ETNO’s views on the Proposal for an ePrivacy Regulation
PDF available here.
On 10th January 2017, the European Commission put forward its Proposal for a Regulation on ePrivacy (hereinafter “ePR”), which will replace the current Directive 2002/58/EC on privacy in the electronic communications sector (“ePD”) and will complement the General Data Protection Regulation (“GDPR”).
- The proposed ePrivacy Regulation strengthens the principle of confidentiality to all interpersonal communications and this is certainly a positive step for better privacy protection and for an equal level playing field of all players.
- However, the proposed ePrivacy Regulation does not foresee the desired alignment with the GDPR in terms of recognition of additional legal grounds for processing e-communications metadata.
o Therefore, ETNO calls for EU Legislators to include in the future ePrivacy Regulation “legitimate interest” as a legal basis for processing metadata in line with GDPR.
o In addition, the future ePrivacy Regulation should also recognize, in line with GDPR, the right to further process metadata for other purposes compatible with the initial purposes for which the data was initially collected, provided that appropriate safeguards like pseudonymisation are put in place.
- These principles are essential to ensure a level playing field in data protection, to encourage innovation in big data and to enable responsible e-communications providers to provide trusted and secure innovative data driven services in an accountable manner.
- The GDPR already provides important safeguards regarding information, transparency, right to object, possibility to withdraw consent at any time, the need for Privacy Impact Assessments and finally heavy sanctions for infringing companies. Trying to be even more protective for consumers, the future ePrivacy Regulation could actually have a negative effect on European consumers, reducing the ability for telecom operators in Europe to create the best in class products for them.
PDF available here.