The Parliament's two largest political groups, the European People's Party and European Democrats (EPP-ED) and the Party of European Socialists (PES), have reached agreement on compromise amendments for the second reading of the Directive on the protection of personal data in electronic communications.
On data retention, the compromise says that Member States can lift the protection of data privacy in order to conduct criminal investigations or safeguard national or public security, when this is a “necessary, appropriate and proportionate measure within a democratic society”.
For the retention of data – which must be for a “limited period” only – Member States may thus adopt legislative measures, which must be in accordance with the general principles of Community law.
The compromise also says that lawful interceptions of electronic communications should also be in accordance with the European Convention of Human Rights and Fundamental Freedoms and with the rulings of the European Court of Human Rights.
Marco Cappato, a member of the Italian Radical Party, was the Parliament’s draftsman for the legislation. His original draft did not propose data retention for such wide purposes.
Cappato opposes the amendments and yesterday called for the deletion of all references to data retention from the draft Directive. He has praised an open letter which was recently addressed to the Parliament, attacking the new proposals on data retention. The letter was signed by 40 civil liberties organisations and subsequently by more than 10,000 individuals who added their names on-line.
The concern of Cappato and the civil liberties groups is that the introduction of new retention laws in Member States “will create new risks to personal privacy, political freedom, freedom of speech, and public safety.” Cappato wants “case-by-case inquiries,” not general data retention.
On the issue of spam, the compromise position rejects recent proposals. If the EPP-ED and the PES win the Parliament vote, according to the Parliament’s press office, prior consent would be required before unsolicited e-mail can be sent, known as the opt-in approach.
This is not the position that the UK Government has favoured. It has long preferred an opt-out approach, to the annoyance of consumer groups. The most recent indications from the EU were that Member States would be left to decide whether spam should be opt-in or opt-out. The EPP-ED and PES seem to be abandoning that approach.
On the question of cookies, small text files that are sent by a web site to a user’s computer, the compromise position takes a hard-line approach, first proposed by the European Council:
“users should receive clear and comprehensive information on the purposes of cookies in advance, enabling users to refuse them.”
Arguably, this presents a threat to the efficiency of e-commerce in the EU, given that most commercial sites rely on sending cookies to users.
Parliament's vote will take place tomorrow, 30th May.