Joint industry letter on the future of the ePrivacy Regulation
31 May 2018
Ahead of the 8 June TTE Council, we urge Member States to remain cautious in their examination of the draft ePrivacy Regulation (ePR). Limited progress has been achieved since the beginning of Council discussions early last year and many questions remain open. More time is needed to assess the ePR’s scope of application, its overlaps with the General Data Protection Regulation (GDPR) and its impact on all sectors of the economy.
The ePR proposal has departed from the laudable objective of protecting the confidentiality of communications and goes on instead to greatly limit the processing of a broad array of both personal and non-personal data. Rather than complementing the GDPR, the proposal replaces and contradicts many of the fundamental checks and balances of the EU’s data protection framework.
For example, legal grounds for processing and consent requirements differ between the two instruments. The processing of electronic communications and terminal equipment data is not allowed under the same conditions as personal data under the GDPR. As a result, the same types of data are treated differently and non-sensitive data – such as non-personal data, which is not covered by the GDPR as it doesn’t relate to individuals – is subject to unreasonable rules.
The considerable negative impact of an inflexible ePR will extend to all sectors of the EU digital economy – from digital media to connected cars, medical technology and smart manufacturing – which will be exposed to additional burden at best or, at worst, unable to continue offering and innovating their products and services using data. The GDPR, which has only now come into full application, provides for comprehensive rules that industry, authorities and Member States are all working hard to implement.
The GDPR was heavily inspired by discussions on the current ePrivacy Directive prior to 2009 and, subsequently, by its text; as such, it provides for the highest level of data protection, and departure from its provisions should not be tackled carelessly.
While we support the need to protect the confidentiality of communications, we believe that more reflection is needed on the ePR proposal to ensure a coherent data protection legal framework for the EU. Consistency between the ePR and the GDPR will secure a high level of privacy protection and legal clarity for businesses with regards to data processing and enforcement.
We call on Ministers to clearly signal during the 8 June meeting that Member State discussions on the ePR should not be rushed and trialogue negotiations should not commence until a robust, balanced and comprehensive General Approach is obtained. We stand ready to support the Council in its efforts to produce a more coherent outcome for the final Regulation.
Grace Aungier, CEO, Magazines Ireland Tel 01 667 55 79 email@example.com
The following associations have signed this letter: ACEA – European Automobile Manufacturers’ Association acea.be § Acsel – Le Hub de la transformation digitale acsel.asso.fr § Adigital – Asociación Española de la Economía Digital adigital.org § AER – Association of European Radios aereurope.org § AFNUM – Alliance Française des Industries du Numérique afnum.fr § AGORIA agoria.be § ANISP – Asociatia Nationala a Providerilor de Internet din Romania anisp.ro § APDSI – Associação para a Promoção e Desenvolvimento da Sociedade da Informação apdsi.pt § APPLiA – Home Appliance Europe applia-europe.eu § ASIC – Association des Services Internet Communautaires lasic.fr § BusinessEurope businesseurope.eu § BSA | The Software Alliance bsa.org § BVDW – Bundesverband Digitale Wirtschaft bvdw.org § CCIA – Computer and Communications Industry Association ccianet.org § CLEPA – European Association of Automotive Suppliers clepa.eu § COCIR – European Coordination Committee of the Radiological, Electromedical and Healthcare IT Industry cocir.org § Confederation of Industry of the Czech Republic spcr.cz § Dansk Erhverv – Danish Chamber of Commerce danskerhverv.dk § Dansk Industri – Confederation of Danish Industry di.dk § Developers Alliance developersalliance.org § DIGITALEUROPE digitaleurope.org § DINL – Stichting Digitale Infrastructuur Nederland dinl.nl § EACB – European Association of Co-operative Banks eacb.coop § EBF – European Banking Federation ebf.eu § eco – Association of the Internet Industry eco.de § Ecommerce Europe ecommerce-europe.eu § ECTA – European Competitive Telecommunications Association ectaportal.com § EDiMA edima-eu.org EGBA – European Gaming and Betting Association egba.eu § EMMA – European Magazine Media Association magazinemedia.eu § EMOTA – European eCommerce and Omni-Channel Trade Association emota.eu § ENPA – European Newspaper Publishers’ Association enpa.eu § EPC – European Publishers Council epceurope.eu § EuroCommerce eurocommerce.eu § EuroISPA euroispa.org § European Tech Alliance eutechalliance.eu § FEDMA – Federation of European Direct and Interactive Marketing fedma.org § GESTE – Les éditeurs de contenus et services en ligne geste.fr § IAB Europe iabeurope.eu § INFOBALT infobalt.lt § ISFE – Interactive Software Federation of Europe isfe.eu § ISPA – Internet Service Providers Austria ispa.at § ITI – Information Technology Industry Council itic.org § IT&Telekomföretagen – Swedish IT and Telecom Industries itot.se § JBCE – Japan Business Council in Europe jbce.org § Latvijas Interneta Asociācija lia.lv § Nederland ICT nederlandict.nl § News Media Europe newsmediaeurope.eu § SAPIE – Slovak Alliance for Innovation Economy sapie.sk § SEPE – Federation of Hellenic Information Technology & Communications Enterprises sepe.gr § Syntec Numérique syntec-numerique.fr § TECH IN France techinfrance.fr § Technology Industries of Finland teknologiateollisuus.fi § Technology Ireland technology-ireland.ie § techUK techuk.org § ZIPSEE – Digital Poland zipsee.pl § ZPP – Polish Union of Entrepreneurs and Employers zpp.net.pl