New E-privacy rules progressing through EU

It’s not just data protection that’s changing next year, the EU are also working on introducing new e-privacy regulations.

Proposals for new e-privacy regulations were announced back in January and aim to bring current privacy regulations (e.g. the Privacy and Electronic Communications Regulations in the UK) in line with the GDPR as well as update the regulations around the use of cookies and up to date with current technologies.

Last month, it was announced that draft proposals were approved by the EU Parliament’s Civil Liberties Committee. These proposals will apply to “SMS and telephone services, and would update the EU’s existing e-privacy rules to cover recently introduced internet-enabled services such as WhatsApp, Skype, Messenger and Facebook.”

The text of the proposals now constitute the European Parliament’s draft negotiations with the European Council on the e-privacy update. Key parts of the proposals:

  • Ban on “cookie walls” (where a website blocks access to a website if the visitor doesn’t agree to the use of their data on the site)
  • Prevent the “snooping” on personal devices via cookies or software updates through public internet connections (wi-fi hotspots)
  • “Privacy by default” settings as standard for all software used for electronic communications with strong encryption
  • Strict limits on the processing of data tied to the consent given by an individual
  • “Meta-data” (CLI information, website logs, geolocation information, etc.) to be treated as confidential and not passed on to third parties

The next steps are for the Parliament to enter into negotiations with the Council. There was suggestion that the new e-privacy regulations would come into force the same time as the GDPR (25th May 2018) but whether that timeline is still achievable, remains to be seen.