EU Parliament Wants Stronger Privacy in e-Communications Proposal

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By George Lynch

The European Parliament will seek stronger privacy protections in its draft of European Union electronic communications legislation set for release June 14, the legislative office leading the effort told Bloomberg BNA.

The draft will seek stronger privacy provisions than the original proposal from the European Commission, the EU’s executive arm. The Parliament draft will seek end-to-end encryption, consumer opt in for WiFi tracking, and more internet user privacy control, Eleni Chronopoulou, privacy advisor to Estonian Member of the European Parliament Marju Lauristin Lauristin, told Bloomberg BNA. Lauristin is the Parliament’s legislative lead for the draft proposed by the Civil Liberties, Home and Justice Affairs (LIBE) Committee.

Phil Lee, privacy, security, and information partner at Fieldfisher LLP in London, told Bloomberg BNA that the LIBE draft “will be very influential, as it will essentially set out the negotiating position of the European Parliament on the new ePrivacy Regulation.”

The draft will tend to favor civil liberties, which could frustrate business interests, Lee said. However, the governments of the 28 EU countries acting as the Council of the EU will later issue its own draft, and that body usually takes a more moderate position that balances civil liberties with business interests, he said. Parliament’s approach is consistent with the eCommunications law positions of the privacy officials from the EU countries that meet as the Article 29 Working Party, as well as the position of the office of the European Data Protection Supervisor, Lee said.

The LIBE draft parts ways with the original commission proposal. Some of those differences will give pause to companies that rely on consumer data collection and analysis, privacy professionals told Bloomberg BNA.


The commission’s proposal would allow countries to pass laws allowing for law enforcement access to information. That approach leaves “a huge loophole” by implying that law enforcement can request data from companies without a court order, Chronopoulou said.

The LIBE proposal’s support for end-to-end encryption of consumer data would make it more difficult for law enforcement officials to request data from companies without a court order, Chronopoulou said. The proposal would ban decryption of user data and the creation of back doors that allow government access, she said.

Bojana Bellamy, president of the Centre for Information Policy Leadership in London, told Bloomberg BNA that EU countries will balk at the use of end-to-end encryption, especially given recent terror attacks.

Encryption measures to services beyond those in the present directive may prove particularly challenging.

“Asking ISPs and telcos to encrypt is one thing; asking every business that enables some form of communication, no matter how insignificant or incidental, is quite another,” he told Bloomberg BNA in an email.

Offline Tracking, Privacy by Design

Under the commission’s proposals, people who don’t want to be tracked would be forced turn off the WiFi and Bluetooth on their phones and devices when leaving their homes or offices and then turning them back on once they reach their destination in order to avoid being tracked, Chronopoulou said.

The Parliament proposal would require an opt-in approach and also require that data be anonymized and used for limited purposes, she said.

Lee said an opt-in requirement would be a blow for businesses that engage in geolocation and user movement analytics.

The Parliament proposal also differs from the commission’s by requiring that applications and browsers give more detailed privacy settings, rather than simply seeking a “yes” or “no” consent for tracking, Chronoloulou said.

To contact the reporter on this story: George Lynch in Washington at

To contact the editor responsible for this story: Donald Aplin at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security