There have been a lot of conflicting opinions among EU member states since the European Commission presented its plans to turn the ePrivacy Directive into European law.
Continuous internal disagreement and trade lobbyism appear to have stalled the plans for publication completely.
But senior counsel at Future of Privacy Forum Gabriela Zanfir-Fortuna expects rough sailing when the actual negotiations between the parties begin.
Especially issues on permitted uses of cookies and cookie walls may trigger delays and the fact that hard lobbyism is trying to alter aspects of the ePrivacy Regulation in favor of the advertising industry.
A new iteration of the ePrivacy text is expected to be ready for the next meeting of the Working Party on Telecommunications and Information Society on November 7.
The Regulation will introduce stricter requirements for what is and is not confidential in electronic communications and what defines tracking of internet users.
According to the latest drafts of the Regulation, the ePrivacy Regulation will:
Especially the last argument could be a huge issue for the advertising industry as it will be harder for websites and bureaus to generate revenue through behavioral advertising, which relies on cookie data.
The new ePrivacy Regulation will repeal and replace the EU’s present ePrivacy Directive (2002/58/EC). The new provisions will cover electronic communication networks; data stored in or sent from end users’ equipment such as computers, smartphones, and tablets (including cookies, device IDs, and other identification software); and methods used to contact customers over electronic-communication networks for direct marketing purposes.
On October 18, the European Publishers Council, together with nine other European publishers and advertising bodies, directed a plea to the European council arguing that:
“The ePrivacy Regulation puts the future financial viability of independent, advertising-funded media at risk”.
The risk is well-defined as, under the current ePrivacy law proposals, publishers and any site owners would need explicit consent to use any form of a cookie.
In the case against the German lottery website Planet49, the CJEU ruled that users must actively choose to let companies store cookies in their browsers. Websites may not assume users want cookies by default. Pre-ticked boxes may therefore be a thing of the past.
Moreover, the Court also clarified that ePrivacy would protect both personal and non-personal data in order to fully protect users’ private spheres and to avoid any misunderstandings of what personal data is.
Many experts believe the ruling provides legal certainty, which will boost the legislative efforts to adopt the ePrivacy Regulation, IAPP reports.
Is your website ready for the ePrivacy Regulation?
We will only know for sure how strict the ePrivacy Regulation will be on collecting consent for cookies when it finally arrives.
In the meantime, we adhere to the ePrivacy Directive for using cookies and the GDPR for collecting and processing personal information (with cookies).
Are you in doubt whether your current cookie consent solution complies with the ePrivacy Directive and the GDPR?
We can provide you with a free and professional assessment of your cookie solution. Request a compliance check below!