The Commission today publishes the results of a Eurobarometer and a public consultation on EU rules which govern the processing of personal data and privacy in the electronic communications sector – the ePrivacy Directive. Results show that Europeans consistently call for strong protection of the confidentiality of their communications and effective respect of their privacy. Industry and public authorities express more diverse views, with industry in particular pleading for rules that would not stifle new opportunities and innovation related to use of data.
The review of the ePrivacy Directive is one of the key initiatives proposed under the Digital Single Market strategy in May 2015 and it aims at reinforcing trust and security in digital services in the EU.
New technological developments, including the spread of internet-based communications services, call for a modernisation of the ePrivacy rules, currently covering only traditional telecoms providers. In particular, today's rules do not apply to providers of the popular internet-based voice and messaging services – also known as "over-the-top" services – which are used by Europeans instead of, or in addition to, their mobile phones or fixed connections.
A large majority of the 27,000 respondents to the Eurobarometer survey say that the privacy of their personal information, their online communications and their online behaviour is very important. In particular:
More than seven in ten (72%) state that it is very important that the confidentiality of their e-mails and online instant messaging is guaranteed.
More than seven in ten respondents (71%) think it is not acceptable for companies to share information about them without their permission, even if it helps companies to provide new services they might like.
Almost eight in ten say (78%) it is very important that personal information on their computer, smartphone or tablet can only be accessed with their permission.
Almost two thirds of respondents (64%) say it is unacceptable to have their online activities monitored in exchange for unrestricted access to a certain website, while four in ten (40%) avoid certain websites because they are worried their online activities would be monitored.
Almost nine in ten respondents (89%) agree with the proposal that the default settings of their browser should stop their information from being shared.
Nine in ten agree they should be able to encrypt their messages and calls, so they can only be read by the recipient (90%).
More than six in ten (61%) say they receive too many unsolicited commercial calls. An almost similar number (59%) would like commercial calls to be displayed with a special prefix.
Public consultation: a mixed picture
The European Commission also ran a public consultation between 12 April and 5 July on the review of the ePrivacy Directive. 421 replies were received from citizens, consumer and civil society associations, industry actors and public authorities – such as government and national enforcement authorities of the ePrivacy Directive. The key findings of the consultation are:
83% of citizens, consumer and civil society organisations responding to the consultation consider it relevant to have specific ePrivacy rules for the electronic communications sector on confidentiality, while 63% of industry respondents do not see this added-value.
76% of citizens, consumer and civil society organisations consider that the ePrivacy Directive has been ineffective in achieving its objective of ensuring full protection of privacy and confidentiality of communications across the EU. One of the reasons cited is the limited scope of application of the ePrivacy Directive, excluding over-the-top service providers. On the other hand 57% of industry believes the Directive has achieved this objective.
76% of citizens, consumer and civil society organisations and 93% of public authorities believe the rules should (in part) be broadened to cover over-the-top service providers. On the contrary, industry is more divided as 42% do not want the scope to be broadened while 36% do.
The results of the Eurobarometer on ePrivacy and of the public consultation will feed into the review of the ePrivacy Directive which the Commission will unveil in the beginning of 2017. The aim is to adapt current rules to the new General Data Protection Regulation (GDPR) and to ensure a high level of privacy and confidentiality for users. The intention is to broaden the possibilities for communications providers to process communications data, but only with the agreement of users in the spirit of the GDPR. While the scope of the Directive currently applies to providers such as traditional telecoms companies, another key objective of the review is to include internet-based voice and messaging services. The proposal will also simplify the