Council sets out its position on the ePrivacy Regulation

After years of discussions, the EU member states today agreed on a common position in the Council regarding the ePrivacy Regulation. Now the trialogue with the European Parliament can begin.

The aim of the ePrivacy Regulation is to protect privacy and confidentiality when using electronic communications services. The existing ePrivacy Directive from 2002 is repealed. The planned ePrivacy Regulation supplements the GDPR and provides for special regulations for the protection of privacy in the digital world.

For four years now, the member states have been working on getting the regulation off the ground. The Council’s new draft, for example, proposes to process metadata of users without their explicit consent. In addition, a national security and defense exception should apply to all provisions, he said. The European Parliament, on the other hand, had already committed itself to its – significantly stricter – position nine months after the EU Commission presented the draft regulation. The final text must now be negotiated by the EU member states with the Commission and Parliament.

The BfDI notes considerable risks to data protection in the agreement between the member states. In this context, it criticizes the following points in particular:

In the trilogue negotiations, the Council and the European Parliament are called upon to reconcile the concerns of the advertising industry with the interests of consumers in protecting their data in the digital world. It is of little help to confront the European advertising industry with overly strict requirements, so that in the end only large U.S. service providers can expand their market power. It remains to be seen whether those involved will succeed in this task.

The Council’s draft is available here.