This article relies largely or entirely on a single source. Relevant discussion may be found on the talk page. Please help improve this article by introducing citations to additional sources. Find sources: "EPrivacy Regulation" – news · newspapers · books · scholar · JSTOR(January 2018)
The ePrivacy Regulation (ePR) is a proposal for the regulation of various privacy-related topics, mostly in relation to electronic communications within the European Union. Its full name is "Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)." It would repeal the Privacy and Electronic Communications Directive 2002 (ePrivacy Directive) and would be lex specialis to the General Data Protection Regulation. It would particularise and complement the latter in respect of privacy-related topics. Key fields of the proposed regulation are the confidentiality of communications, privacy controls through electronic consent and browsers, and cookies.
The history of the regulation goes back to January 2017 when the European Commission proposed the ePrivacy Regulation.[1] The intention was that it would sit alongside the EU GDPR (General Data Protection Regulation) when it was introduced on 25 May 2018.[1] The scope is still under discussion.[2] According to some proposals, it would apply to any business that processes data in relation to any form of online communication service, uses online tracking technologies, or engages in electronic direct marketing.[3]
The proposed penalties for noncompliance would be up to €20 million or, in the case of an undertaking, up to 4% of the total worldwide annual turnover, whichever is higher.[4] The ePrivacy Regulation originally was intended to come in effect on 25 May 2018, together with the GDPR, but has still not been adopted.
The (new) ePrivacy Regulation will repeal the (current) ePrivacy Directive.
Contrary to an EU Directive, an EU Regulation is a legal act of the European Union that becomes immediately effective as law in all member states simultaneously.
The current ePrivacy Directive is a legal act of the European Union that requires member states to achieve a particular result without dictating the means of achieving that result. It has therefore been implemented into national laws and regulations. If the proposed ePrivacy Regulation became effective, these laws would be superseded and will (for reasons of clarity) likely be repealed. The ePrivacy Regulation would be self-executing and not require many implementing measures.
Key points of Commission's proposalEdit
According to the EU Commission, the proposal includes the following key changes:[3]
New players: Privacy rules will also apply to new players providing electronic communications services such as WhatsApp, Facebook Messenger, and Skype. That will ensure that the popular services guarantee the same level of confidentiality of communications as traditional telecoms operators.
Stronger rules: All people and businesses in the EU will enjoy the same level of protection of their electronic communications through this directly applicable regulation. Businesses will also benefit from one single set of rules across the EU.
Communications content and metadata: Privacy is guaranteed for communications like the time and the location of a call. Metadata have a high privacy component and must be anonymised or deleted if users did not give their consent unless the data is needed for billing.
New business opportunities: Once consent is given for communications data (content and/or metadata) to be processed, traditional telecoms operators will have more opportunities to provide additional services and to develop their businesses. For example, they could produce heat maps indicating the presence of individuals, which could help public authorities and transport companies when developing new infrastructure projects.
Simpler rules on cookies: The cookie provision, which has resulted in an overload of consent requests for internet users, will be streamlined. The new rule will be more user-friendly, as browser settings will provide for an easy way to accept or refuse tracking cookies and other identifiers. The proposal also clarifies that no consent is needed for non-privacy-intrusive cookies improving internet experience (like to remember shopping cart history) or cookies used by a website to count the number of visitors.
Protection against spam: The proposal bans unsolicited electronic communications by emails, SMS, and automated calling machines. Depending on national law, people will either be protected by default or be able to use a do-not-call list to avoid receiving marketing phone calls. Marketing callers will need to display their phone number or use a special pre-fix that indicates a marketing call.
More effective enforcement: The enforcement of the confidentiality rules in the regulation will be the responsibility of data protection authorities, already in charge of the rules under the General Data Protection Regulation.
