Jan 32017

ePrivacy Directive – European Commission Publishes Results of Consultation

William RM Long and Francesca Blythe
, , , , ,

On 11 April 2016, the European Commission consulted on Directive 2002/58/EC on privacy and electronic communications (the “ePrivacy Directive”), seeking input from a wide range of businesses, organizations and individuals on the effectiveness of the ePrivacy Directive and their views for its revision. The European Commission’s review is a key element of its Digital Single Market Strategy, which aims to reinforce trust and security in digital services in the EU.

The European Commission released the results of this consultation on 19 December 2016. The consultation received 421 replies from stakeholders in all Member States and outside the EU, which included 162 replies from citizens; 186 contributions from industry actors; 40 public authorities, including competent authorities which enforce the ePrivacy Directive at national level; 33 contributions from civil society associations. The largest number of respondents came from Germany (25.9%), UK (14.3%), Belgium (10%) and France (7.1%).

Key findings

The key points arising from the consultation are as follows:

  • Most citizens, consumer and civil society organisations responding to the consultation consider it relevant to have specific ePrivacy rules for the electronic communications sector on confidentiality (83.4%), traffic and location data (73%), unsolicited commercial communications (78%) and notification of personal data breaches (72.8%). The reasons given for these views include the need to protect the personal data of consumers and the belief that consumers should be in control of their own data. However, most industry respondents (63%) opposed such specific regulations.
  • Most citizens, consumer and civil society organizations (76.2%) consider that the ePrivacy Directive has been thus far largely ineffective in achieving its objective of ensuring the full protection of privacy and confidentiality of communications across the EU. Reasons given for this view include limited or inadequate application of the ePrivacy Directive (as over-the-top service providers such as instant messaging and web mail services are excluded and a belief that the rules on cookies are ineffective), the sector-specific nature of the confidentiality obligation, and the diversity in understanding and enforcement of the ePrivacy Directive between member states. However, a majority of industry respondents (57%) thought that the Directive has achieved its objectives in this area.
  • The scope of the rules on over-the-top service providers was noted as a priority for revision. Most citizens (76%), some consumer and civil society organizations, and most public authorities (93%) believe the rules should (in part) be broadened, whereas 42% of industry respondents opposed expansion of the scope.

Next steps

The results of the consultation (which can be downloaded here), along with the results of the Eurobarometer on ePrivacy conducted by the European Commission (a survey to assess the general opinions of citizens across the EU in relation to key issues that are part of online privacy), will feed into a review of the ePrivacy Directive. This will be published by the European Commission at the beginning of 2017.

 

William RM Long

London

wlong@sidley.com

Francesca Blythe

London

fblythe@sidley.com

You might also like
UK’s New Pro-innovation Approach to Regulating Digital Technologies

On 15 March 2023, the UK Government published, alongside its Spring Budget, a report on the Pro-innovation Regulation of Technologies Review (the “Report”). The Report was led by the government’s Chief Scientific Advisor and National Technology Officer, Sir Patrick Vallance, who was tasked with “bringing together the best minds to advise how the UK can better regulate emerging technologies, enabling their rapid and safe introduction.” In response, the UK Government has accepted all of the Report’s recommendations, and set out some next steps for their implementation.

U.S. Employers Need to Reconsider Use of Confidentiality and Nondisparagement Provisions in Light of New NLRB Decision

Employers frequently seek to include confidentiality and nondisparagement provisions in severance agreements provided to departing employees. Last week, the U.S. National Labor Relations Board (NLRB or Board) significantly altered the legal landscape governing such provisions, making it much more difficult for unionized and nonunionized employers alike to use them for nonsupervisory employees without running afoul of the National Labor Relations Act (NLRA). The decision is likely to be appealed, and we will issue updates as they become appropriate. In the interim, however, it is critically important for employers to understand the implications of the decision (see below) and to adjust their use of these provisions to limit their risk.

Substantial Changes to Hong Kong’s Privacy Laws Coming

In a briefing to the Legislative Council (Hong Kong’s legislative body) on February 20, 2023, the Privacy Commissioner (“the Commissioner”) announced that substantive amendments to the Personal Data (Privacy) Ordinance (“PDPO”) will take place.