New EU telecoms privacy rules will hit Facebook and Google in pocket

10 Jan 2017

Under the new rules, internet messaging services like Facebook Messenger or WhatsApp will not be able to target users with ads without their explicit consent. Image: Xavier Pironet/Shutterstock

The EU is planning tough new rules that will govern how users are tracked using messaging services like WhatsApp, Facebook Messenger and Gmail.

The proposed rules augment existing telecoms privacy legislation and aim to reinforce European citizens’ right to privacy.

Under the new rules, web giants as well as telcos will have to guarantee the confidentiality of customer conversations and will have to get their consent before tracking them in order to serve up targeted advertising.

‘Today we are also setting out our strategy to facilitate international data exchanges in the global digital economy and promote high data protection standards worldwide’
– VĚRA JOUROVÁ

As well as that, email services like Gmail and Hotmail will not be able to scan customers’ emails without gaining their prior consent.

The European Commission (EC) said today that the purpose of the new rules is to reinforce trust and security in the Digital Single Market, but at the same time, align the rules for electronic communications with the upcoming General Data Protection Regulation (GDPR), which comes into force on 25 May 2018.

GDPR has severe penalties for organisations that lose data – up to €20m, or 4pc of an organisation’s revenue.

“Our proposals will complete the EU data protection framework,” said Frans Timmermans, first vice-president of the EC.

“They will ensure that the privacy of electronic communications is protected by up-to-date and effective rules, and that European institutions will apply the same high standards that we expect from our member states.”

Anonymised or deleted: The user is in control

Under the new proposals, privacy will have to be guaranteed for both content and metadata derived from electronic communications, such as time of call and location.

Such information will need to be anonymised or deleted by both telcos and over-the-top players like WhatsApp if users have not given their consent.

The EC said that if users have granted consent, it actually provides new opportunities for traditional telecoms operators to use data and provide additional services.

The proposals also suggest simpler rules on cookies, protection against spam and more effective enforcement by data regulators.

“The European data protection legislation adopted last year sets high standards for the benefit of both EU citizens and companies,” said Věra Jourová, commissioner for justice, consumers and gender equality.

“Today we are also setting out our strategy to facilitate international data exchanges in the global digital economy and promote high data protection standards worldwide.”

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com