Germany will seek for an agreement on the purposes for processing communications metadata, including responses to future pandemics.
A proposal at a standstill: The ePrivacy Directive of 2002 regulates the treatment of communications data and metadata in the EU, setting strict limits to the use telecoms providers can make of such data. In 2017, the European Commission proposed a new ePrivacy Regulation to replace the Directive, and update the framework to bring OTT communications services within its scope and to allow telecoms operators more freedom to use metadata to provide additional services. Since then, strong disagreements between member states (and between Council and Parliament), led to a standstill. Successive EU presidencies have tabled amended proposals with no success. Among the initiatives it’s taking for its presidency of the EU semester, Germany tabled a new ePrivacy proposal on 6 July 2020.
Member states remain divided on key issues: The presidency builds on the Croatian proposal of the previous semester, and maintains it is possible to reach a common approach – which would then form the basis for the trilogue negotiations with the EU Parliament and the EC. The most controversial aspects of the text relate to the purposes for data processing (Articles 6b and 6C), and to accessing data on terminal devices (Article 8, which would regulate the use of cookies). In particular, the Croatian presidency introduced ‘legitimate interest’ as a possible purpose for data processing, which several member states opposed, even though it would align the Regulation more closely to the GDPR. The German presidency is also floating the idea of including ‘vital interest’ as a purpose, to better tackle pandemics such as COVID-19 through the processing of electronic communications metadata.
What next? At the Working Party meeting on 13 July 2020, Member States will be asked to give their opinions on Articles 6b, 6c and 8, based on the options set out in the new working document.