e-privacy Regulation not ready to coincide with GDPR implementation



It is hoped that the Trilogue on the EU e-privacy Regulation will start after the summer recess, the rapporteur for the European Parliament on e-privacy Regulation, MEP Birgitta Sippel said yesterday at the CPDP conference in Brussels. She said that it is important to have the GDPR and e-privacy Regulation ready at the same time. But this would now not be possible and she would not give any forecast on when the e-privacy provisions would be in force. She thought that the principle of consent needs to be strengthened, and the new Regulation could even introduce higher standards than the GDPR.

Speaking for the European Commission’s DG Justice, Karolina Mojzesowicz said that it is important that there is no duplication between the GDPR and e-privacy. It is in the Commission’s interest that the same regulators supervise both GDPR and e-privacy. “We need to provide DPAs with a full set of cooperation mechanisms as under the GDPR, for example, rules on how to deal with transborder cases.”

Rosa Barcelo from EU DG Connect said that some issues still remain where decisions need to be taken, for example, the question of transparency and browser settings, and restrictions on data retention. She thought that the European Parliament would endorse the Commission’s proposal on competent authorities, but the Council may have a different view. The Council is trying to reach a joint position by June.

The CPDP conference continues until the end of Friday, when PL&B Chief Executive, Stewart Dresner, will chair a panel on data breach notification under the GDPR. See www.cpdpconferences.org.