The appropriate Council of the EU working party is gearing up to resume its work on the draft regulation on the e-privacy on Thursday 27 September. Discussions will focus on another compromise prepared by the rotating Presidency of the Council. In the July version, the latter removed the provisions on settings and facilitating the further processing of metadata.
It should be recalled that the draft regulation aims to enhance the privacy of online exchanges, including over the top operators, whilst allowing service providers to use the personal data of customers that have given their prior consent (see EUROPE 11700).
Since the 26 October 2017, Parliament has been waiting to begin negotiations with the Council (see EUROPE 11892). In its work programme, however, the Austrian Presidency is only planning on a progress report during the Telecommunications Council on 4 December.
17 July meeting
The Telecommunications working party meeting on 27 September will draw from the most recent discussions on 17 July (see EUROPE 12060) on the new compromise prepared by the Austrian Presidency of the Council and a range of written contributions from the member states.
According to the notes prepared by Austria, the meeting on 17 July revealed “very different points of view” among the member states on the main provisions in the proposal, namely, articles 6, 8 and 10. On this occasion, the delegations also raised many other fundamental issues, such as: the exact scope of the regulation and its demarcation in relation to the general data protection regulation (GDPR); the balance between data protection and the right to privacy; fairness between the different rules; the processing of GPS location data; impact of the new regulation on innovation (particularly the development of artificial intelligence).
In this context, the Austrian Presidency is calling on the delegations to propose written suggestions on the most crucial issues.
Austrian proposals
Vienna will be submitting a new paper (dated 20 September), which includes the same approach, more or less, of before the summer.
Processing metadata (article 6). The Presidency of the Council is continuing to call for a more flexible approach than that proposed by the Commission. It is claiming to have obtained “significant support” on 17 July in favour of a new derogation for the further processing of metadata when an objective is not the same as that previously requested. It is, nonetheless, calling on the delegations to say whether it would be necessary to maintain this derogation whilst providing it with what safeguards or if it requires greater flexibility when further aligning it on the text of the GDPR.
App protection (article 8). The new compromise proposes further discussions on the question of cookie walls, which the Presidency tackled in its previous compromise in recital 20 (explaining that this practice was not disproportionate if there was a payment alternative). It was also pointed out that “During the discussion on 17 July, a number of member states had a positive view on the text in the recital and some of them would even wish to address this issue in articles. Others were not convinced, though, about the compatibility with the GDPR and the concept of 'freely given consent’”.
Settings (article 10). The Austrian Presidency is sticking to its proposal to remove this article stipulating that software providers undertaking electronic communications should help end-users to effectively choose their privacy settings.
The draft compromise can be consulted at the following link: https://bit.ly/2NxGqN6. (Original version in French by Sophie Petitjean)