European Parliament 2014-2019
Committee on Civil Liberties, Justice and Home Affairs
2017/0003(COD)
14.7.2017
AMENDMENTS 136 - 331
Draft report Marju Lauristin (PE606.011v01-00)
Respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)
Proposal for a regulation (COM(2017)0010 – C8-0009/2017 – 2017/0003(COD)) AM_Com_LegReport Amendment 136 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Recital 1
Text proposed by the Commission Amendment
(1) Article 7 of the Charter of (1) Article 7 of the Charter of Fundamental Rights of the European Union Fundamental Rights of the European Union ("the Charter") protects the fundamental ("the Charter") protects the fundamental right of everyone to the respect for his or right of everyone to the respect for his or her private and family life, home and her private and family life, home and communications. Respect for the privacy communications. Respect for the privacy of one’s communications is an essential of one's communications is an essential dimension of this right. Confidentiality of dimension of this right. Confidentiality of electronic communications ensures that electronic communications ensures that information exchanged between parties and information exchanged between parties and the external elements of such the external elements of such communication, including when the communication, including information information has been sent, from where, to regarding when the information has been whom, is not to be revealed to anyone sent, from where, to whom, is not to be other than to the parties involved in a revealed to anyone other than to the communication. The principle of communicating parties. The principle of confidentiality should apply to current and confidentiality should apply to current and future means of communication, including future means of communication, including calls, internet access, instant messaging calls, internet access, instant messaging applications, e-mail, internet phone calls applications, e-mail, internet phone calls and personal messaging provided through and inter-personal messaging provided social media. through social media. It should also apply when the confidentiality of electronic communications and the privacy of the physical environment converge, i.e. where terminal devices for electronic communication can also listen into their physical environment or use other input channels such as Bluetooth signalling or movement sensors.
Or. en
Amendment 137 Cornelia Ernst
Proposal for a regulation Recital 1
Text proposed by the Commission Amendment
(1) Article 7 of the Charter of (1) Article 7 of the Charter of Fundamental Rights of the European Union Fundamental Rights of the European Union ("the Charter") protects the fundamental ("the Charter") protects the fundamental right of everyone to the respect for his or right of everyone to the respect for his or her private and family life, home and her private and family life, home and communications. Respect for the privacy communications. Respect for the privacy of one’s communications is an essential of one’s communications is an essential dimension of this right. Confidentiality of dimension of this right. Confidentiality of electronic communications ensures that electronic communications ensures that information exchanged between parties and information exchanged between parties and the external elements of such the external elements of such communication, including when the communication, including information information has been sent, from where, to regarding when the information has been whom, is not to be revealed to anyone sent, from where, to whom, is not to be other than to the parties involved in a revealed to anyone other than to the communication. The principle of communicating parties. The principle of confidentiality should apply to current and confidentiality should apply to current and future means of communication, including future means of communication, including calls, internet access, instant messaging calls, internet access, instant messaging applications, e-mail, internet phone calls applications, e-mail, internet phone calls and personal messaging provided through and messaging provided through social social media. media.
Or. en
Amendment 138 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 2
Text proposed by the Commission Amendment
(2) The content of electronic (2) Electronic communications data communications may reveal highly may reveal highly sensitive information sensitive information about the natural about the natural persons involved in the persons involved in the communication, communication, from personal experiences from personal experiences and emotions to and emotions to medical conditions, sexual medical conditions, sexual preferences and preferences and political views, the political views, the disclosure of which disclosure of which could result in personal could result in personal and social harm, and social harm, economic loss or economic loss or embarrassment. embarrassment. For the content of Similarly, metadata derived from electronic communications, the Court of Justice has communications may also reveal very clarified that access on a generalised sensitive and personal information. These basis by parties other than the metadata includes the numbers called, the communication partners and the websites visited, geographical location, the communications service provider must be time, date and duration when an individual regarded as compromising the essence of made a call etc., allowing precise the fundamental right to respect for conclusions to be drawn regarding the private life, which is never acceptable. private lives of the persons involved in the Similarly, metadata derived from electronic electronic communication, such as their communications may also reveal very social relationships, their habits and sensitive and personal information. These activities of everyday life, their interests, metadata includes the numbers called, the tastes etc. websites visited, geographical location, the time, date and duration when an individual made a call etc., allowing precise conclusions to be drawn regarding the private lives of the persons involved in the electronic communication, such as their social relationships, their habits and activities of everyday life, their interests, tastes etc. Metadata can also be processed and analysed much easier than content, as it is already brought into a structured and standardised format. The protection of confidentiality of communications is an essential condition for the respect of other connected fundamental rights and freedoms, such as the protection of freedom of thought, conscience and religion, freedom of assembly, freedom of expression and information.
