Europe’s Next Privacy Battle
The GDPR has just come into force and now the next legislative giant lurks around the corner: the ePrivacy Regulation, which is currently being negotiated in the European Parliament and the European Council. According to the Council’s plan, the regulation will be adopted by the end of 2018 or early 2019.
The ePrivacy Regulation (ePR) – even stricter than the GDPR
Many companies in Europe are still struggling with the most recent data protection law and now the next reform has entered the starting gates. The implementation of the ePrivacy Regulation will impact day-to-day business activities and future innovations.
The new regulation will have serious consequences as its scope covers almost every form of electronic communication. This includes traditional communication services such as telephone, web or e-mail services, as well as novel everyday services made possible by the Internet of Things, such as smart refrigerators, fitness trackers or connected vehicles. The ePR protects the confidentiality of electronic communications, and in contrast to the GDPR, it places all data processing, both personal and non-personal data, under a complete agreement regime with extremely rigid exceptions.
What companies need to expect
Most companies, especially those in the digital and communications industries, are currently still waiting to establish appropriate measures to meet the requirements. Data protection and digital transformation are among the most important issues of our time and the implementation of the GDPR has already created an important basis. Even though the exact framework conditions for the ePR are not yet final, the current draft contains points that will prove unfavorable for Europe as a business location and also do not guarantee the highly important factor of ensuring simplicity for users. Industry views one of the biggest challenges to be the expansion of scope provided for in the regulation, i.e. that basically every communication via digital devices in dialogue marketing and in the online marketing context is considered personal. The debate on the regulation raises several highly important issues, namely the financing of the internet and free access to information.
Supporters and critics
As discussions continue on the draft ePrivacy Regulation, politicians underline the importance of data protection, especially in the digital environment. “With one click you can manipulate hundreds of thousands or millions of people, whether you know their names or not,” Birgit Sippel, a European Parliament member from Germany who drafted the ePrivacy legislation, told The New York Times. To show their support for the ePrivacy Regulation, CEOs from some of the EU’s leading privacy-focused services wrote an Open letter to the Ministers of the European Union at the beginning of June, highlighting the indispensable role end-to-end encryption plays in protecting individuals’ data online and in increasing trust in the security of digital services.
Critics and opponents of the new regulation, on the other hand, fear that it might bring innovation barriers to Europe as a technology location and undermine existing business models. The New York Times quoted the warning issued by tech industry groups, which stated that the ePR is so stringent that it could kill off data-driven online services and chill innovations like driverless cars. “Europe will become a digital backwater,” Daniel Dalton, a member of the European Parliament from Britain and opponent to the ePR, told The New York Times.