This week, MEPs on the Civil Rights Committee will vote on the ePrivacy regulation, which will determine how secure our data is when we are online. For the past 16 months, industry lobbies, including all those who collect or use citizens’ personal online data for advertising purposes, have been vigorously opposing new proposals on ePrivacy. On the other side of the debate, digital rights campaigners demand that citizens should enjoy optimum data privacy when online.
Industry has used tried and tested techniques straight out of the lobbyists’ playbook to influence the outcome of ePrivacy deliberations in the Commission and the Parliament. These tactics have included one-to-one lobby meetings, coordinating industry sign-up letters, mobilising corporate members, commissioning research to support industry positions, and holding or sponsoring elite events. A pro-privacy version of the Commission’s proposal which was leaked in December 2016 pumped further adrenalin into the corporate campaign, concerned about how its bottom line would be affected. Evidence indicates that member states in the Council such as Germany could be promoting industry positions.
Key to some industry lobbyists’ strategy has been the attempt to reframe the debate so that it is not about privacy but instead about media plurality, combatting fake news, and even the future of the internet, and they have regularly woven key EU buzzwords and policy mantras such as “better regulation” and “innovation” into their appeals to policy-makers.
Overall, one Parliamentary insider has characterised ePrivacy as
“one of the worst lobby campaigns I have ever seen”.
What is ePrivacy?
“We’ve lost control of our personal data,” said Tim Berners-Lee, inventor of the web on its 28th anniversary earlier this year.
Everytime you are online, via a laptop, computer, or smartphone, you are under commercial surveillance. Your digital data including the content of your emails, the websites you browse, and the purchases you have made, together with metadata (data which includes to whom, when, and where your communications are sent) is monitored and collected, including via tracking cookies and other mechanisms. This sensitive information is then sold on and used to target commercial advertising or political messaging at you, and can be used by governments too. EPrivacy must therefore ensure the confidentiality of your online communications. This can be done, for example, by banning interference in your communications (calls, chats, texts, Skype calls…); by making sure that settings on new equipment and software are designed and set at the highest privacy level ‘by default’; and that consumers who refuse to be tracked cannot be banned from visiting particular websites.
ePrivacy regulation
It was always clear that the topic of ePrivacy would be the focus of serious lobbying. Part of the Digital Single Market initiative, and closely related to the General Data Protection Regulation (GDPR) which was updated in 2016 after a long lobby battle (you can read Corporate Europe Observatory’s analysis of aspects of corporate influence on the GDPR here), the new ePrivacy regulation updates existing provisions (dating from 2002 and 2009) to take account of new and emerging technologies and platforms, and to harmonise it with the GDPR.
On ePrivacy, industry does not always speak with one voice. Telecoms companies are already subject to the current ePrivacy rules but newer platforms which enable you to communicate online such as Facebook, Google, WhatsApp, and Skype are not. Telecoms companies, already unhappy about the ePrivacy laws they must adhere to, would like them to be scarpped. Failing that, they at least want to level the playing field so that newer providers have to follow the same rules. The newer platforms would obviously prefer to keep things much as they currently are, and for ePrivacy rules not to apply to them.
Meanwhile the companies that provide online advertising fear that ePrivacy changes will undercut their current business model. This model relies on tracking users’ web-browsing, analysing metadata and content in communications, and monitoring the use of TVs and other devices, so that advertising can be targetted. The online advertising and marketing lobbies have closely collaborated on the ePrivacy dossier with newspaper and magazine publishers who are increasingly reliant on online advertising revenue derived in this way. Facebook and Google, to name just two, are also heavily reliant on surveillance-based advertising revenue, earned by monitoring users’ electronic communications.
On the other side of the debate, the European Data Protection Supervisor (the EU’s independent data protection authority), digital rights campaigners and consumer advocates point to the fundamental rights laid out in the EU treaties, especially on data privacy and the right to a private life. BEUC points out that “consumers should have the possibility to use online services without being under constant commercial surveillance”. Public opinion appears to back this approach. In the Commission’s consultation on ePrivacy, 81 per cent of the individual citizens who responded demanded ‘privacy by default’ settings to be activated on all new IT equipment. According to a Eurobarometer survey, 89 per cent of its respondents agreed with that suggestion. By contrast, a majority of industry respondents to the Commission’s consultation favoured self- or co-regulation instead.
— source corporateeurope.org 2017-10-18