Or. en
Amendment 139 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 2
Text proposed by the Commission Amendment
(2) The content of electronic (2) The content of electronic communications may reveal highly communications may reveal highly sensitive information about the natural sensitive information about the natural persons involved in the communication, persons involved in the communication. from personal experiences and emotions Similarly, metadata derived from electronic to medical conditions, sexual preferences communications may also reveal very and political views, the disclosure of sensitive and personal information. These which could result in personal and social metadata includes the numbers called, the harm, economic loss or embarrassment. websites visited, geographical location, the Similarly, metadata derived from electronic time, date and duration when an individual communications may also reveal very made a call etc., allowing conclusions to be sensitive and personal information. These drawn regarding the private lives of the metadata includes the numbers called, the persons involved in the electronic websites visited, geographical location, the communication. time, date and duration when an individual made a call etc., allowing precise conclusions to be drawn regarding the private lives of the persons involved in the electronic communication, such as their social relationships, their habits and activities of everyday life, their interests, tastes etc.
Or. en
Amendment 140 Maria Grapini
Proposal for a regulation Recital 2
Text proposed by the Commission Amendment
(2) Conținutul comunicațiilor (2) Conținutul comunicațiilor electronice poate dezvălui informații electronice poate dezvălui informații extrem de sensibile despre persoanele extrem de sensibile despre persoanele fizice implicate în comunicare, de la fizice implicate în comunicare, de la experiențe și emoții personale, la starea de experiențe și emoții personale, la starea de sănătate, preferințe sexuale și opinii sănătate, preferințe sexuale, opinii politice politice, a căror divulgare ar putea conduce și orientări religioase a căror divulgare ar la prejudicii personale și sociale, pierderi putea conduce la prejudicii personale și economice sau situații neplăcute. În mod sociale, pierderi economice sau situații similar, metadatele provenite din neplăcute. În mod similar, metadatele comunicațiile electronice pot, de asemenea, provenite din comunicațiile electronice au dezvălui informații extrem de sensibile și un înalt grad de confidențialitate şi pot, de cu caracter personal. Aceste metadate asemenea, dezvălui informații extrem de includ numerele apelate, site-urile web sensibile și cu caracter personal. Aceste vizitate, localizarea geografică, ora, data și metadate includ numerele apelate, site-urile durata unui apel telefonic efectuat de o web vizitate, localizarea geografică, ora, persoană etc., ceea ce ar permite să se tragă data și durata unui apel telefonic efectuat concluzii precise cu privire la viața privată de o persoană etc., ceea ce ar permite să se a persoanelor implicate în comunicațiile tragă concluzii precise cu privire la viața electronice, cum ar fi, de exemplu, cele privată a persoanelor implicate în referitoare la relațiile sociale, obiceiurile și comunicațiile electronice, cum ar fi, de activitățile acestora din viața de zi cu zi, exemplu, cele referitoare la relațiile interesele și preferințele lor, etc. sociale, obiceiurile și activitățile acestora din viața de zi cu zi, interesele și preferințele lor, etc. Protecția confidențialității comunicațiilor este prioritară și importantă și de aceea ar trebui să fie stabilite reguli precise pentru a consolida încrederea și securitatea in piața unică digitală.
