Briefing – Implementation Appraisal – February, 2017
Directive 2002/58 concerning the processing of personal data and the protection of privacy in the electronic communications sector
This briefing is one in a series of ‘Implementation Appraisals’ on the operation of existing EU legislation in practice. Each briefing focuses on a specific EU law, which is likely to be amended or reviewed, as envisaged in the European Commission’s annual work programme. Implementation Appraisals aim to provide a succinct overview of material publicly available on the implementation, application and effectiveness of an EU law to date – drawing on available input from the EU institutions and external organisations. They are provided to assist parliamentary committees in their consideration of the new proposals, once tabled.
Since the adoption of Directive 2002/58 on privacy in the electronic communications sector (ePrivacy Directive), pervasive technological, economic and social changes have tangibly influenced the way we use electronic communications and electronic communications equipment such as mobile phones and laptops. Among other things, these changes have had a direct impact on how our personal data are accessed, processed, used and ultimately protected. This in turn has affected the ability of the ePrivacy Directive to achieve one of its primary objectives: ensuring that the fundamental rights to the respect of private and family life, home and communications, and to the protection of personal data (respectively Articles 7 and 8 of the Charter of Fundamental Rights of the European Union), are equally protected in an electronic communications environment.
The directive is part of the regulatory framework for electronic communications; as such, it applies the definition of ‘electronic communications’ outlined in Article 2 of Directive 2002/21 (the Framework Directive). As will be explained below, this has direct implications for the current scope of ePrivacy rules and their continued ability to provide legal clarity in a fast-moving technological environment. For instance, despite the 2009 amendments to Directive 2002/58, the recent diffusion of over-the-top (OTTs) players offering to consumers various internet-based services, such as instant messaging, still leaves areas of uncertainty, as OTTs are currently not covered by the current ePrivacy provisions.
Against this background, the Digital Single Market Strategy of May 2015 included a revision/upgrade of existing ePrivacy rules among its key priorities, as a way to complement and further specify the EU legislative framework on data protection. Indeed, the revision of Directive 2002/58 is also meant to ensure that future ePrivacy rules are aligned with the General Data Protection Regulation (GDPR) that will become applicable in May 2018. A proposal to that effect was adopted by the European Commission on 10 January 2017.
It seeks to repeal the original directive and replace it with a regulation, with the aim of achieving three main objectives through a set of targeted changes to the current text: 1) the effective confidentiality of all electronic communications, thanks to more technologically neutral and future-proof legislation; 2) effective protection from unsolicited commercial communications through, among other things, a ban on anonymous marketing calls; and 3) greater harmonisation and simplification of the existing legal framework, by adopting a single set of rules for the entire EU and by eliminating redundant and outdated provisions.
Click here to download the full briefing.
SOURCE: European Parliament