The proposals, which would revise the ePrivacy Directive, reinforce EU citizens' right to privacy and control of their personal data, and will force email, messaging and voice services to guarantee the confidentiality of conversations and metadata around the time, place and other factors of those conversations.
New EU proposals to strengthen trust & give a boost to #dataeconomy 📱- press release: https://t.co/Jr0zNcd9yi #ePrivacy pic.twitter.com/HAFn7mkiwE
— European Commission (@EU_Commission) January 10, 2017
Listening to, recording, intercepting, scanning or storing communications on these platforms will not be permitted without the consent of the user, unless it is critical for billing or other purposes. Social media platforms must also ask users for explicit consent before using their data for advertising purposes.
Rules governing the placing and use of cookies currently require consent for all purposes, and have led to cookie warnings appearing on sites when a visitor accesses them for the first time.
The proposals aim to simplify them, and remove the overload of cookie warnings. The proposals also ban unsolicited and nonconsensual electronic communication, requiring marketing calls to display phone numbers or use a special prefix explicitly for marketing calls. Companies falling foul of the new regulations will face fines of up to 4% of global turnover.
While sold as simplifying, pro-consumer reforms, the proposals would also allow businesses to use certain customer metadata to advertise additional services to those individuals, something banned under current rules.
This element has proved controversial, with Monique Goyens, director-general of the European Consumer Organization, telling Sputnik cookies relevant for the operation of certain internet functions, such as items in an online shopping cart, or cookies used to analyze visitor numbers, will no longer require consent.
Happy New Year! #EuDataP #Privacy #ePrivacy #Encryption https://t.co/zc87jjjSQk pic.twitter.com/CJCYNGzLUx
— Gabriela Zanfir (@gabrielazanfir) December 31, 2016
"Consumers should be able to rest assured that their phone calls, e-mails or messages are for their eyes and ears only, irrespective of the service they use. They must have an alternative to being under 24/7 commercial surveillance when using digital services. When 92% of Europeans tell the EU they want their browser to automatically protect communications, the EU should heed their call. Smart devices and apps should not track consumers' behavior by default," Goyens told Sputnik.
Trust remains key to Data-Economy. #EPrivacy must be fully aligned with #GDPR. My press release: https://t.co/D2gVsXKXk7
— Viviane Reding (@VivianeRedingEU) January 10, 2017
Viviane Reding, MEP and former European Commission Vice-President, likewise urged careful examination of metadata exemptions in a statement.
"Legislators must analyze the text meticulously to ensure the devil is not hidden in the detail of the many exceptions provided in respect of electronic communications content," Reding said.
Voices within the digital media industry have, however, blasted the proposals. Townsend Feehan, chief executive of trade body IAB Europe, said that while the Commission had a "perfect opportunity" to prove it was serious about improving regulation, it had instead "rammed through" a proposal for "yet more" regulation, before it was determined whether existing rules were sufficient for protecting citizens' privacy.
"New data protection rules adopted only year ago addressing virtually the same subject matter are yet to be applied in practice. The Commission [is] presenting a law that would undeniably damage the advertising business model — without achieving any real benefits for users from a privacy and data protection point of view," Feehan said.
Not good that final #ePrivacy text scrapped group action possibility for consumers ≠ not in line with GDPR. Was in earlier draft pic.twitter.com/rejSVuiR2G
— The Consumer Voice (@beuc) January 10, 2017
He went on to warn that individuals who thought current cookie banners were annoying would be disappointed when things don't improve under the proposals.
"Without significant improvements to the proposed text, users would have to actively change the settings of every single device and app they use, and more actively deal with constant requests for permission for the use of harmless cookies when visiting websites and using other digital services," he added.
The proposals require approval from the European Parliament and Member States before becoming law.