Or. ro
Amendment 141 Daniel Dalton, John Procter
Proposal for a regulation Recital 3
Text proposed by the Commission Amendment
(3) Electronic communications data deleted may also reveal information concerning legal entities, such as business secrets or other sensitive information that has economic value. Therefore, the provisions of this Regulation should apply to both natural and legal persons. Furthermore, this Regulation should ensure that provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council21 , also apply to end-users who are legal persons. This includes the definition of consent under Regulation (EU) 2016/679. When reference is made to consent by an end-user, including legal persons, this definition should apply. In addition, legal persons should have the same rights as end-users that are natural persons regarding the supervisory authorities; furthermore, supervisory authorities under this Regulation should also be responsible for monitoring the application of this Regulation regarding legal persons. ______21 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1–88). Or. en
Amendment 142 Anna Maria Corazza Bildt
Proposal for a regulation Recital 3
Text proposed by the Commission Amendment
(3) Electronic communications data deleted may also reveal information concerning legal entities, such as business secrets or other sensitive information that has economic value. Therefore, the provisions of this Regulation should apply to both natural and legal persons. Furthermore, this Regulation should ensure that provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council21 , also apply to end-users who are legal persons. This includes the definition of consent under Regulation (EU) 2016/679. When reference is made to consent by an end-user, including legal persons, this definition should apply. In addition, legal persons should have the same rights as end-users that are natural persons regarding the supervisory authorities; furthermore, supervisory authorities under this Regulation should also be responsible for monitoring the application of this Regulation regarding legal persons. ______21 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1–88).
Or. en
Amendment 143 Heinz K. Becker
Proposal for a regulation Recital 3
Text proposed by the Commission Amendment
(3) Elektronische (3) Elektronische Kommunikationsdaten können zudem Kommunikationsdaten können zudem Informationen über juristische Personen Informationen über juristische Personen wie Geschäftsgeheimnisse oder andere wie Geschäftsgeheimnisse oder andere sensible Informationen offenlegen, die sensible Informationen offenlegen, die einen wirtschaftlichen Wert haben. einen wirtschaftlichen Wert haben. Die Deshalb sollten die Bestimmungen dieser Bestimmungen dieser Verordnung sollten Verordnung sowohl für natürliche als auf juristische Personen insofern zur auch für juristische Personen gelten. Anwendung kommen, als es notwendig ist Außerdem sollte diese Verordnung um das Kommunikationsgeheimnis zu sicherstellen, dass die Verordnung (EU) schützen. 2016/679 des Europäischen Parlaments und des Rates21 auch für Endnutzer gilt, die juristische Personen sind. Dies bezieht sich auch auf die Begriffsbestimmung für „Einwilligung“ in der Verordnung (EU) 2016/679. Bei Bezugnahmen auf die Einwilligung von Endnutzern, einschließlich juristischer Personen, sollte diese Begriffsbestimmung gelten. Außerdem sollten juristische Personen gegenüber den Aufsichtsbehörden dieselben Rechte haben wie Endnutzer, die natürliche Personen sind; die nach dieser Verordnung zuständigen Aufsichtsbehörden sollten zudem auch für die Überwachung der Anwendung dieser Verordnung im Hinblick auf juristische Personen zuständig sein. ______21 Verordnung (EU) 2016/679 des Europäischen Parlaments und des Rates vom 27. April 2016 zum Schutz natürlicher Personen bei der Verarbeitung personenbezogener Daten, zum freien Datenverkehr und zur Aufhebung der Richtlinie 95/46/EG (Datenschutz- Grundverordnung) (ABl. L 119 vom 4.5.2016, S. 1).
Or. de
Amendment 144 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 3
Text proposed by the Commission Amendment
(3) Electronic communications data (3) Electronic communications data may also reveal information concerning may also reveal information concerning legal entities, such as business secrets or legal entities, such as business secrets or other sensitive information that has other sensitive information that has economic value. Therefore, the provisions economic value. Therefore, the provisions of this Regulation should apply to both of this Regulation should apply to both natural and legal persons. Furthermore, this natural and legal persons. Furthermore, this Regulation should ensure that provisions of Regulation should ensure that certain the Regulation (EU) 2016/679 of the provisions of the Regulation (EU) European Parliament and of the Council21 , 2016/679 of the European Parliament and also apply to end-users who are legal of the Council21, also apply to subscribers persons. This includes the definition of who are legal persons. This includes the consent under Regulation (EU) 2016/679. confidentiality and security of their When reference is made to consent by an communications data and the definition of end-user, including legal persons, this consent under Regulation (EU) 2016/679. definition should apply. In addition, legal When reference is made to consent by a persons should have the same rights as subscriber, including legal persons, this end-users that are natural persons definition should apply. In addition, legal regarding the supervisory authorities; persons should have the same rights as furthermore, supervisory authorities under subscribers that are natural persons this Regulation should also be responsible regarding the supervisory authorities; for monitoring the application of this furthermore, supervisory authorities Regulation regarding legal persons. established on the basis of Regulation (EU) 2016/679 should also be responsible for monitoring the application of this Regulation regarding legal persons. ______21 Regulation (EU) 2016/679 of the 21 Regulation (EU) 2016/679 of the European Parliament and of the Council of European Parliament and of the Council of 27 April 2016 on the protection of natural 27 April 2016 on the protection of natural persons with regard to the processing of persons with regard to the processing of personal data and on the free movement of personal data and on the free movement of such data, and repealing Directive such data, and repealing Directive 95/46/EC (General Data Protection 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1–88). Regulation) (OJ L 119, 4.5.2016, p. 1–88).
