EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

Document 52014XX0208(04)

Executive Summary of the Opinion of the European Data Protection Supervisor on the Proposal for a Regulation of the European Parliament and of the Council laying down measures concerning the European single market for electronic communications and to achieve a Connected Continent, and amending Directives 2002/20/EC, 2002/21/EC and 2002/22/EC and Regulations (EC) No 1211/2009 and (EU) No 531/2012

OJ C 38, 8.2.2014, p. 12–13 (BG, ES, CS, DA, DE, ET, EL, EN, FR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
OJ C 38, 8.2.2014, p. 8–9 (HR)

8.2.2014   

EN

Official Journal of the European Union

C 38/12


Executive Summary of the Opinion of the European Data Protection Supervisor on the Proposal for a Regulation of the European Parliament and of the Council laying down measures concerning the European single market for electronic communications and to achieve a Connected Continent, and amending Directives 2002/20/EC, 2002/21/EC and 2002/22/EC and Regulations (EC) No 1211/2009 and (EU) No 531/2012

(The full text of this Opinion can be found in English, French and German on the EDPS website http://www.edps.europa.eu)

(2014/C 38/06)

1.   Introduction

1.1.   Consultation of the EDPS

1.

On 11 September 2013, the Commission adopted a Proposal for a Regulation laying down measures concerning the European single market for electronic communications and to achieve a Connected Continent, and amending Directives 2002/20/EC, 2002/21/EC and 2002/22/EC and Regulations (EC) No 1211/2009 and (EU) No 531/2012 (hereinafter — ‘the proposal’) (1). A request for consultation was sent by the Commission in accordance with Article 28(2) of Regulation (EC) No 45/2001, and was received by the EDPS on 23 September 2013.

2.

The EDPS had an opportunity to provide his advice before the proposal was adopted, which he welcomes. This Opinion builds on the comments provided within the context of that informal consultation.

1.2.   Context and objectives of the proposal

3.

The proposal is adopted against the background of the Digital Agenda for Europe (2), having as its overarching goal the enhancement of economic growth and social improvements derived from the European digital economy. The proposal is thus aimed at achieving a single market for electronic communications in the EU by harmonising various legal and technical aspects relating to the provision of electronic communications services to the public.

4.

The proposal, firstly, facilitates the provision of cross-border electronic communications services by enabling providers to offer services across the Union based on a single EU authorisation and thus with minimum administrative hurdles. It further harmonises the conditions of radio spectrum assignment for WiFi services, as well as the features of products allowing virtual access to fixed networks.

5.

Next, the proposal harmonises the rights of end-users, inter alia those relating to the open Internet. It also harmonises publication by providers of information on electronic communications services they offer and the inclusion of such information in contracts, as well as the modalities of switching an operator and charges applicable to roaming services.

6.

The present Opinion focuses on those aspects of the proposal which are likely to have the most significant effect on the rights to privacy and the protection of personal data as laid down in Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, as well as on the confidentiality of communications.

2.   Conclusions

43.

The EDPS recalls that respect for the rights to privacy and the protection of personal data, and for the confidentiality of communications, is crucial to building consumer trust and confidence in the European single market for electronic communications. In that regard, the EDPS provides the following key recommendations:

Traffic management measures constitute a restriction to net neutrality, which the proposal sets out as the key principle applicable to Internet use in the EU, and interfere with end-users’ rights to confidentiality of communications, privacy and personal data protection. In view of this, such measures should be subject to strict transparency, necessity and proportionality requirements. In particular:

Using traffic management for the purposes of implementing a legislative provision or preventing and impeding serious crimes may entail a wide-scale, preventive and systematic monitoring of communications content which would be contrary to Articles 7 and 8 of the EU Charter of Fundamental Rights, as well as Article 5(1) of Directive 2002/58/EC and Directive 95/46/EC. Reference to these grounds should be removed from Article 23(5)(a) of the proposal;

Article 23(5) of the proposal should provide clear information on communications inspection techniques that are allowed within the context of traffic management measures;

Article 23(5) should explicitly provide that, whenever sufficient for the achievement of one of the aims set out in that provision, traffic management measures will involve communications inspection techniques based on the sole analysis of the IP-headers, as opposed to those involving Deep Packet Inspection;

Articles 25(1) and 26 of the proposal should require the provision of information on traffic management measures, instituted for all purposes laid down in Article 23(5). In particular, these provisions should require providers to indicate the communications inspection techniques underlying such traffic management measures, as well as explain the effect of such techniques on end-users’ privacy and data protection rights;

Article 24(1), laying down the powers of national regulatory authorities to, inter alia, supervise the application of traffic management measures, should include the possibility for the latter to cooperate with national data protection authorities. Similarly, Article 25(1) should provide for a possibility for national data protection authorities to obtain for inspection information on traffic management measures before its publication;

The interrelationship between Article 7(1) of Directive 2002/58/EC and Article 27(4) of the proposal should be clarified;

Both Articles 17(1)(f) and 19(4)(e) of the proposal should be amended to include the requirement for the European virtual broadband access product and the European ASQ connectivity product, respectively, to comply with the principle of data protection by design.

Done at Brussels, 14 November 2013.

Peter HUSTINX

European Data Protection Supervisor


(1)  COM(2013) 627 final.

(2)  Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, ‘A Digital Agenda for Europe’, COM(2010) 245 final/2, 26 August 2010.


Top