Wednesday

26th Apr 2017

EU proposes tougher privacy rules for online messaging

  • Messaging services are facing tougher privacy rules (Photo: Nicolas Nova)

The EU commission is tightening privacy rules on messaging services like WhatsApp, Skype and web-based email.

On Tuesday (10 January), it proposed to overhaul the e-privacy directive to bridge the gap between traditional telephone operators and the broadly US-based instant messaging services.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

The current directive, last reformed in 2009, only covers telecom operators. The reform expands the rules to online services, gives people more control over intrusive cookies, and evolves the directive into a much more powerful regulation.

The EU commission says the reforms are also needed because over 90 percent of people in an EU survey want their emails and online messaging to remain confidential.

The proposal involves giving people the choice to opt in or out of services provided by so-called Over-The-Top (OTT) applications such as WhatsApp or Facebook Messenger. But it also claims to open up new business opportunities for more traditional telecom operators by allowing them to commercialise data that was previously off limits.

"Consent of the user is paramount," EU digital economy commissioner Andrus Ansip told reporters.

Ansip said the new rules would not only apply to traditional services like voice calls or SMS, but also to internet based communication services "or future based services that allow any type of communication".

Consent will be required for anything from so-called metadata - the details of when and where a call was placed - to the content of communications.

Email providers like Gmail regularly scan people's emails to help target adverts. Cookies are also required to provide Google's translation services of those emails.

The Commission says the same services will now have to provide "effective consent", giving people a more readily available option of saying no instead of having to read through the small print in the terms and conditions.

Gmail will also only be able to process the bare minimum of data needed to provide the email service for free.

It means today's email scanning will be banned unless the user agrees. But saying no to email scans only prevents adverts from being personalised or relevant to the user. It does not stop adverts.

Consent won't be needed for everything. Things like remembering shopping histories and filling in online forms will be exempted.

One Finnish web developer recently discovered a "phishing" attack that specifically targets auto-fill, reported the Guardian.

The developer found that some browsers like Google Chrome's auto-fill can be tricked into giving away personal information like email addresses through an auto-fill function that is not disabled by default.

Brussels-based consumer lobby group Beuc argues that the Commission's proposal should have blocked cookies by default.

“Consumers must have an alternative to being under 24/7 commercial surveillance when using digital services," said Beuc director Monique Goyens.

Some are not happy, fearing it will cut into their advertising revenues.

"The approach to extend historic telephony rules to new services does not reflect today’s market realities," said the Brussels-based American Chamber of Commerce to the EU.

Firms that break the rules could end up paying fines of up to 4 percent of their global turnover.

The Brussels-executive is hoping to have the new rules up and running by the time the EU's data protection regulation, agreed last year, is fully operational by May 2018.

Data protection regulation and e-privacy

EU commission officials say their is no overlap between e-privacy and the general data protection regulation.

They note that the regulation deals with processing of personal data, while e-privacy covers communication between people.

OTTs under the old data protection rules were also able use a "legitimate interest" clause to process data without people's consent. The new rules remove that clause.

The EU's digital economy in 2015 was worth €272 billion.

EU trying to salvage US deal on data privacy

Privacy safeguards for EU citizens' personal data that is sent to the United States remains exposed to abuse, due to the lack of oversight and the shift towards increased surveillance under president Trump.

EU targets Google in copyright reform

Publishers welcomed EU proposals for a new right that could see them take a bite out of Google's income, but some say the law could end up hurting Google's smaller rivals.

Analysis

Juncker's unrealistic promise of free wifi

The commission president said "every European village and every city" will have public internet access in 2020, but the statement was not backed up by any legally binding target.

News in Brief

  1. EU Commission launches probe into Hungary's university law
  2. Scots slowly losing appetite for independence - poll
  3. Council of Europe puts Turkey on watch list
  4. EU to put parental leave on political agenda
  5. Israel cancels German meeting over human rights groups
  6. Hungary's Orban will participate in EU parliament debate
  7. Malta floats cash-for-refugees plan
  8. Ivanka Trump to meet Merkel at Berlin women's conference

Stakeholders' Highlights

  1. UNICEFRace Against Time to Save Millions of Lives in Yemen
  2. Nordic Council of MinistersDeveloping Independent Russian-Language Media in the Baltic Countries
  3. Swedish EnterprisesReform of the European Electricity Market: Lessons from the Nordics, Brussels 2 May
  4. Malta EU 2017Green Light Given for New EU Regulation to Bolster External Border Checks
  5. Counter BalanceCall for EU Commission to Withdraw Support of Trans-Adriatic Pipeline
  6. ACCAEconomic Confidence at Highest Since 2015
  7. European Federation of Allergy and Airways60%-90% of Your Life Is Spent Indoors. How Does Poor Indoor Air Quality Affect You?
  8. European Gaming and Betting AssociationCJEU Confirms Obligation for a Transparent Licensing Process
  9. Nordic Council of MinistersNordic Region and the US: A Time of Warlike Rhetoric and Militarisation?
  10. European Free AllianceEFA MEPs Vote in Favor of European Parliament's Brexit Mandate
  11. Mission of China to the EUXinhua Insight: China to Open up Like Never Before
  12. World VisionViolence Becomes New Normal for Syrian Children

Latest News

  1. European states still top media freedom list
  2. Let’s not put European public health at risk
  3. Threatened Budapest university calls for EU support
  4. Orban set to face down EU threats
  5. Dont expect 'quick fix' in Syria, China tells EU
  6. Russische schwarze Kassen bedrohen EU Demokratie
  7. Libya commanders in Brussels for migration talks
  8. Mixed review for EU asylum spots in Greece and Italy