Hogan Lovells has published a study evaluating the ongoing legislative proposal for a new ePrivacy Regulation, a law aimed at updating the current ePrivacy framework in the EU.

Shortcomings

The firm says that after nearly three years of debates and negotiations, the European Union is nowhere near agreeing a position on how to achieve the right balance between the need for technological innovation, public security and the protection of privacy in the context of the digital economy. According to Hogan Lovells, this is due to the structure and legislative approach of the proposed ePrivacy Regulation, which, rather than complementing the GDPR as originally intended, is in some fundamental respects in conflict with it. In the context of the confidentiality of electronic communications, the proposed ePrivacy Regulation follows an approach that relies on a blanket prohibition qualified by limited exceptions, which is likely to lead to unwanted effects for the development of machine-to-machine communications, the Internet of Things and artificial intelligence.

Policy recommendations

Hogan Lovells say that in light of the shortcomings, the report provides a number of policy recommendations to improve the current text, including the following: The ePrivacy Regulation should move away from setting out narrow legal bases for the processing of specific types of data. The valuable risk-based approach of the GDPR should be applied to the ePrivacy framework. Data processing that poses no risks to individuals, particularly where data that is or is made anonymous, should be explicitly excluded from the scope of the ePrivacy Regulation. Eduardo Ustaran, global co-head of the privacy and cybersecurity practice at Hogan Lovells, said “There is clearly a need for the protection of privacy in the digital economy, but to be effective, any ePrivacy legal framework must be compatible with technological development and human progress. The European Union has the opportunity to get this balance right by applying a more flexible risk-based approach which will work now and in the future.” The report can be found here.