The E-privacy directive: Superfluous, or a solution to stop the pendulum that swings between privacy and safety?
organised by CPDP
Chair: Cornelia Kutterer, Microsoft (US)
Moderator: Els De Busser, Max Planck Institute for Foreign and International Criminal Law (DE)
Panel: Anna Buchta, EDPS (EU), Rosa Barcelo, European Comission (EU), Mikko Niva, Vodafone (FI), Bas van der Leij, WODC (NL)
As the General Data Protection Regulation is now agreed upon and will soon be formally adopted, the European Commission is due to review the e-Privacy Directive.
One of the ideas that is being considered in the review is to broaden the scope of the e-Privacy Directive to include “publicly accessible private communications networks.” This widened scope would expand the application of the Directive to most over-the-top communication providers.
Confidentiality of communications is guaranteed by different international human rights instruments – for example, the European Convention on Human Rights – as well as in Member States’ national constitutions. The e-Privacy Directive imposes a general obligation on Member States to ensure the confidentiality of communications and related traffic data and prohibits any kind of unjustified interception or surveillance. However, it also provides a derogation to this confidentiality obligation.
If the scope of the e-Privacy Directive is extended, confidentiality of communications, as an essential right, requires protection across all services. To this end, it is necessary that the law enforcement process is harmonised across Europe.
The panel will discuss whether an extension to the scope of the e-Privacy Directive could lead to more state surveillance. Given that the e-Privacy Directive should lead to more confidentiality in communications, the panel will particularly explore how law enforcement processes should be organised to preserve confidentiality and increase trust in the Digital Single Market. Key questions to be discussed include:
Could a change in the scope of the e-Privacy Directive bridge the regulatory gap between publicly accessible private networks and traditional telecoms companies?
What are the prerequisites to ensure confidentiality of communications? Would it be possible to include more stringent requirements for law enforcement warrants similar to the US Electronic Communications Privacy Act (ECPA)?
Will a reform of the e-Privacy Directive lead to a more effective protection of citizens’ right to privacy?
Are there any existing rules that should be repealed and where is a heightened level of protection required, if at all?
