Stronger privacy rules for online communications 

Press Releases 
  • EU privacy law to be updated to cover new communication tools
  • Stronger privacy rules for all new electronic tools
  • Ban on cookie walls blocking access to a website if no consent

MEPs want to step up protection for citizens using tools such as Messenger, WhatsApp or Skype, and other electronic communication services.

Draft proposals to ensure high standards of privacy, confidentiality and security in electronic communications across the EU were approved by the Civil Liberties Committee on Thursday. These would apply to SMS and telephone services, and would update the EU’s existing e-privacy rules to cover recently introduced internet-enabled services such as WhatsApp, Skype, Messenger and Facebook.


The text, drafted by Marju Lauristin (S&D, ET) constitutes Parliament’s draft negotiating mandate for talks with the Council on the revision of the e-privacy rules. It was passed by 31 votes to 24, with one abstention.


Banning “cookie walls”


MEPs call for a ban on “cookie walls”, which block access to a website if the person does not agree to his or her data being used by the same site. 


Snooping on personal devices via cookies or software updates, or tracking people without their clear approval through public hotspots or Wi-Fi in shopping centres, should also beprohibited, say MEPs.


“Privacy by default” settings should become standard for all software used for electronic communications and service providers must provide for strong encryption, they add.


Consent always needed for any use of personal data


MEPs want to set strict limits on data processing and insist that data should only be used for the purpose of which consent has been given by the individual.

So-called “meta-data”, which can give information about numbers called, websites visited, geographical location or the time and date a call and other sensitive data, should be treated as confidential and never passed on to third parties.




Parliament’s lead MEP Marju Lauristin (S&D, ET) said: “E-privacy can give a great competitive advantage to European companies and help them to create a real European model for digital economy, with high quality services, consumer trust and free choice”.


Next steps


The full Parliament will be asked at its plenary session in Strasbourg next week to formally confirm the committee decision to enter into negotiations with the Council.  But the Council must agree on its own negotiating mandate before talks can start.


Quick facts


The current directive on privacy in the electronic communication sector was last updated in 2009. The proposal for a revision, presented by the Commission on 10 January 2017, replaces the directive with a regulation and brings the rules into line with the General Data Protection Regulation (GDPR), which will become applicable in May 2018.


EU e-privacy rules aim to ensure the fundamental right to privacy and protection of personal data as enshrined in the Treaties.