Today, on 22 November 2019, the Permanent Representatives Committee of the Council of the European Union (COREPER) has rejected the Council’s position on a draft ePrivacy Regulation.

“In this era of disinformation and privacy scandals, refusing to ensure strong privacy protections in the ePrivacy Regulation is a step backwards for the EU,” said Diego Naranjo, Head of Policy at European Digital Rights (EDRi). “By first watering down the text and now halting the ePrivacy Regulation, the Council takes a stance to protect the interests of online tracking advertisers and to ensure the dominance of big tech. We hope the European Commission will stand on the side of citizens by defending the proposal and asking the Council to ensure a strong revised text soon in 2020.”

“The ePrivacy Regulation aims to strengthen users’ right to privacy and create protective measures against online tracking. Instead, EU states turned it into a surveillance toolkit,” said Estelle Massé, Senior Policy Analyst at EDRi member’s Access Now. “Today’s rejection should not be a signal that the reform cannot happen. Instead, it should be a signal that states must go back to the negotiating table and deliver what was promised to EU citizens: stronger privacy protections.”

In January 2017, the European Commission launched its proposal for a new ePrivacy Regulation, aiming at complementing the General Data Protection Regulation (GDPR), to protect the right to privacy and to the confidentiality of communications. An update to the outdated 2002 ePrivacy Directive is sorely needed – in today’s world where technology is intertwined in our everyday life, a strong regulation is crucial to protect us against the negative impacts of “surveillance capitalism”, to safeguard the functioning of our democracies, and to put people as the core element of the internet. The European Parliament took a strong stance towards the proposal when it adopted its position in October 2017. For over two years, the Council halted the proposal from advancing, presenting suggestions that lowered the fundamental rights protections that were proposed by the Commission and strengthened by the Parliament.

Today, the Council has voted to reject its own text. This leaves the door open for current practices that endanger citizens’ rights to continue happening. Now it is up to the Commission to either withdraw the entire proposal and leave citizens unprotected, or to the Council to prepare a new text that can get enough support to allow moving forward with the proposal. To meet the aims set for the ePrivacy Regulation, the new text should ensure privacy by design and by default, protect communications in transit and when stored, ban tracking walls, prevent backdoors to scan private communications without a court order and avoid secondary processing of communications data without consent.

Read more:

e-Privacy revision: Document pool

https://edri.org/eprivacy-directive-document-pool/

EU states vote on ePrivacy reform: We were promised more privacy. Instead, we are getting a surveillance toolkit. (22.11.2019)

https://www.accessnow.org/eu-states-vote-on-eprivacy-reform-we-were-promised-more-privacy-instead-we-are-getting-a-surveillance-toolkit/

EU Council considers undermining ePrivacy (25.07.2018)

https://edri.org/eu-council-considers-undermining-eprivacy/

Five reasons to be concerned about the Council ePrivacy draft (26.09.2018)

https://edri.org/five-reasons-to-be-concerned-about-the-council-eprivacy-draft/

Open letter to EU Member States: Deliver ePrivacy now! (10.10.2019)

https://edri.org/open-letter-to-eu-member-states-deliver-eprivacy-now/

The most recent European Council ePrivacy text (15.11.2019)

https://www.politico.eu/wp-content/uploads/2019/11/file.pdf