MEP Lauristin (S&D), the rapporteur, confirmed that in her view the ePrivacy is needed to particularise the GDPR for the electronic communications including the new technologies. Additionally, the fundamental right of privacy, which is different from the fundamental rights of data protection provides the basis for the ePrivacy to complement the GDPR with provisions which are not covered in the GDPR. Ms Lauristin was very clear that the legitimate interest of an organisation cannot be a justifiable basis to intrude on individual’s privacy. She believes the strongest point of her report is the power given to user to opt-in to tracking through browser solutions. In her view, many internet users do not have enough knowledge to use the opt-out tools from tracking, thus an opt-in model is the only workable solutions. She claims she has received many concrete example of consent and privacy solutions from the industry. She still aims at a very ambitious timeline with a vote in committee in October, but she agreed to push the deadline for amendments to the 10th July.
MEP Michal Boni (EPP), continued to call for a balanced approach which take both privacy and data flows into consideration. Additionally, in his view it is key that the eprivacy is fully consistent with both the European Electronic Communication Code and the GDPR, and keep a strong technology neutral approach. In particular, not all cookies should be seen as malicious. Thus, instead of focusing on the technology, the proposal should consider the purpose for which the tracking take place. He believes that the suggested restrictions will impact the ability for Europe to innovates.
MEP Dalton (ECR) shared his concerned regarding the too ambitious timeline, the Commission’s problematic proposal and the report from MEP Lauristin which he find highly damaging for the internet in Europe. The strong emphasis on consent in the Commission’s text and Ms Lauristin report is, in his view not in line with the GDPR charter of fundamental rights, which recognise in article 8 that personal data should be processed on consent or on some other legitimate basis laid down by law. From a consumer angle, the proposal will lead to a consent fatigue online. In his view, consumers can already efficiently use existing opt-out mechanism. Additionally, Mr Dalton made a very strong statement in favour of access to ad supported free content online. Any change to this business model will seriously impact individual’s access to online services as many, such as young and low income individuals, will not pay for it, while benefiting to large online platforms. Going in the same direction, MEP Axel Voss (EPP) and rapporteur for the JURI opinion, strongly criticized the consent centric proposal from the Commission and the Lauristin report which goes beyond the GDPR requirements.
MEP Albrecht (Greens) repeated that the ePrivacy regulation should not lower the protection afforded already today by the ePrivacy Directive, thus consent should remain the rules. However, debates should focus on how this consent rules can be implemented in practice, looking at technology solutions. Interestingly, he called for an expert overview and further clarification regarding the area of the proposal which particularise the GDPR, versus the one that complement it for privacy purposes.
MEPs are now invited to submit amendments to the report by the 10th of July, which will be considered by the rapporteur and the shadow rapporteurs after the summer break.