The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Tech Industry Group Urges EU to Reconsider ePrivacy

by Chris Brook on Wednesday October 9, 2019

Contact Us
Free Demo
Chat

A European tech organization is encouraging the European Commission to reconsider its proposal for ePrivacy Regulation, a proposal that's set to regulate cookie usage.

A handful of European tech organizations and associations are urging the European Commission to pump the brakes on the draft ePrivacy Regulation that's been on the backburner for nearly three years.

While the regulation was due for approval sometime in 2019, movement around the initiative has been slow, specifically its implementation date, on which there’s been little traction. Despite calls for the adoption of reformed ePrivacy regulation by the European Data Protection Supervisor, the fact that EU states have delayed votes, the Council of the European Union has released proposed amendments, and other procedural considerations have made it so it’s unlikely ePrivacy goes into effect until 2021 at the latest.

The aim of the regulation is to apply stricter requirements when it comes to governing direct electronic marketing messages, cookies, and other tracking technologies based on where end users are based. It would replace the EU's existing ePrivacy and Electronic Communications Directive, from 2002.

DigitalEurope, a consortium that represents 69 technology companies and 40 trade associations across Europe, urged EU member states on Tuesday to reset talk around the regulation.

A slew of 60+ groups, including the European Automobile Manufacturers’ Association, the European Association of Communication Agencies, and the Information Technology Industry Council, signed off on the call to action.

The lack of progress around the regulation is the group’s major qualm, in addition to a lack of clarity around questions about the proposal.

Specifically, the group wonders what the scope of its application, its definitions, its inflexible legal bases and its relationship with the GDPR will be.

While doesn’t say it wants to completely table the regulation, it suggests that with a new European Commission assuming office in November and a new European Parliament, there's no time like the present for a "fresh start" to the debate.

“The Council [of the European Union] has endeavored to address industry’s concerns in the various iterations of the text. Unfortunately, attempts to solve the substantive issues have fallen short absent a more profound reconsideration of the proposal,” the group said in a statement.

The regulation, which applies to personal data and access of a user's equipment, was supposed to take effect alongside the GDPR in 2018. By reevaluating the legislation, especially with the implementation of GDPR in the rearview mirror, in 2020, the European Commission could "ensure certainty and consistency for both industry and consumers," DigitalEurope stressed.

The Centre for Information Policy Leadership, or CIPL, a global privacy and security think tank that's comprised of 90+ member companies, agreed with Digital Europe's stance this week, adding that E-Privacy needs to be consistent with the GDPR and enable the responsible use of data in the digital economy.

While talks on ePrivacy have largely stalled, the EU Court of Justice has made some strides with rulings in light of it. Earlier this month, on Oct. 1, it handed down a ruling that people must actively choose to let companies install cookies that track their internet browsing, not just check a box by default.

Tags: Privacy

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.