Following the recent finalisation of the new General Data Protection Regulation (GDPR), the Commission is now seeking public feedback on the ePrivacy Directive (Directive 2002/58/EC).
At a stakeholder workshop on the ePrivacy Directive on 12 April 2016, the Commission highlighted three particular objectives of the public consultation:
- ensuring that the Directive is consistent with the new GDPR;
- evaluate any need to broaden the technological scope of the Directive in light of more recent internet-based communication providers; and
- enhancing security and confidentiality of communications in light newer tracking methods, and in particular the need to ensure confidentiality of whole communication chains.
The issue concerning confidentiality of communications is particularly interesting given that it is beyond the scope of the GDPR, and may point to a clear need for a reformed legal instrument concerning ePrivacy.
The review of the ePrivacy Directive also raises the question of how to properly address tracking technologies beyond the current requirement for consent to store cookies on users’ devices. Arguably the new GDPR already goes further than its predecessor by explicitly stating that “online identifiers” may be personal data and thus afforded protection by the GDPR, but a reformed ePrivacy Directive may provide further protection in the specific context of electronic tracking.
It is also noteworthy that a large number of stakeholders are asking for the ePrivacy Directive to be replaced by a regulation to properly complement the GDPR, and this is clearly something that the Commission is considering as well given that it is one of the questions in the consultation.
The consultation is available here, and the deadline for responses is 5 July 2016.
Should you have any questions or want to know more about this consultation, please contact Christian Ernhede by email (email@example.com) or direct telephone (+46 736 32 18 80).