EU Country Officials Skeptical Electronic Privacy Legislation Will be Ready Soon


It is unrealistic to estimate that an electronic communications privacy law under debate in the European Union will be ready by May 25, 2018, the Council of the European Union, which is made up of government ministers from the 28 EU member countries reports.

The EU is aiming for the ePrivacy Regulation to enter into force on the same date as its new privacy regime set forth in the General Data Protection Regulation, but with the communications legislation still moving its way through the EU Parliament, the timeline has gotten increasingly tight.

The ePrivacy Regulation would provide rules for online communications, including over-the-top communications services, such as Facebook Inc. Messenger and WhatsApp Inc., and would also govern online tracking, e-marketing, and analytics.

The Council said that because a Regulation requires a high level of precision and clarity, it requires a “thorough examination” and it therefore not likely to be ready to enter into force by May 2018.

Several country delegations requested a more detailed analysis of “possible overlaps, duplication or contradictions with other legislation,” such as using definitions from the proposed European Electronic Communications Code, which the European Data Protection Supervisor Giovanni Buttarelli also cited as a concern.

Marju Lauristin, the European Parliament’s designated leader for the ePrivacy Regulation, told Bloomberg BNA that “we understand that there are differing views on the compatibility of the definitions and we will need to assess the situation extremely carefully as we are dealing with a legislative piece that affects the core of the fundamental right of the protection of private life, the principle of confidentiality.” 

Buttarelli and the Article 29 Working Party of privacy regulators from the 28 EU countries have expressed overall support for the ePrivacy Regulation, but also deep reservations and recommended significant changes over the level of privacy protection it provides to online users.

The Article 29 Working Party expressed “grave concerns” over the low legal standard for user consent and Wi-Fi tracking, and Buttarelli wants to prohibit websites from denying access to user who don’t consent to tracking and add cloud storage to the Regulation’s coverage, among other changes.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.