The European Union is once again proving itself to be ahead of the pack when it comes to protecting online privacy. A draft law from the European Commission is expected to put in place stringent rules on user security and privacy for online messaging services.
The new ‘ePrivacy Law’, which will affect services such as WhatsApp and Skype will require providers to sign up to a number of ‘“security and confidentiality provisions”. It has been revealed in draft policy papers seen by the Financial Times newspaper.
It is thought that the draft proposals are still being finalized, and before they become law they would still have to be passed by the European Parliament, and the parliaments of each member state. But an announcement is expected to be made on the proposed changes as early as mid-September.
The new regulations are expected to include guidance on the use of encryption, with some prominent EU campaigners on data privacy already calling for end-to-end encryption to be mandatory for all services of this kind.
They are also expected to outline how such services should comply with EU member states security services and, perhaps most worryingly for the companies themselves, how they can make money from the customer data they gather.
Currently, most EU regulation in this field is focused on the telecommunications industry. By ‘over-the-top’ services like Skype and WhatsApp, which provide SMS and voice messaging over the internet rather than traditional mediums, have been seen as sitting in a no man’s land between these regulations and the one’s government internet services.
Indeed, traditional telecoms business in Europe, such as Telefónica in Spain and Orange in France, have long complained that the services have a competitive advantage because of the lack of regulation they have to comply with.
It seems these organisations have finally got their wish, but industry officials are already throwing around the term ‘protectionism’ to describe the proposed new laws, given that most of the big names in this sector are US companies such as Microsoft, Google, and Facebook.
It is expected that the September announcement will trigger a long period of lobbying from the telecoms and internet sector which is already one of the most prominent and vocal in the EU. There is already evidence that the industry will campaign hard against the new rules.
Charlotte Holloway, the director of policy at TechUK, a trade association which represents internet companies, has already warned in the Guardian newspaper that the European Commission needs to “think carefully about the evidence of harm and the powers it already has at its disposal”.
Whatever the outcome of these negotiations, any new laws on this issue will be good news for the privacy-conscious internet user. The EU has a strong track record of protecting online privacy and it seems unlikely that corporate lobbying is going to stop these regulations altogether.
Messaging services such as Skype and WhatsApp have traditionally been unencrypted and therefore easy pickings for both hackers and watchful security services. But there is, of course, a way that users can already ensure such communications are encrypted.
If you use a VPN, such communications are automatically encrypted, along with all your internet traffic, ensuring your content is protected from any prying eyes. They offer the best all-round solution for the privacy-minded internet user, but it goes without saying that any laws that offer additional protections should be welcomed.