fbpx

Download free GDPR compliance checklist!

Tag Archives for " ePrivacy "

Commission to present revamped ePrivacy proposal

The European Commission will present a revised ePrivacy proposal as part of the forthcoming Croatian Presidency of the EU, Internal Market Commissioner Thierry Breton announced on 3 December, after previous talks failed to produce an agreement among member states.

The revamped measures will be made in a bid to find consensus between EU countries on the ePrivacy regulation which would see tech companies offering messaging and email services subjected to the same privacy rules as telecommunications providers.

Source: Commission to present revamped ePrivacy proposal – EURACTIV.com

EU releases progress report on draft ePrivacy Regulation

The Committee of the Permanent Representatives of the Governments of the Member States to the European Union (Coreper) on November 27, 2019, released its progress report on the draft ePrivacy Regulation.

The report outlines the main elements discussed in the Working Party’s meetings on Telecommunications and Information Society (‘WP TELE’) during the second half of 2019, such as

  • the protection of terminal equipment information, with specific reference to the issue of conditional access to websites’ content,
  • the processing activities that is necessary to provide the electronic communications service,
  • data retention issues,
  • the way the Draft ePrivacy Regulation would interact with new technologies, such as machine-to-machine and Internet of Things services. 

The report also highlights that the Coreper did not support the last draft ePrivacy Regulation, as presented by the Presidency of the Council of the European Union.

EU Member States reject ePrivacy Regulation’s draft

On 22 November 2019, the Permanent Representatives Committee of the Council of the European Union (COREPER) has rejected the Council’s position on a draft ePrivacy Regulation.

Now it is up to the Commission to either withdraw the entire proposal, or to the Council to prepare a new text that can get enough support to allow moving forward with the proposal.

Source: ePrivacy: EU Member States push crucial reform on privacy norms close to a dead end

EU Council releases revised draft ePrivacy Regulation

On 30 October, 2019, the Presidency of the Council of the European Union released revised text of the proposed ePrivacy Regulation (Regulation Concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications and Repealing Directive 2002/58/EC).

The revised draft ePrivacy Regulation includes further clarifications to the scope of its application as well as several alternative options. In addition, further modifications are  introduced in the text, including in Article 2(2)(f), where the changes would specify that the processing upon receipt by a third party or end-user entrusted for the purpose of protecting the end-user’s terminal equipment would be outside the scope of the ePrivacy Regulation, and in Article 6a(2) where the new text specifies that the supervisory authority should be consulted, if necessary, in line with Article 36(1) of the General Data Protection Regulation (GDPR).

The Draft ePrivacy Regulation will be discussed during the Working Party on Telecommunications and Information Society (‘WP TELE’) meeting on 7 November 2019.

You can read the Draft ePrivacy Regulation here.

Finland eyes ePrivacy agreement before year’s end

The Presidency of the EU Council is expected to propose yet another iteration of the ePrivacy text for the next meeting of the Working Party on Telecommunications and Information Society Nov. 7.

Ever since the European Commission first presented its plans to overhaul the ePrivacy law in January 2017, the file has been mired in lobbying and conflicting positions of EU member states.

Source: Finland eyes ePrivacy agreement before year’s end

Spanish DPA fines company for the cookie policy with 30,000 euros

The Spanish Data Protection Authority fined the company Vueling for the cookie policy used on its website with 30,000 euros because users who access the company’s website do not have the ability to configure the cookies that are installed on their computers.

When accessing online the cookie policy of the website, users are informed about what cookies are and what cookies they use (first and third-party). What the company does not provide is a management system or cookie configuration panel that allows the user to delete them in a granular way.

Source: The Spanish Data Protection Authority fined the company Vueling for the cookie policy used on its website with 30,000 euros | European Data Protection Board

Pre-Checked Cookie Consent Invalid, EU Court Rules

The Court of Justice of the European Union (CJEU) this morning ruled that storing cookies requires internet users’ active consent.

It’s not good enough, says the CJEU, to present users with a pre-checked box and require them to click it to opt out. That consent must be specific, and that users should be informed how long cookies will be stored for and used, and whether or not third parties will have access to them.

That decision is unaffected by whether or not the information stored or accessed on the user’s equipment is personal data.

Source: Pre-Checked Cookie Consent Invalid, EU Court Rules

EU Council Presidency Published Amended Proposal for Draft ePrivacy Regulation

On September 18, 2019, the Presidency of the European Council published its proposed amendments to the Proposal for a Regulation Concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications (ePrivacy Regulation).

The Presidency proposed numerous amendments to the draft text, including amendments to the provisions on the processing of electronic communications metadata.

Source: EU Council Presidency Published Amended Proposal for Draft ePrivacy Regulation

EDPS publishes opinion on communication data as personal data

The European Data Protection Supervisor (EDPS) published, on 11 September 2019, the pleading notes before the Court of Justice of the European Union (CJEU) in the joint hearing for case C-623/17 Privacy International, joint cases C-511/18 and C-512/18 La Quadrature du Net and Others, and case C-520/18 Ordre des Barreaux Francophones et Germanophone and Others.

Notes address question whether the IP addresses or other data relating to electronic communications are capable of providing information on the content of communications, what information concerning the private lives of the concerned persons can be obtained from IP addresses or other data relating to electronic communications, as well as whether, and to what extent, it would be possible to limit the retention and the access to electronic communication data while enabling the objectives set out in Article 15(1) of the ePrivacy Directive.

Source: Pleading notes of the European Data Protection Supervisor (EDPS)

Changes in ePrivacy Regulation regarding electronic communications and digital marketing

On 26 July 2019, at the level of the Council, the Finnish government has issued a revised (Council) proposal for the e-Privacy Regulation with some amendments concerning electronic communication content, data & metadata, and further processing of metadata. This proposal will be discussed during a next Council meeting on 9 September 2019.

The Proposal has introduced a limited number of amendments. Most notable:

  1. Article 6 is divided into four distinct provisions, in order to clarify their respective scope by scope of data (all data, content, metadata).
  2. Data can only be processed (i) for the duration necessary for the permitted purposes and (ii) if those purposes cannot be fulfilled by processing information that is made anonymous.
  3. Targeted advertising might not constitute direct marketing communications.

Source: EUROPE: e-Privacy Regulation – changes regarding electronic communications and digital marketing

1 2 3 12
>