Out-Law / Your Daily Need-To-Know

Out-Law News 1 min. read

European Council votes for spam opt-in and new cookie plan

The European Council yesterday agreed that unsolicited commercial e-mail, or spam, should only be allowed where there is prior consent from individuals or where there is an existing customer relationship. This agreement still requires approval from the European Parliament.

Following debate on the "draft Directive on the processing of personal data and the protection of privacy in the electronic communications sector,” the Council reached agreement on the so-called “opt-in” approach for unsolicited commercial e-mail, which goes against the recommendation of the European Parliament to leave the choice between an opt-in and an opt-out to the Member States.

The Council said that in view of the very small number of Member States that, given this choice, would prefer an opt-out policy, the single market principle should prevail. The UK Government had been among those wanting an opt-out approach.

Another controversial aspect of the draft Directive concerned cookies. The draft favoured by the Parliament had included an obligation on web sites to obtain prior consent from users before using cookies, an obligation which would threaten the efficiency of most web sites in the EU – effectively, another opt-in requirement.

The Council yesterday rejected the opt-in proposal and instead agreed a slightly less onerous obligation: to provide users clear and comprehensive information in advance about the purposes of cookies and to offer them the possibility to refuse.

However, the amendment is unlikely to satisfy those who pointed out that, without cookies, many sites cannot function effectively. Users can already set their browsers to reject cookies and some web sites accept the commercial risk in being less accessible if users choose to reject all cookies. However, if users must be prompted by each site they visit, the law would still affect efficiency and necessitate expensive re-designs.

The draft Directive will now go back to the European Parliament for second reading – which could result in a rejection of the amendments.

The Council also decided that the draft Directive should include additional language regarding measures that Member States may take to safeguard public security interests or that are necessary for criminal investigations.

The amended text clarifies that such measures must remain within the boundaries of the European Convention on Human Rights, which means that they must be appropriate, proportional for the intended purpose and necessary within a democratic society. This should please the UK Government which had been campaigning for more flexibility in the laws covering retention of data.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.