This is a presentation I did at the e-privacy 2017 - summer edition in Lucca on the ePrivacy Regulation proposal. From online and offline tracking, how to protect our conversations in OTT services, the need for collective redress, etc... In this guide we give a quick glance at all the challenges that we believe need to be taken into consideration by policy makers and other stakeholders during the ongoing debate. Relatively soon we will need the attention of the general public, and this talk is an attempt to make that happen.
201704624- e-privacy 2017 - summer edition - 24000 dati
1. Diego Naranjo – Senior Policy Advisor
@DNBSevilla diego.naranjo@edri.org
2. Diego Naranjo – Senior Policy Advisor
@DNBSevilla diego.naranjo@edri.org
“Con ventiquattromila dati”
The challenges of the ePrivacy Regulation
Featuring: Adriano CelenDATO
Check this presentation at: https://edri.org/diego/
3. 3
European Digital Rights (EDRi) is an association of civil and
human rights organisations from across Europe.
We defend rights and freedoms in the digital environment.
4. 4
(some) Human Rights frameworks
UN Declaration of human rights:
– Article 12: No one shall be subjected to arbitrary in
terference with his privacy, family, home or
correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law
against such interference or attacks.
EU Charter of Fundamental Rights
– Article 7: Respect for private and family life
– Article 8: Protection of personal data
5. 5
EU Rules on Data Protection & Privacy
Existing:
● Data Protection Directive (1995)
● “Police Directive” (1995)
● ePrivacy Directive (2002)
To be replaced respectively by
● General Data Protection Regulation – GDPR (passed in
2016, in force from May 2018)
● New “Police Directive” (passed in 2016, in force from
May 2018)
● ePrivacy Regulation (ongoing, expected for 2018)
7. 7
“Con ventiquattro mila dati
Oggi saprei perché i data brokers
Vogliono ogni istante mille dati...”
8. 8
ePrivacy
● The e-Privacy Directive was created to
complement the Data Protection Directive
● It covers specifically privacy,
confidentiality of communications and
data protection issues in the electronic
communications sector.
9. 9
ePrivacy
● The European Commission published a
proposal in January 2017.
● The proposal is a good step forward but it
has been watered down after the leak of the
text in December.
● Civil society and industry lobbyists are
already in passionate discussions about the
text: “End of the Internet as we know it!”
10. 10
ePrivacy
“...Mille data base vogliono all'ora.
Con 24000 dati
Felici corrono i profilers
Di un giorno splendido perché
Ogni secondo localizzo te...”
11. 11
ePrivacy
● Telecoms, Online advertisers, Publishers:
“We don’t need more regulation, we need to
use Big Data and profiling to create jobs and
innovation”
● Some policy makers “We like innovation and
data flows and stuff!!!!”
● European Commission: “We understand we
need to proctect privacy and confidentiality of
communications. Help us out!”
12. 12
ePrivacy
EDRi thinks that...
– We need ePrivacy to complement the GDPR in the era
of the Internet of Things, massive surveillance and
more and more e-communications
– It needs to be harmonised across the EU
– It is not about annoying cookie notices, it is about
privacy and confidentiality of communications
– Some telecoms just want to profile citizens to compete
with other Big Data businesses
– Watchout: Governments Backdoors (ie: exceptions
for “national security”)
13. 13
“Niente norme sulla protezione dei dati
meravigliose,
Credit scores appassionati,
Ma solo dati che do a te,
Ye... ye... ye... ye... ye... ye... ye !
Con 24000 dati
Così frenetici sono i Big Data
In questo giorno di follia
Ogni minuto è tutto tuo”
14. 14
ePrivacy
and specifically...
● Trust is needed: NTIA report showed that 45% of households
had refrained from certain online activities in the previous
year, due to privacy and security fears
● Broadening of the scope to other new actors, such as OTTs
(Skype, Whatsapp as common methods of communications)
● Keep the focus on tracking, rather than on specific tools
(cookies, device fingerprinting)
● We need a ban on “cookie walls” for private and public
websites
● Privacy by default, not “privacy by option”
● Collective redress needs to be ensured
15. 15
ePrivacy
Blurry issues:
● Article from the ePR allowing data retention laws:
repeal or clarify?
● OTTs using end-to-end encryption in apps: Is it
dangerous or positive for privacy to include them in the
new ePR?
● Alternatives to "free" services if people don't want
to pay for them (as EU research shows)
● Encryption backdoors and "needed access" for law
enforcement purposes
16. 16
We draw avery important
conclusion here with a
merely dark image behind it,
so the text is white...
Questions, comments, dati?
@DNBSevilla
@edri
diego.naranjo@edri.org