Following today’s agreement in the Council’s Permanent Representatives Committee (COREPER) on the latest compromise proposal on the draft e-Privacy Regulation, put forward by the Council’s Portuguese Presidency, Luca Cassetti, Secretary General of Ecommerce Europe, commented:

“Ecommerce Europe welcomes the progress made on the proposal for an e-Privacy Regulation under the leadership of the Portuguese Presidency of the Council. Although some of our fundamental concerns have not been addressed, we recognise that, with the current compromise, good steps have been taken compared to earlier versions. However, we must remain cautious to ensure that the updated rules provide a balanced approach which enhances the protection of confidentiality of electronic communications, while allowing sufficient room for European businesses to flourish”.

Ecommerce Europe overall has always supported the European Commission’s intention to review the current rules enshrined in the ePrivacy Directive and achieve a greater level of harmonisation of privacy and cookie rules across the EU.

Ecommerce Europe appreciates the efforts of the Portuguese Presidency to further align the regulation with the GDPR. However, we regret that the Council has decided not to include “legitimate interest” as a possible legal basis for the processing of electronic communications metadata and for the processing and storage capabilities of, and the collection of information from end-users’ devices. While Ecommerce Europe recognises that the discussions on this draft regulation are complex, and that it has taken many in-depth policy and technical dialogues aimed at striking a balance between all the interests at hand, in view of the trialogue negotiations, we would still like to highlight the importance of maximum alignment of the ePrivacy Regulation with the GDPR.

Ecommerce Europe supports the clarification on the limited purpose of audience measurement processing activity (Article 8) and welcomes the extension of the possibility to place cookies without consent (e.g. for safety, updating reasons etc.) and the reinsertion of provisions allowing further processing of electronic communications data (including metadata) where the processing is compatible with the initial purpose for which the data was processed (Article 6). In our opinion, these elements should be maintained in the final text.

The existing limitation of the opportunity for an e-trader to use users’ e-mail addresses to advertise own similar products – which is maintained in Article 16(2) – has caused legal insecurity in the past. As suggested in the European Parliament’s LIBE Report, to prevent legal uncertainty on what similar exactly means, the term “similar” should be removed, also taking into account that customers have always an easy and free of charge right to object (opt-out) unsolicited marketing communications. In addition, we want to flag the risk of legal fragmentation, caused by enabling Member States to set a limitation period for the use of the customers’ contact details (Art. 16(2a)). Finally, Ecommerce Europe supports the Council’s approach to give businesses 24 months to bring their services in line with the Regulation.

Ecommerce Europe will constructively contribute to the upcoming trialogue discussions and continue to represent the interest of the digital commerce sector on this important Regulation.