Go back to the Europarl portal

Choisissez la langue de votre document :

  • bg - български
  • es - español
  • cs - čeština
  • da - dansk
  • de - Deutsch
  • et - eesti keel
  • el - ελληνικά
  • en - English (Selected)
  • fr - français
  • ga - Gaeilge
  • hr - hrvatski
  • it - italiano
  • lv - latviešu valoda
  • lt - lietuvių kalba
  • hu - magyar
  • mt - Malti
  • nl - Nederlands
  • pl - polski
  • pt - português
  • ro - română
  • sk - slovenčina
  • sl - slovenščina
  • fi - suomi
  • sv - svenska
Answer given by Ms Gabriel on behalf of the European Commission(16 April 2019)The Commission is aware of the vulnerability described in the question.Article 5.3 of the ePrivacy DirectiveDirective 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), as amended by Directive 2009/136/EC of 25 November 2009. protects the integrity of one's device such as a mobile phone. Specifically, it provides that the storing of information or gaining of access to information already stored in one's device is only allowed when: 1) the subscriber or user has given his or her consent; 2) it is strictly necessary for the provision of an information society service requested by the subscriber or user, or 3) it is necessary for carrying out the transmission of a communication. Any other access or storage is not allowed.Under the current regime of the ePrivacy Directive, interpersonal communication services which are Internet-based such as FaceTime, as described in the question of the Honourable Member, are not covered. With the aim of re-establishing a harmonised application of privacy of communications rules to all providers, the Commission proposed the ePrivacy RegulationProposal for a regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), COM(2017)10 final — 2017/03 (COD). and the European Electronic Communications Code that has been recently adoptedDirective (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code (Recast).. Under both instruments, the obligation to protect the confidentiality and security of electronic communications will be extended to interpersonal communications services which are Internet-based like webmail and messaging services. As a consequence, providers will have to take measures to prevent incidents like that described in the question of the Honourable Member. The Code will enter into application on 21 December 2020, while the proposal for the ePrivacy Regulation, after more than two years of negotiations, has not been agreed yet by the co-legislators. Finally, the Commission has not been seized of any particular complaints on the issue which would allow to investigate the specific case. Without prejudice to the competences of the Commission as guardian of the Treaties, the monitoring and enforcement of the application of the ePrivacy Directive falls in principle within the competence of national authorities and courts.
Last updated: 16 April 2019Legal notice