Further improvements should be considered on the ePrivacy Directive

On 10 April, the European Data Protection Supervisor (EDPS) adopted an Opinion on the European Commission's proposal amending, among others, the Directive on Privacy and electronic communications, usually referred to as the ePrivacy Directive.

The European Data Protection Supervisor (EDPS) however feels that the opportunity of this review should be used to its full potential so as to ensure that the proposed changes effectively provide for a proper protection of personal data and privacy.

Peter Hustinx, who is the European Data Protection Supervisor, said: "I welcome the approach followed by the proposal which is in line with views expressed in previous opinions. However, the proposed amendments to the Directive are not as ambitious as they should be. In dealing with new issues, such as the setting up of a mandatory security breach notification system, the proposal remains too restrictive in its scope".

EDPS is calling for further improvements to the Directive that should include the following:

  • Security breach notification.
  • Scope of the Directive.
  • Right of action against spammers.

The EDPS' general objective is to ensure that the EC institutions and bodies respect the right to privacy when they process personal data and develop new policies. A number of specific duties of the EDPS are laid down in Regulation 45/2001. The three main fields of work are:

  • Supervisory tasks: which range from prior checking processing operations likely to present specific risks, to handling complaints and conducting enquiries, etc.
  • Consultative tasks: to advise EC institutions and bodies on proposals for new legislation as well as on implementing measures. Technical advances, notably in the IT sector, with an impact on data protection are monitored as part of this activity.
  • Cooperative tasks: involving work in close collaboration with national data protection authorities and acting as a member of the Article 29 Working Party.