentiality of communications, on the rights of subscribers, on unsolicited commercial communication; and on ways to improve the implementation and enforcement of the Directive. The consultation is open until 5th July 2016.
The updating of the ePrivacy Directive and the General Data Protection Regulation are part of the overall Digital Single Market Strategy, with the aim of harmonising online data protection and privacy legislation.
In: CLEPA News, Connectivity & Automation, Growth & Competitiveness