EU takes Britain to court over online data protection
The European Commission on Thursday (30 September) said it is to take the United Kingdom to court for not fully implementing data privacy rules for online users and allowing service providers to use "behavioural advertising" based on the websites visited by web surfers.
The legal case follows complaints from UK internet users who claim to have been spammed with ads as a result of so-called deep-packet inspections revealing the patterns of their daily online activities. Despite requests made last year by the commission, London has so far failed to amend its legislation so that it complies with EU law.
Dear EUobserver reader
Subscribe now for unrestricted access to EUobserver.
Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.
- Unlimited access on desktop and mobile
- All premium articles, analysis, commentary and investigations
- EUobserver archives
EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.
♡ We value your support.
If you already have an account click here to login.
Under community rules, member states need to "ensure the confidentiality of the communications and related traffic data by prohibiting unlawful interception and surveillance." Also, online users need to be asked for "freely given specific and informed consent" before being targeted by ads. Britain also has failed to establish sanctions in case of infringements and no independent authority is in charge of supervising implementation.
The current UK law authorises interception of communications not only where the persons concerned have consented to interception but also when the person intercepting the communications has "reasonable grounds for believing" that consent to do so has been given.
British authorities are punishing only "intentional interception", whereas EU law requires that members states prohibit any unlawful interception and ensure sanctions against such activity regardless of whether it was on purpose.
The original case was brought after British Telecoms (BT) angered consumers by running two secret trials of deep-packet inspection technology on broadband customers, without their consent, during 2006 and 2007.
"This is great news: [the case] showed there are big holes in the UK privacy laws. We need an official body to deal with citizens' complaints about illegal commercial interception and enforce our legal privacy rights," Jim Killock, from the Open Rights Group, a London-based pressure group campaigning for online privacy, said in a statement.
"More and more technologies can break our privacy rights. UK law needs to provide real protection," he added.
British authorities meanwhile expressed their "disappointment" over the commission's decision.
"We are planning to make changes to address the commission's concerns, and will be setting out more detail on any necessary amendments or legislation in due course," the Home Office said in a statement.