Brussels plans to strengthen online privacy protection

The European Commission has published a series of proposals that aim to modernize privacy rules. It also plans to broaden the field of application of rules for data protection to encompass all means of communication.

Nmedia - Fotolia

Skype, WhatsApp, Viber, Facebook Messenger. All these services, which enable people to send and receive messages as well as to make phone calls via the internet rather than via traditional lines, have flourished since the beginning of this decade.

"I personally use them to speak to my children in Estonia," said Andrus Ansip, vice-president of the European Commission and responsible for the single digital market, during his January 10 announcement of a strengthening of the rules for protecting privacy.

In the eyes of the Commission, the most recent (2009) version of the "e-Privacy" directive has been overtaken by technological progress and no longer meets the expectations of Europeans.

In fact, 92% of Europeans regard it as "important" or "very important" that their personal data – whether on their computer, their smartphone or their tablet – only be accessible when they have provided express authorization to do so.

Hence, the need to modernize the rules for respecting private life which until now have only governed traditional telecommunications service providers. Thus, the Commission has proposed that the content of conversations as well as the corresponding metadata (destination, the length of a call, locality, etc.) may only be made available with the explicit consent of the user. In the absence of this, such information must be deleted or anonymized.

"The proposed reforms have been anticipated for a long time," notes European parliamentarian, ecologist Jan Philipp Albrecht. "Nevertheless, we deplore the weakness of the proposals regarding the monitoring of user activity."

The Greens fear that if consumers fail to explicitly refuse, service providers will assimilate their silence to tacit consent so as to be able to exploit their data. However, the European Commission repudiates this.

"Under the new rules, service providers will not be able to hide such dispositions in a long list of general use conditions. The strength of the consent required was different in the past. Assent will now need to be clear."

Similarly, listening, reading, recording or intercepting conversations will no longer be authorized without the agreement of the user. Google, for example, does not hide the fact that it scans user Gmail emails in order to provide advertising based on the interests of the user.

In the same line, the Commission wishes to enable web users to have better control of "cookies," the markers that compile information that websites aggregate visit by visit with the objective of personalizing their pages.

This will not apply to "native cookies," namely the non-intrusive cookies that aid navigation but will target cookies installed on behalf of other parties. Nevertheless, the user will need to accept or refuse such cookies as well.

"Consent is the key to the proposal," argues Ansip, who admits that the idea of prohibiting all kinds of targeted advertising was envisaged but quickly abandoned.

"Based on the need to respect privacy, web users would not be able to receive personalized advertising but would be submerged with advertising that did not interest them at all," he adds.

In any event, the Commission's proposal does not prohibit web users from using ad-blocking software, a provision that is favorable to web users.