Webtrends Tracking Code
 
UK Home >  OUT-LAW News >  News Archive >  2002 >  June 2002 >  Data protection law passed in Europe

Data protection law passed in Europe

OUT-LAW News, 25/06/2002

The Directive for the protection of personal data and privacy in electronic communications is today due to be passed without discussion by the Council of Ministers of the EU, introducing new rules for spam and cookies and giving Member States discretion to create laws on the retention of data.

Member States have until October 2003 to implement the provisions of the new Directive in their domestic laws. Today marks the last regulatory hurdle in passing a law that caused much controversy during its drafting. It is expected that the final text will be published next month.

The provisions of the new Directive

Data Retention

Data retention was the most contentious issue in the draft Directive. It provides that Member States can decide to lift the protection of data privacy in order to conduct criminal investigations or safeguard national or public security, when this is considered to be a “necessary, appropriate and proportionate measure within a democratic society”. There is no guidance on how this wording should be interpreted.

If Member States are legislating to allow the lifting of the protection of data privacy laws, the data can be retained for a “limited period” only. There is no guidance as to the length of period that is appropriate.

Spam

Spam will be opt-in. This means that a consumer must have indicated that he or she is willing to receive unsolicited commercial e-mail, text messages, faxes or telephone calls from automated calling systems before these communications can be legally sent. This will change the current position in the UK although it reflects the current position in some other Member States.

Where a business obtains from its existing customers their e-mail addresses in the context of sales or services, that business can use the address for direct marketing of its own similar products or services, provided the customer is given the opportunity to opt-out.

Location data

The use of mobile phone location data must be subject to the explicit consent of the individual phone user and users should have the possibility to temporarily block the processing of location data at any time.

Cookies

These are small text files that can be sent to an internet user’s computer to store certain information about that user for later use by the web site. To the relief of the European internet industry, a hands-off approach has been taken. The final wording says that storing information on an internet user’s computer or accessing such information is only allowed:

"...on condition that the subscriber or user is provided with clear and comprehensive information in accordance with [the Data Protection Directive about] the purposes of the processing and is offered the right to refuse such processing".

 

OUT-LAW Recommends

Data Protection training
We offer training courses on Data Protection and Freedom of Information laws

Winner at 2008 Webby Awards

OUT-LAW star: link to the home page
Disclaimer | Privacy | Site Map | Accessibility
Disclaimer: This was printed from OUT-LAW.COM, a service of international law firm Pinsent Masons. We hope you find this content useful. However, please note that nothing in this document constitutes specific legal advice. You should consult a suitably qualified lawyer on any specific legal problem or matter. Any questions, please email info@out-law.com.