ReceptionEdit
In February 2021, the German Federal Commissioner for Data Protection and Freedom of Information saw multiple red lines being crossed. Data retention had again become part of the proposal, despite the fact that it had been ruled unlawful by many courts. The regulations concerning the Internet constituted a step back in that cookie walls would be again allowed. Important consumer rights such as the "right to object" and "data protection impact assessment" would be voided. Personal data could be processed for purposes different from the original ones without the person's consent. The "pay-or-allow-to-be-tracked" question to access a website would henceforth be permitted. The directive of 2001 required in its art 15(1) that data might be retained for an important public interest. The proposal now in 17a does not have such a reference to the public interest anymore.[5][6][7][8]
In March 2021, France was reported to be leading an effort to modify the ePrivacy initiative to exempt national security agencies from some provisions.[9]
On July 6, 2021, the European Parliament approved a derogation to the ePrivacy regulation that enables providers of electronic communication services to scan and report private online messages containing material depicting child sex abuse, and allow companies to apply approved technologies to detect grooming techniques.[10]
ReferencesEdit
^ ab"The EU ePR (ePrivacy Regulation)". itgovernance.co.uk. Retrieved 21 July 2022.
^Kayali, Laura; Manancourt, Vincent (10 February 2021). "How Europe's new privacy rules survived years of negotiations, lobbying and drama". Politico.
^ ab"Proposal for an ePrivacy Regulation". Shaping Europe’s digital future - European Commission. 10 January 2017.
^"Fines / Penalties". General Data Protection Regulation (GDPR). Retrieved 10 December 2020.
^BfDI kritisiert Position des Rats zur ePrivacy-Verordnung, Federal Commissioner for Data Protection and Freedom of Information, 2021-02-10.
^E-Privacy-Verordnung erlaubt Vorratsdaten und Nachschlüssel, orf.at, 2021-02-14
^data protection impact assessment, art 23 - art 43, GDPR.
^Christakis and Propp, Theodore and Kenneth (8 March 2021). "How Europe's Intelligence Services Aim to Avoid the EU's Highest Court—and What It Means for the United States". Lawfare.
^Bertuzzi, Luca (6 July 2021). "New EU law allows screening of online messages to detect child abuse". Euractiv.
External linksEdit
The proposed Regulation on Privacy and Electronic Communications on europa.eu
Procedure File: 2017/0003(COD) | Legislative Observatory | European Parliament
eprivacy, regulation, this, article, multiple, issues, please, help, improve, discuss, these, issues, talk, page, learn, when, remove, these, template, messages, this, article, relies, largely, entirely, single, source, relevant, discussion, found, talk, page,. This article has multiple issues Please help improve it or discuss these issues on the talk page Learn how and when to remove these template messages This article relies largely or entirely on a single source Relevant discussion may be found on the talk page Please help improve this article by introducing citations to additional sources Find sources EPrivacy Regulation news newspapers books scholar JSTOR January 2018 This article may be too technical for most readers to understand Please help improve it to make it understandable to non experts without removing the technical details January 2018 Learn how and when to remove this template message Learn how and when to remove this template message The ePrivacy Regulation ePR is a proposal for the regulation of various privacy related topics mostly in relation to electronic communications within the European Union Its full name is Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002 58 EC Regulation on Privacy and Electronic Communications It would repeal the Privacy and Electronic Communications Directive 2002 ePrivacy Directive and would be lex specialis to the General Data Protection Regulation It would particularise and complement the latter in respect of privacy related topics Key fields of the proposed regulation are the confidentiality of communications privacy controls through electronic consent and browsers and cookies The history of the regulation goes back to January 2017 when the European Commission proposed the ePrivacy Regulation 1 The intention was that it would sit alongside the EU GDPR General Data Protection Regulation when it was introduced on 25 May 2018 1 The scope is still under discussion 2 According to some proposals it would apply to any business that processes data in relation to any form of online communication service uses online tracking technologies or engages in electronic direct marketing 3 The proposed penalties for noncompliance would be up to 20 million or in the case of an undertaking up to 4 of the total worldwide annual turnover whichever is higher 4 The ePrivacy Regulation originally was intended to come in effect on 25 May 2018 together with the GDPR but has still not been adopted Contents 1 Difference between Regulation and Directive 2 Key points of Commission s proposal 3 Reception 4 References 5 External linksDifference between Regulation and Directive EditThe new ePrivacy Regulation will repeal the current ePrivacy Directive Contrary to an EU Directive an EU Regulation is a legal act of the European Union that becomes immediately effective as law in all member states simultaneously The current ePrivacy Directive is a legal act of the European Union that