Commission vows to continue legal action against UK over alleged lack of e-privacy protection. The Commission believes that UK laws do not properly implement the two EU Directives that protect online privacy, the Data Protection Directive and the Privacy and Electronic Communications (PECR) Directive.
"European laws state that EU countries must ensure the confidentiality of people's electronic communications like email or internet browsing by prohibiting their unlawful interception and surveillance without the user's consent," said a Commission statement. The Commission launched its case against the UK in April of this year. It has now read the Government's response and said that it will continue to the next phase of the case, which is the sending of a 'reasoned response'.
If the Commission is not satisfied with the UK's reply to this 'reasoned response' then it can refer the case to the European Court of Justice. BT used technology invented by Phorm to monitor some of its users' internet activity and serve them ads that Phorm believed were more appropriate for those users. UK's privacy laws illegally inadequate, says Europe. The Commission's investigation was sparked by outrage over trials by BT of a system which monitors web use and tries to match advertising to people's perceived interests.
The trials were done without BT customers' knowledge or permission. The Commission has investigated complaints made to it and to police and has found the UK's laws inadequate in protecting the privacy of communications. "The Commission has concerns that there are structural problems in the way the UK has implemented EU rules ensuring the confidentiality of communications," said a Commission statement. BT used technology made and promoted by Phorm to track users' online activity. It has since run trials in which it did ask users' permission. EU threatens UK again over data protection laws.
Unless the Information Commissioner's Office (ICO) is given the power to conduct random checks on organisations for compliance with data protection law and issue penalties based on those checks the European Commission will take action, it said.
The ICO must also be given the powers to assess other countries' data protection regimes before international transfers of information from the UK are made, the Commission said. The Commission has sent the UK a 'reasoned opinion', the second step in a three stage process of enforcing EU directives when countries do not pass them fully into law. "The case concerns the implementation of the EU’s 1995 Data Protection Directive both in UK law (the Data Protection Act of 1998) and its application by UK courts," said a Commission statement. "The Commission has worked with UK authorities to resolve a number of issues, but several remain, notably limitations of the Information Commissioner's Office's powers. "
Data protection: Commission requests UK to strengthen powers of national data protection authority, as required by EU law. Brussels, 24 June 2010 Data protection: Commission requests UK to strengthen powers of national data protection authority, as required by EU law The European Commission has requested the UK to strengthen the powers of its data protection authority so that it complies with the EU's Data Protection Directive. The Commission request takes the form of a reasoned opinion – the second stage under EU infringement procedures.
Telecoms: Commission launches case against UK over privacy and personal data protection. Brussels, 14 April 2009 “Technologies like internet behavioural advertising can be useful for businesses and consumers but they must be used in a way that complies with EU rules.
These rules are there to protect the privacy of citizens and must be rigorously enforced by all Member States," said EU Telecoms Commissioner Viviane Reding. “We have been following the Phorm case for some time and have concluded that there are problems in the way the UK has implemented parts of EU rules on the confidentiality of communications. I call on the UK authorities to change their national laws and ensure that national authorities are duly empowered and have proper sanctions at their disposal to enforce EU legislation on the confidentiality of communications.
This should allow the UK to respond more vigorously to new challenges to ePrivacy and personal data protection such as those that have arisen in the Phorm case. Background A detailed overview of telecoms infringement proceedings is available at: