Proposal on the ePrivacy Directive; Cross-Device On the Radar
January 13, 2017 – Todd Ruback
This week the European Commission released its proposal to update the ePrivacy Directive.
While we are only in January, already we are seeing the inexorable march of privacy as a growing business issue. This week the European Commission, after a multi-stakeholder review process, released its proposal to update the ePrivacy Directive, known by many as the “cookie law”, with the ostensible aim to close any gaps with the GDPR. It’s important to remember that this is merely a proposal and kicks off what surely will be a significant and lengthy legislative process before we see an ePrivacy Regulation. However, there is value to be gleaned here–namely to see which ways the winds are blowing.
I’m still digesting the proposal, but some of the highlights include:
- The ePrivacy Regulation living in parallel to the GDPR
- Adopting the GDPR’s punitive level of penalties of up to 20 million Euros or 4% of a company’s global turnover (gross annual revenue)
- Forcing browsers to offer Do-Not-Track as a default setting
- Websites that rely upon digital advertising revenue can continue that practice upon notice and consent of the consumer
There’s a lot to unpack, and you can count on Evidon to do the unpacking for you, but this looks a lot like an opportunity for innovation around notice and consent, something we’ve built a business on. More on this to come.
In other news, the FTC had a busy week, hosting an important cross device tracking workshop, issuing a statement welcoming the Swiss-U.S. Shield Framework, and also announcing that Chairwoman Ramirez will resign her post at the FTC effective February 10, 2017. The cross-device workshop is noteworthy because it signals the FTC’s interest in the growing field of digital tracking across differing devices–smart phones, laptops, iPads, TVs–and we can reasonably expect more guidance from the FTC coupled with enforcement actions focused on consumers being able to easily understand and control this practice. Chairwoman Ramirez’s announcement underscores our governmental transition in stark terms. She has been an amazing chairwoman and I want to thank her for her outstanding leadership during her tenure at the FTC. She leaves big shoes to fill and I wish her much success at her next opportunity. Separately, I would be remiss if I didn’t also mention a story that is flying under the radar, namely that the NSA will soon loosen rules presently in place that govern what raw surveillance data it can share with other U.S. intelligence agencies. If true, the laxed data sharing limitations may serve as a flashpoint for those already concerned about the NSA’s surveillance activities.
In digital advertising news, enforcement of the DAA’s Self Regulatory Principles for Cross-Device guidance will begin February 1, 2017. Combined with the FTC’s focus on cross-device tracking, the digital advertising industry would be well served to pay attention and put in place mechanisms to ensure that this business practice is done the right way. In other digital news, AT&T, often a market maker, is pushing hard into mobile video advertising, joining other advertising powers like Facebook, Google, and Snapchat in this booming sector.
In Evidon news, I’ll be on a timely panel at the CPDP privacy conference in late January discussing the future of the ePrivacy Directive and ways to innovate around notice and consent. I’ll be sure to circle back and report how the panel goes. Also, don’t forget to check out this piece I’ve written on the ticking GDPR timebomb. Finally, if you would like to receive the Dispatch via email every week, please sign up here and please follow me on Twitter at @CPORuback—I’m trying to get to 1,000 followers. Help a brother out!
Until next week,
Todd Ruback, Chief Privacy & Security Officer & VP of Legal Affairs
INTERNATIONAL PRIVACY & SECURITY
Proposal for a Regulation on Privacy and Electronic Communications
The FTC Seeks Clarity On Cross-Device Tracking – But Opt-Out Remains A Murky Mire
Statement of FTC Chairwoman Edith Ramirez Following Adoption of the Swiss-U.S. Privacy Shield Framework
FTC Chairwoman Edith Ramirez Announces Resignation
Just in Time for Trump, the NSA Loosens Its Privacy Rules