EU telecom law 1.2: What will come of the updated ePrivacy directive?

Employment and Social Affairs


During the last months, the EU organised a round of consultations on the ePrivacy directive, as major tech and telecom players asked to review and modify it. What will come of it?


During the last few months, major tech and telecom players asked the EU to review and modify the rules contained in the Directive on Privacy and Electronic Communications, known as the ePrivacy directive.

As a consequence, the EU organised a round of consultations, and the result is that now the EU intends to extend the privacy rules to also cover calls and messages sent over the internet, and therefore subjecting popular services like WhatsApp, Skype and Hangouts to a stricter regulation.


What stands behind the EU desire to extend the privacy rules?

What triggered this reaction from the EU was that more than three quarters of the citizens and civil society organisations who responded to the consultations believed the regulations should be improved and extended to cover over-the-top (OTT) service providers, in this case WhatsApp, Skype or Hangouts: 83% of individuals and organisations representing consumer rights agreed that there was a clear added value in having specific privacy rules for the electronic communications sector to ensure the confidentiality of electronic communications, 76% said the scope of the rules should be extended to OTT services, 93% of public authorities believe that some or all of the provisions should be broadened to cover OTT players.

Another indication in favour of an update of the directive to the current situation is that the citizens and civil society organisations are divided on the question of whether has achieved its objectives of ensuring free movement of personal data, equipment and services in the EU. In general, industry is more positive that the ePrivacy Directive has achieved its objectives, public authorities are even more positive.


The limitations within the ePrivacy Directive

The main subject of discussion concerned the limitations within the ePrivacy Directive, since it does not include articles on instant messaging, voice over IP and e-mail applications. The conclusions were that the rules are too vague, leading to differences between different countries and that the compliance and enforcement rules are lacking. Submitting online messaging and call services to telecom law would give national regulators the juridical base to legislate on how they operate, but internet companies say extending telecoms rules would upend how they do business.

Many firms have one European headquarters, but can be brought before court in any EU country where they face legal complaints. Facebook and Google are both based in Ireland, but have been challenged for privacy violations in several EU countries. If such changes are to be made, the internet-based companies suggest that there will be an abundance of law suits, making their activity difficult.


The fight between telecoms and internet companies over data protection

Telecoms companies are also fighting with online competitors over data protection. In results to the Commission’s enquiry published on the 4th of August, 43% of the telecom industry respondents said the law should be extended to apply to internet companies. Currently, internet firms are required to follow EU data privacy law. Telecom operators want the ePrivacy directive to be updated, since they comply with it on top of broader EU privacy rules.

On the other hand internet companies are concerned the Commission will require them to offer emergency calls free of charge. Under EU law, telecom operators have to provide free calls to the 112 emergency phone numbers. Emergency service providers are not pushing for that requirement to cover online services either and want internet firms to be required to tell consumers that they can’t make emergency calls because they cannot guarantee the same quality service.


What does civil society think of spam and cookies?

Regarding the complicated issue of cookies, civil society and public authorities were on the same page, with around 75% saying that information service providers should not be able to prevent access to their services if users refuse cookies. Unsurprisingly, corporate players took the opposite view and three quarters of industry said they should be able to block access if the users will refuse these identifiers.

Spam was also one of the subjects tackled during the consultations. Even though all the consultants agreed that Member States should not retain the possibility to choose between a prior consent (opt-in) and a right to object (opt-out) regime for direct marketing calls to citizens, there was a clear divide when it came to chose which regime to apply: 90% of citizens, civil society and public authorities favour an opt-in regime whereas 73% of industry favour an opt-out regime.

Draft proposals for the revised law are expected from the European Commission before the end of the year.

Radu Suicescu

Related Articles

Back to Top