Things move fast in the world of privacy and data protection. Recently, the collective group of EU data protection authorities, the Article 29 Working Party ("WP29"), has been particularly active. In addition to publishing guidelines and launching consultations regarding the General Data Protection Regulation ("GDPR"), WP29 also released its views on the proposed ePrivacy law reforms, which legislators are aiming to coincide with the commencement of the GDPR. We examine the views of WP29.
What is the ePrivacy Directive?
In July 2016, following a public review and consultation carried out by the European Commission, WP29 issued an opinion on the reform of the Directive. In January 2017, the European Commission proposed a new law to regulate ePrivacy issues (the "Proposed Regulation"). This Proposed Regulation is intended to replace the Directive, and will overhaul the laws relating to electronic communications, direct marketing, cookies and other issues. One of the biggest changes will be the extension of the rules relating to confidentiality of communications to so-called 'over-the-top' service providers: online messaging providers who are not regulated under the existing ePrivacy Directive. Changes to align enforcement with the GDPR are also proposed.
In April 2017, WP29 issued an opinion on the Proposed Regulation. WP29 welcomed aspects of the Proposed Regulation, including the expansion to regulate 'over-the-top' service providers and the alignment of enforcement responsibilities with the GDPR.
However, WP29 has also expressed some significant concerns around the Proposed Regulation. In particular, WP29 highlighted issues regarding the proposed rules...