Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) - Progress report - Hoofdinhoud
Contents
| Documentdatum | 27-11-2019 |
|---|---|
| Publicatiedatum | 28-11-2019 |
| Kenmerk | 14447/19 |
| Van | Permanent Representatives Committee (Part 1) |
| Externe link | origineel bericht |
| Originele document in PDF |  |
Council of the European Union Brussels, 27 November 2019 (OR. en)
14447/19
Interinstitutional File: 2017/0003(COD) i
TELECOM 371 COMPET 764 MI 810 DATAPROTECT 288 CONSOM 317 JAI 1240 DIGIT 173 FREMP 172 CYBER 321 CODEC 1674
NOTE
From: Permanent Representatives Committee (Part 1)
To: Council
No. prev. doc.: 14068/19 + COR 1
No. Cion doc.: 5358/17
Subject: Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC i (Regulation on Privacy and Electronic Communications)
-
-Progress report
The present report has been drawn up under the responsibility of the Presidency and is without prejudice to particular points of interest or further contributions of individual delegations. It sets out the work done so far in the Council's preparatory bodies and gives an account on the state of play in the examination of the above mentioned proposal. The Council will be invited to take note of the report.
-
I.INTRODUCTION
-
1.The Commission adopted the proposal for a Regulation on Privacy and Electronic
Communications (ePrivacy proposal) on 10 January 2017 with the aim to replace the current ePrivacy Directive 1 . The proposal was one of the actions foreseen by the Digital Single Market Strategy 2 to reinforce trust and security in the Digital Single Market.
-
2.The aim of the Commission proposal, based on Articles 16 and 114 TFUE, is to ensure protection of fundamental rights and freedoms, in particular the rights to respect for private life and communications and protection of personal data in the electronic communications sector. It contains provisions ensuring confidentiality of electronic communications, including provisions concerning the protection of users' terminal equipment, as well as provisions on end-users' control over their electronic communications. The proposal also covers rules on enforcement and supervisory authorities.
-
3.In the European Parliament, the lead committee on civil liberties, justice and home affairs
(LIBE) adopted its report, together with the mandate to start inter-institutional negotiations on 19 October 2017, which was confirmed by a plenary vote on 26 October 2017. The rapporteur
for the file is Birgit Sippel (S&D, Germany).
-
4.The European Economic and Social Committee adopted its opinion on 5 July 2017.
1 Directive 2002/58/EC i of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications)
2 Doc. 8672/15
II. WORK WITHIN THE COUNCIL PREPARATORY BODIES
-
5.In the Council, the examination of the proposal has been carried out in the Working Party on Telecommunications and Information Society (hereinafter: WP TELE). The TTE Councils of 9 June 3 and 4 December 4 2017, 8 June 5 and 4 December 2018 6 and 7 June 2019 7 took note of the progress made respectively under the Maltese, Estonian, Bulgarian, Austrian and
Romanian Presidencies. Ministers also held a policy debate and an exchange of views on the proposal at the 8 June and 4 December 2018 TTE Councils respectively, in particular on such issues as: the link between personal data protection and protection of privacy of electronic communications; the need for future-proof privacy-protective and flexible rules taking into account latest developments in such areas as Machine-to-Machine communications or Internet of Things; the need to address the issue of child imagery online; the data retention issue; and the supervisory authorities.
Under the Finnish Presidency, the WP TELE examined this proposal on ten occasions and the Presidency issued a number of new compromise texts 8 . The discussion in the WP TELE was difficult and revealed different views and priorities among Member States on several aspects of the proposal. Accordingly, the Presidency worked intensively to find compromise solutions to accommodate the various concerns raised by delegations in order to strike a proper balance in the text. The main elements discussed in the WP TELE during the second half of 2019 are outlined below.
3 Doc. 9324/17
4 Doc. 14374/17 + COR 1
5 Doc. 9079/18 + COR 1
6 Doc. 14991/18 + COR 1
7 Doc. 9351/19 + COR 1
8 Docs. 11001/19, 11291/19, 12293/19, 12633/19, 13080/19, 13632/19, 13808/19, 14054/19 6. An important issue discussed in depth in the WP TELE was the issue of processing of
electronic communications data for the purposes of prevention of child abuse imagery. While
there was support for addressing this issue at the EU level, delegations had diverging views
on whether and how to do so in the ePrivacy proposal. Several options were analysed:
a/ addressing the issue in a separate legal act in the context of article 11 on restrictions,
b/ a temporary solution that would exclude such processing from the ePrivacy Regulation until specific EU legislation on this issue has entered into force, or
c/ a targeted solution providing for a permanent ground for such processing, including at the same time, appropriate safeguards to frame such processing.
Considering the gravity of this issue, the Presidency has eventually decided to include a permanent solution in new article 6d.
In this context, a number of delegations also believe that processing of electronic communications data for preventing other serious crimes, in particular terrorism, should also be allowed in the ePrivacy Regulation.
-
7.With regard to protection of terminal equipment information (article 8), the discussions evolved mainly around the issue of conditional access to website content and the need not to undermine existing business models while respecting the relevant conditions under the General Data Protection Regulation. The Presidency worked further on the recital text concerning the genuine choice of the end-user (recital 20) as well as on the text providing clarifications with regard to information society services financed through advertising (recital 21).
-
8.The Presidency made considerable effort on clarifying the scope of the Regulation, in particular when it comes to processing of electronic communications data by the end-users or entrusted third parties after receipt, or upon receipt for ensuring the security of the end-user’s network and information systems. The Presidency has also included recital text clarifying the concept of third parties.
In this connection, when it comes to processing of electronic communications data by the providers of electronic communications networks and services, the Presidency proposed a change that would allow such processing when necessary to provide electronic communications service. The advantage of this solution is that the term 'electronic communications service' is clearly defined in the Electronic Communications Code and, at the same time, could be considered to be more flexible ground for processing compared to the mere transmission of the communication. It could also cover storage of the messages if necessary for the service.
-
9.While the issue of data retention is primarily discussed in another formation (Friends of
Presidency on Data Retention under the Justice and Home Affairs Council) delegations consistently underlined the need to ensure that the approach taken in the ePrivacy Regulation does not negatively impact on any potential solution that may eventually be found on data retention. Since many delegations believed that relying only on the mechanism under article 11 would not be sufficient, the Presidency introduced modifications to that effect also in the related provisions (articles 2, 6 and 7).
-
10.Delegations support the flexibility for supervisory authorities introduced in the text under the previous Presidencies, but a number of them raised concerns about the cooperation among
various authorities involved (notably data protection authorities and national regulatory authorities) and with regard to the role and involvement of the European Data Protection Board (EDPB). This is in particular considering the need to respect the rules on composition and functioning of the EDPB under the General Data Protection Regulation. The Presidency proposed to include an obligation for the EDPB to consult supervisory authorities (which are not Data Protection Authorities) before exercising its tasks under the ePrivacy Regulation.
-
11.Delegations have also raised concerns about the way the ePrivacy proposal would interact with new technologies, in particular in the context of Machine-to-Machine and Internet of Things services. The Presidency therefore introduced further clarifications in the respective recitals, in particular 12 and 21, elaborating on consent in such cases and clarifying in which situations such services would be covered by the ePrivacy rules.
III. CONCLUSION
-
12.Based on the discussions in WP TELE as outlined above, the Presidency presented a compromise text 9 to the Permanent Representatives Committee with a view to proposing to the TTE Council of 3 December 2019 to adopt a general approach. However, the general approach did not receive sufficient support in the Committee. The TTE Council is therefore invited to take note of the present progress report.
9 14068/19 + COR 1