Ref. Ares(2018)340985 - 19/01/2018
Round Table on Data Protection
Brussels, 19 December 2016
Privacy Shield
Reason
for
redaction:
outside
the scope
of the
request.
Steering brief
2/3
Round Table on Data Protection
Brussels, 19 December 2016
Reason for
redaction:
outside the
scope of the
request.
e-Privacy
The main objective of the review of the e-Privacy Directive is to adapt the current
rules which apply to electronic communications services to the new GDPR.
We plan to adopt a proposal on 11 January.
We foresee:
All players will abide by same rules, but they will be more flexible (rules on
confidentiality of communications extended to OTT which consumers consider
as functionally equivalent, e.g. instant messaging and VoIP)
Simpler rules on cookies: more user-friendly mechanism to signify consent, e.g.
mandating browser settings to provide for an easy way to accept or refuse
tracking cookies.
Some obligations that were adopted in the GDPR, for example, the obligation to
notify personal data breaches in the ePrivacy Directive could be repealed.
Citizens support innovative solutions (89% agree that default settings of their
browser should stop their information from being shared).
If raised - coverage of OTTs stifling innovation
All industry players should have the same opportunities to develop their business
within the limits set by the respect of fundamental rights.
OTTs should still be able to process data with the consent of the users. The new
rules should not prohibit business models based on revenue from advertisement or
targeted advertisement, enabled by tracking.
Users should be empowered to make an informed choice about the acceptance of
these practices. Transparency is important. People must know with which currency
they pay: monetary, by data, the advertisements one views, or a combination.
If raised - Will the proposal lead to more surveillance?
It is inaccurate that the future proposal extends national security obligation to OTTs.
There is no EU legal instrument on data retention. Any future instrument on Privacy
of Electronic Communications regulating data will not directly regulate national data
retention laws.
Like the e-Privacy Directive, the new instrument should contain a provision
acknowledging MS competence on national security and MS right to limit to the
confidentiality of communications for strictly limited purposes under strict
safeguards.
We expect a CJEU judgement that will provide greater clarity on MS national
security law – it may impact the draft proposal.
Steering brief
3/3