The Croatian Presidency of the Council of the European Union is just the latest EU presidency to try to tackle the ePrivacy Regulation. Finland, Romania, Austria and Bulgaria were among the countries that could not figure out ePrivacy during their presidencies, and now it's Croatia's turn at the plate. While the Committee on Civil Liberties, Justice and Home Affairs pushed forward a version of ePrivacy back in October 2017, however, progress since that vote has essentially been nonexistent.
Croatian Ministry of the Sea, Transport and Infrastructure State Secretary Josip Bilaver knows his country's presidency has a tall task ahead of it. While it will work hard to get the gears moving on ePrivacy, the Croatian Presidency wants to temper expectations.
"Finding a formula to solve it is not easy. I would even say it’s an alchemy of sorts," Bilaver said during a LIBE Committee hearing. "Given that the past seven presidencies were unable to find the proper formula, it would be preposterous from our side to say that we will be the ones to manage that. I can promise, on behalf of the Croatian Presidency, that we will do our best."
Bilaver announced the Croatian Presidency will produce its first compromise draft in February as it attempts to find that proper formula. Bilaver said the current presidency hopes to build upon the work done by the Finnish Presidency of the Council of the EU and answer some of the challenging questions surrounding ePrivacy. These include the relationship ePrivacy has with the EU General Data Protection Regulation, whether national bodies can take on the implementation of the regulation, and "the protection of terminal equipment, especially in the context of the use of cookies as a means to enable data collection on website visits."
Bilaver added the draft will include comments made by the committee members during the hearing. And comments they certainly made.
LIBE Committee members expressed their frustration over the stalled regulation. German MEP and European Parliament Special Rapporteur for the ePrivacy Regulation Birgit Sippel lamented the lack of answers on ePrivacy. Sippel said the ePrivacy Regulation was meant to stand with the GDPR and establish the protection of communication as a "very important fundamental right." Sippel doesn't believe this line of thinking has caught on.
"It’s really concerning the member states are not making progress to that extent. Instead of concentrating on the core elements of ePrivacy, the council is introducing new aspects to make things even more difficult," Sippel said. "For example, debates over the kinds of data retention. I’m sorry. If you want to have data retention and the member states want to have data retention, then fine, create a new law or ask the commission to create a new law. But you can’t do it within a file of another law."
Netherlands MEP Sophie in 't Veld echoed Sippel's sentiments, saying while she would be happy if the council does a thorough job with ePrivacy, the lengthy process has been "ridiculous." A major issue, as in 't Veld sees it, is that a lot has changed since 2017. The world has learned a lot more about how data is used and abused. In 't Veld cited Cambridge Analytica as a noteworthy example of how data misuse has affected the democratic process and wants those tasked with ePrivacy to pay attention.
"I do hope that the ministers in the council are equally aware of what’s happening in the world and that they are going to adopt something with the very first priority being the protection of our citizens, but also the protection of our society and the protection of our democracy," in 't Veld said.
The ePrivacy Regulation may be a ways off in the distance, but should it ever see daylight, certain parties do not want to see it weakened. Pirate Party MEP Patrick Breyer said, "The whole point of having a legal instrument on ePrivacy is that the confidentiality of communications needs special protection" since electronic communications are prone to mass collection. The advertising industry is lobbing to "achieve the opposite of what we are aiming for," Breyer said, and that draft provisions on censorship and the filtering of private messages are problematic.
Breyer said it could lead to situations in which post officers could use the rationale of checking for illegal images to open private letters. It could also leave phone calls and internet connections open for gathering.
"This is information collection at such a large scale that it has repeatedly been ruled invalid, disproportionate and violating fundamental rights by the European Court of Justice. It is completely unacceptable that you are trying to open a backdoor for it in the context of this directive," Breyer said. "We will fiercely oppose and fight any attempt to water down the existing level of protection in the ePrivacy Directive. We’d rather keep it than water it down. If you want to present anything that is worth discussing, you should make sure that you protect citizens better from surveillance and interception."
The committee members were strong in voicing their ePrivacy concerns, and it leaves the Croatian Presidency with a lot to think about as it works on its first compromise draft. Bilaver said the issues raised by the committee highlights why the regulation has been difficult to solve. Bilaver believes now is not the time to point fingers at anyone, as the council, commission and Parliament all have the same goal: to protect citizens' privacy.
"What I can say today is that in dialogue will all the member countries, we will do our best to finally get this important talk moving, break this standstill and achieve the progress, which, unfortunately, the others haven’t had luck with in the past," Bilaver said.