login
login
Image header Agence Europe
Europe Daily Bulletin No. 11878
Contents Publication in full By article 12 / 28
SECTORAL POLICIES / Digital

European Data Controller calls for reform of privacy rules for e-communications

On 5 October, the European Data Protection Supervisor published an opinion on aspects of the reform of respect for privacy in electronic communications ('e-privacy').  The European Parliament’s civil liberties vote on this question on 12 October seems to have been postponed.

The draft regulation aims to boost the confidentiality of online communications while allowing service suppliers to make use of the private data they hold on their clients without needing prior approval (see EUROPE 11700).  Parliament’s industry committee (ITRE), internal market committee (IMCO) and legal affairs committee (JURI) have already issued their opinions on this matter and we are now awaiting the view of the civil liberties committee (LIBE), which was due to have voted on the matter on 12 October, but several sources indicate that the vote will now be postponed to a later date, not giving any details.

Meanwhile, the European Data Protection Supervisor (EDPS) published a report on various matters being discussed by the co-legislators.  The EDPS welcomes some of the European Parliament’s amendments, such as those explicitly protecting confidentiality in communication of data related to or processed by terminal equipment.  He adds that confidentiality of communications has to be ensured when information is stored on the cloud rather than simply when data is transmitted.  The EDPS also backs the amendments scrapping the legal basis for monitoring individuals in time and space.  He said there should not be any legitimate interest possibility of transforming metadata.  Data relating to terminals should only be processed on request or, if it is necessary technically for a service required by the user and only for the length of time necessary to this end.

In terms of definitions, the EDPS says that the concept of consent should have the same meaning as in the General Data Protection Regulation (GDPR 2016/679) and that consent should not be required for accessing services or functions.  He adds that services provided solely in annex should be included in the definition of interpersonal communication services.  Finally, he recommends that metadata should not exclude data not needed to transmit content or supply a service.

The supervisor’s opinion backs default protection parameters and calls for effective protection of users from spam. (Original version in French by Sophie Petitjean)

Contents

EXTERNAL ACTION
ECONOMY - FINANCE - BUSINESS
SECTORAL POLICIES
INSTITUTIONAL
SOCIAL AFFAIRS
NEWS BRIEFS
The B-word: Agence Europe’s newsletter on Brexit
CALENDAR