EU flags in front of the European Commission
The European Commission is looking to update the regional block’s communications privacy laws, and this looks like being good news for users, but bad news for services like Skype and WhatsApp.
Currently, Skype, WhatsApp and other services like them do not fall under the control of the EU’s communication privacy laws, despite the fact that they offer both voice call and text messaging services. This is because of the way in which these services are delivered.
Because Skype, WhatsApp, and similar services run such services over the top of an existing internet connection, they are not classified as telecommunications services under the current legislation; the ePrivacy Directive 2002.
But a draft version of a new Privacy and Electronic Communications Regulation, which was revealed by Politico includes proposals to close this loophole and bring these so-called ‘over-the-top’ services into the scope of communications privacy law.
The most recent amendment to the ePrivacy Directive was made back in 2009, at the dawn of the smartphone era, and of course, there has been much technological development since then. Indeed WhatsApp now claims it’s traffic exceeds that of SMS text messages by as much as 50%.
The new proposals include a requirement for all electronic communication to be confidential and suggests outlawing any interception of such communication without the consent of the user being given.
They would also broaden the definition of what ‘electronic communication’ is to include service delivered by apps as well as those which require specific hardware and introduce a requirement for any privacy option to be set to ‘on’ by default. This means that communications providers would need users to manually opt out of privacy settings rather than requiring them to opt in.
Most privacy-conscious users would argue with plenty of justification that all of these changes are eminently sensible. But there is more.
In what is currently Article 10 of the new proposed legislation, there is a requirement on all communications providers to configure their technology to “prevent third parties from storing [and processing] information”.
And Article 16 is intended to combat the growing issue of spam emails; something which plagues pretty much every email user.
The EU has a strong track-record on upholding individual online privacy and with this draft proposal, it looks to once again be prioritising the privacy of online users.
However, it should be stressed that this is merely a draft piece of legislation and there will be much debate and amendment made to it before it passes into law if indeed it ever does.
And there is no doubt that those services which will be affected by the proposals will lobby as much as they can to either stop the law, or water down its provisions sufficiently to minimise the impact it has on them.
Of course, the various privacy advocacy groups will be fighting in the other corner too, so it remains to be seen how effective their efforts will be.
But for consumers who value the privacy of their online communications, the EU is looking like it will shortly be an even more attractive place to be based than it is already. At a time when online privacy is being undermined right across the world, it is to their credit that the EU is bucking the trend.