News & Views

A Step Forward in the Preparation of the Upcoming E-Privacy Regulation

25 October 2017

Author: Emilia Uusitalo

On 19 October, the Civil Liberties, Justice and Home Affairs Committee (the “LIBE Committee”) of the European Parliament approved a revised draft of the E-Privacy Regulation. As we wrote on our blog earlier, the LIBE Committee submitted some significant changes to the Commission’s E-Privacy Regulation proposal (COM(2017) 10 final, which we wrote about on our blog in January) last summer. Subsequently, Marju Lauristin, the rapporteur-in-charge, has been working to coordinate the amendments and to work out compromises in the LIBE Committee while taking into account the views of three other advisory committees of the EU Parliament. The so-called Lauristin’s report approved by the LIBE Committee includes 168 amendments to the Commission’s original proposal for the E-Privacy Regulation.

Higher Level of Protection of Privacy

To recap, the E-Privacy Regulation aims at updating EU legislation to ensure stronger privacy in electronic communications and extending its scope to all electronic communication providers, for example, social media service providers. According to Lauristin’s report, “Communications data (both content and metadata) are extremely sensitive as they reveal sensitive aspects of the private life of individuals (sexual orientation, philosophical or political beliefs, freedom of expression and information, financial situation, health condition), therefore they deserve a high level of protection. Your rapporteur considers that for this reason, the Commission’s proposal, in order not to lower the high level of protection ensured by the GDPR, needs to be amended in order to ensure that it will deliver a high level of protection corresponding at least to that offered by the GDPR.” Therefore, the LIBE Committee has included e.g. the following amendments in the draft proposal:

    • new measures to defend privacy by default

 

    • a ban on so-called “cookie walls”

 

    • data should only be used for the purpose of which consent has been given by the individual

 

    • metadata, which can give information on a person (e.g. about the numbers called or geographical location), should always be treated as confidential



However, public discussion after the LIBE Committee’s vote has been vibrant. On one hand, many companies have argued that the report will excessively restrict their ability to process customer data. On the other hand, for example privacy advocates and consumer groups have praised the draft legislation for its wide protection of the privacy rights of users.

Next Steps

Now that the LIBE Committee has approved the report, it is time for the European Parliament to formally confirm the LIBE Committee’s decision in its plenary on 23-26 October. Should the plenary confirm the decision, the negotiations between the Parliament and the Council can move ahead. However, the Council must also first agree on its own negotiating mandate before the negotiations may start. The Council has already published its first draft of the proposed revisions to the Commision’s E-Privacy Regulation proposal at the beginning of September, but there are still negotiations to go through before the Council is ready to sit down with the Parliament.

Even though the approval of the LIBE Committee is a nice step forward, there is still a long road ahead before the E-Privacy Regulation is ready. However, according to Lauristin’s report, the rapporteur expects the report’s proposals to form a good basis for negotiations in order to ensure that the legal framework for the E-Privacy Regulation is in place by 25 May 2018.

Our IP & TMT team at Hannes Snellman will closely observe the next steps of the process and keep you updated, as always. Please do not hesitate to contact us for any further questions on the matter.