EU Issues Overview – 7 January – 13 January 2017

Internet Access

Following a public consultation and stakeholder discussions, BEREC adopted its 2017 work programme .
BEREC’s key objective is to analyse the Commission’s proposal for a review of the telecoms framework and to provide the EU Institutions with input. The body will also support NRA’s efforts towards fostering connectivity and to carry out an assessment of the need to review common positions on wholesale markets and next generation access.

This week, a government-commissioned report on a UK strategy and plan for 5G and Digitisation was released, concluding that 5G will provide revolutionary new technologies and calling on the government to carry out 5G test trials by early 2018.
Following former Ofcom Director Professor William Webb’s criticism last week, Peter White, Chief Executive of Rethink Technology Research, has argued, however, that it will take a long time for 5G to evolve into a revolutionary technology and that the UK should therefore not invest too much too soon.

On 12 January, the European Commission released its proposal for an ePrivacy Regulation providing updated data protection rules for the electronic communications sector.
Notably, the scope of the regulation has been expanded to cover encompass new services delivered by apps (so-called OTT service providers) as well as the traditional telecoms operators. The EC is therefore attempting to create a level playing field between services that are functionally equivalent
The proposal aims to cut down the number cookie banners as consumers will be able to select whether or not they consent to cookies on their browser settings. Websites providing customized ads would still have to ask for consent to place cookies.

The Communication calls on Member States to remove localisation restrictions before the entry into force of the GDPR next year. According to the Commission, 21 EU countries have such laws, particularly around data on tax, accounting and health.
Instead of putting forward a legislative proposal on banning localisation requirements, the Commission followed the request of France and instead only launched a consultation on the matter, which will run until 26 April and potentially lead to legislative action later this year.

In its Communication, the Commission says it will prioritize discussions relating to adequacy decisions to enable data flows to Japan and Korea in 2017, and also potentially India, and recommits to the ongoing monitoring of existing adequacy decisions (including the EU-U.S. Privacy Shield decision).
The EU aims to facilitate trade and effective enforcement by protecting privacy and international cooperation mechanisms. The Commission will work with third countries that are engaged in promoting and adopting data protection laws to encourage data protection principles akin to those in the EU.

The proposed Regulation aims to align the existing rules, which date back to 2001, with the newer and more stringent rules set out by the GDPR of 2016. Anyone whose personal data are handled by the European institutions or agencies will benefit from higher standards of protection.

Following last week’s official announcement by the Obama administration that Russian President Vladimir Putin is responsible for massive cyber-attacks throughout the US election campaign, several governments in the EU and the EU institutions have called attention to security issues. On Thursday, the head of ENISA called on politicians to take cybersecurity seriously and start encrypting their emails.
Sweden’s Prime Minister Stefan Löfven warned that cyberattacks would be one of the biggest challenges facing the country in 2017, while the head of Germany’s domestic security agency argued that solely defensive measures are not enough. Meanwhile, France’s defense minister said concerns were growing with respect to the upcoming national elections in spring, a worry echoed by the Dutch Foreign Minister, Finally, the UK government will launch a cybersecurity inquiry to investigate the country’s level of protection from threats.

The human rights campaign group Liberty is seeking crowd funding to legally challenge the UK’s Investigatory Powers Act .
Liberty wants to initiate a high court judicial review into what it describes as mass surveillance powers under the Law, which include tracking web browsing history and hacking computers, phones and tablets “on industrial scale”.

Cryptography research showed that WhatsApp has a security backdoor that could be used by Facebook to read encrypted messages.
Privacy activists have strongly criticised the backdoor as a huge threat to freedom of speech and a way to allow government agencies to spy on users.
WhatsApp did not deny the encryption hole, but said that it “does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor”.
It claimed that the “design decision referenced in the Guardian story prevents millions of messages from being lost (such as when users change phones)”.