requires member states to achieve a particular result without dictating the means of achieving that result It has therefore been implemented into national laws and regulations If the proposed ePrivacy Regulation became effective these laws would be superseded and will for reasons of clarity likely be repealed The ePrivacy Regulation would be self executing and not require many implementing measures Key points of Commission s proposal EditAccording to the EU Commission the proposal includes the following key changes 3 New players Privacy rules will also apply to new players providing electronic communications services such as WhatsApp Facebook Messenger and Skype That will ensure that the popular services guarantee the same level of confidentiality of communications as traditional telecoms operators Stronger rules All people and businesses in the EU will enjoy the same level of protection of their electronic communications through this directly applicable regulation Businesses will also benefit from one single set of rules across the EU Communications content and metadata Privacy is guaranteed for communications like the time and the location of a call Metadata have a high privacy component and must be anonymised or deleted if users did not give their consent unless the data is needed for billing New business opportunities Once consent is given for communications data content and or metadata to be processed traditional telecoms operators will have more opportunities to provide additional services and to develop their businesses For example they could produce heat maps indicating the presence of individuals which could help public authorities and transport companies when developing new infrastructure projects Simpler rules on cookies The cookie provision which has resulted in an overload of consent requests for internet users will be streamlined The new rule will be more user friendly as browser settings will provide for an easy way to accept or refuse tracking cookies and other identifiers The proposal also clarifies that no consent is needed for non privacy intrusive cookies improving internet experience like to remember shopping cart history or cookies used by a website to count the number of visitors Protection against spam The proposal bans unsolicited electronic communications by emails SMS and automated calling machines Depending on national law people will either be protected by default or be able to use a do not call list to avoid receiving marketing phone calls Marketing callers will need to display their phone number or use a special pre fix that indicates a marketing call More effective enforcement The enforcement of the confidentiality rules in the regulation will be the responsibility of data protection authorities already in charge of the rules under the General Data Protection Regulation Reception EditIn February 2021 the German Federal Commissioner for Data Protection and Freedom of Information saw multiple red lines being crossed Data retention had again become part of the proposal despite the fact that it had been ruled unlawful by many courts The regulations concerning the Internet constituted a step back in that cookie walls would be again allowed Important consumer rights such as the right to object and data protection impact assessment would be voided Personal data could be processed for purposes different from the original ones without the person s consent The pay or allow to be tracked question to access a website would henceforth be permitted The directive of 2001 required in its art 15 1 that data might be retained for an important public interest The proposal now in 17a does not have such a reference to the public interest anymore 5 6 7 8 In March 2021 France was reported to be leading an effort to modify the ePrivacy initiative to exempt national security agencies from some provisions 9 On July 6 2021 the European Parliament approved a derogation to the ePrivacy regulation that enables providers of electronic communication services to scan and report private online messages containing material depicting child sex abuse and allow companies to apply approved technologies to detect grooming techniques 10 References Edit a b The EU ePR ePrivacy Regulation itgovernance co uk Retrieved 21 July 2022 Kayali Laura Manancourt Vincent 10 February 2021 How Europe s new privacy rules survived years of negotiations lobbying and drama Politico a b Proposal for an ePrivacy Regulation Shaping Europe s digital future European Commission 10 January 2017 Fines Penalties General Data Protection Regulation GDPR Retrieved 10 December 2020 BfDI kritisiert Position des Rats zur ePrivacy Verordnung Federal Commissioner for Data Protection and Freedom of Information 2021 02 10 E Privacy Verordnung erlaubt Vorratsdaten und Nachschlussel orf at 2021 02 14 right to object www privacy regulation eu data protection impact assessment art 23 art 43 GDPR Christakis and Propp Theodore and Kenneth 8 March 2021 How Europe s Intelligence Services Aim to Avoid the EU s Highest Court and What It Means for the United States Lawfare Bertuzzi Luca 6 July 2021 New EU law allows screening of online messages to detect child abuse Euractiv External links EditThe proposed Regulation on Privacy and Electronic Communications on europa eu Procedure File 2017 0003 COD Legislative Observatory European Parliament Portals European Union Law Retrieved from https en wikipedia org w index php title EPrivacy Regulation amp oldid 1163920447, wikipedia, wiki, book, books, library,
