The European Commission is proposing new legislation to ensure stronger privacy in electronic communications, while opening up new business opportunities.
The measures presented today aim to update current rules, extending their scope to all electronic communication providers. They also aim to create new opportunities to process communication data and reinforce trust and security in the Digital Single Market – a key objective of the Digital Single Market strategy.
At the same time, the proposal aligns the rules for electronic communications with the new tougher standards of the EU's General Data Protection Regulation.
The Commission is also proposing new rules to ensure that when personal data is handled by EU institutions and bodies privacy is protected in the same way as it is in Member States under the General Data Protection Regulation, as well as setting out a strategic approach to the issues concerning international transfers of personal data.
First vice president Timmermans said: "Our proposals will complete the EU data protection framework. They will ensure that the privacy of electronic communications is protected by up to date and effective rules, and that European institutions will apply the same high standards that we expect from our Member States."
The proposed Regulation on Privacy and Electronic Communications will increase the protection of people's private life and open up new opportunities for business. Some 92 percent of Europeans say it is important that their emails and online messages remain confidential.
However, the current ePrivacy Directive only applies to traditional telecoms operators. Privacy rules will now also cover new providers of electronic communications services, such as WhatsApp, Facebook Messenger, Skype, Gmail, iMessage, or Viber.
By updating the current Directive with a directly applicable Regulation, all people and businesses in the EU will enjoy the same level of protection for their electronic communications.Businesses will also benefit from one single set of rules across the EU.
With the presentation of the proposals today, the Commission is calling on the European Parliament and the Council to work swiftly and to ensure their smooth adoption by 25 May 2018, when the General Data Protection Regulation will come into force. The intention is to provide citizens and businesses with a fully-fledged and complete legal framework for privacy and data protection in Europe by this date.
“However, businesses that fall under increased consent requirements - where users are required to take action to allow cookie usage before information can be collected, in certain circumstances, are likely to face some challenges. The new rules will allow users more control of their settings, providing an easy way to accept or refuse the tracking of cookies and other identifiers in case of privacy risks. Organisations will need to starting thinking about whether they are impacted and how to respond as soon as possible,” said Thompson.