ePrivacy Reform and the Data Economy

ePrivacy Reform: Customer-Friendly and Innovation-Ready Approach Needed

On 10 January, the European Commission published its proposal for a Regulation on Privacy and Electronic Communications. The Regulation is intended to replace Directive 2002/58/EC and complement the existing General Data Protection Regulation (GDPR). The proposed e-Privacy Regulation will have a broader scope than its predecessor in that it will apply to all providers of electronic communications services. Notably, in contrast to the e-Privacy Directive, the proposed e-Privacy Regulation will also cover over-the-top players providing communication functionality, and ancillary communications services, such as gaming systems offering live chat capabilities. While the GSMA and ETNO advocated a consistent framework where providers of equivalent services are governed by the same rules, the current proposal is too restrictive and the GSMA and ETNO have called on the co-legislators to find a more customer- and innovation-friendly approach.

In particular, the GSMA and ETNO have raised concerns about the limited grounds for processing content and metadata that would be permitted under the proposal, which relies too heavily on consent and anonymisation. Instead, more alignment is needed with the GDPR, which allows data to be processed for purposes that are compatible with the original purpose and recognizes pseudonymisation as a valuable safeguard.

Afke Schaart, Vice-President Europe at GSMA, said: “Just like the Commission, we consider it is fundamental to create a privacy framework that enhances consumer trust in the context of electronic communications. However, we must ensure that the detailed requirements, such as the limited lawful grounds for processing, do not inadvertently frustrate use of metadata that is both innovative and sensitive to privacy concerns.”

At a recent briefing, the European Commission presented the proposal and provided clarifications on technical questions raised by stakeholders. The Commission has now started exchanges with the Council.

Stakeholders are now gearing up for the debates in the European Parliament, where the Committee on Civil Liberties, Justice and Home Affairs (LIBE) will take the lead, with MEP Marju Lauristin (S&D) as the rapporteur. The ITRE, IMCO and JURI Committees will deliver opinion reports.

The GSMA recently spoke at the Computers, Privacy and Data Protection conference, participating in the Do We Need E-Privacy? panel. With panellists from the European Commission, Acxiom and Ghostery, the GSMA discussed the reform of the EU e-Privacy Directive and the next steps in the process. The panel focused on the proposed changes and their potential impact on businesses, while discussing the need for the proposed amendments and the interplay between the proposed e-Privacy Regulation and the GDPR.

Building a European Data Economy

The Commission has recently issued a Communication on building the European data economy, which highlights a number of issues that the Commission believes hinder its completion. It addresses unjustified restrictions to the free movement of data across borders, as well as several other matters such as access to and re-use of data, legal responsibility for data, portability of non-personal data and interoperability.

In each of these areas, there are highly complicated issues on which there is no obvious consensus and it is unclear at this stage what legislative proposals, if any, will emerge from the public debate or how long it will take. Having attended related events organised by the European Policy Centre, the European Internet Forum and Forum Europe, the GSMA intends to respond to the Commission’s consultation in the coming weeks. However, it is clear that much more discussion will be needed before some of the thornier issues can be resolved with any certainty.