Or. en
Amendment 145 Cornelia Ernst
Proposal for a regulation Recital 3
Text proposed by the Commission Amendment
(3) Electronic communications data (3) Electronic communications data may also reveal information concerning may also reveal information concerning legal entities, such as business secrets or legal entities, such as business secrets or other sensitive information that has other sensitive information that has economic value. Therefore, the provisions economic value. Therefore, certain of this Regulation should apply to both provisions of this Regulation should apply natural and legal persons. Furthermore, this to both natural and legal persons. Regulation should ensure that provisions of Furthermore, this Regulation should ensure the Regulation (EU) 2016/679 of the that provisions of the Regulation (EU) European Parliament and of the Council21 , 2016/679 of the European Parliament and also apply to end-users who are legal of the Council21 ,also apply to end-users persons. This includes the definition of who are legal persons. This includes the consent under Regulation (EU) 2016/679. confidentiality and security of their When reference is made to consent by an communications data and the definition of end-user, including legal persons, this consent under Regulation (EU) 2016/679. definition should apply. In addition, legal When reference is made to consent by an persons should have the same rights as end-user, including legal persons, this end-users that are natural persons regarding definition should apply. In addition, legal the supervisory authorities; furthermore, persons should have the same rights as supervisory authorities under this end-users that are natural persons regarding Regulation should also be responsible for the supervisory authorities; furthermore, monitoring the application of this supervisory authorities established on the Regulation regarding legal persons. basis of Regulation (EU) 2016/679 should also be responsible for monitoring the application of this Regulation regarding legal persons. ______21 Regulation (EU) 2016/679 of the 21 Regulation (EU) 2016/679 of the European Parliament and of the Council of European Parliament and of the Council of 27 April 2016 on the protection of natural 27 April 2016 on the protection of natural persons with regard to the processing of persons with regard to the processing of personal data and on the free movement of personal data and on the free movement of such data, and repealing Directive such data, and repealing Directive 95/46/EC (General Data Protection 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1–88). Regulation) (OJ L 119, 4.5.2016, p. 1–88).
Or. en
Amendment 146 Maria Grapini
Proposal for a regulation Recital 3
Text proposed by the Commission Amendment
(3) Datele transmise în cadrul (3) Datele transmise în cadrul comunicațiilor electronice pot, de comunicațiilor electronice pot, de asemenea, să divulge informații referitoare asemenea, să divulge informații referitoare la persoane juridice, cum ar fi secrete de la persoane juridice, cum ar fi secrete de afaceri sau alte informații sensibile cu afaceri, secrete comerciale, sau alte valoare economică. Prin urmare, informații sensibile cu valoare economică. dispozițiile prezentului regulament ar Prin urmare, dispozițiile prezentului trebui să se aplice atât persoanelor fizice, regulament ar trebui să se aplice atât cât și persoanelor juridice. În plus, persoanelor fizice, cât și persoanelor prezentul regulament ar trebui să asigure juridice. În plus, prezentul regulament ar faptul că dispozițiile Regulamentului (UE) trebui să asigure faptul că dispozițiile 2016/679 al Parlamentului European și al Regulamentului (UE) 2016/679 al Consiliului21 se aplică, de asemenea, Parlamentului European și al Consiliului21 utilizatorilor finali care sunt persoane se aplică, de asemenea, utilizatorilor finali juridice. Aceasta include definiția care sunt persoane juridice. Aceasta consimțământului în temeiul include definiția consimțământului în Regulamentului (UE) 2016/679. Atunci temeiul Regulamentului (UE) 2016/679. când se face trimitere la consimțământul Atunci când se face trimitere la utilizatorilor finali, inclusiv al persoanelor consimțământul utilizatorilor finali, juridice, ar trebui să se aplice această inclusiv al persoanelor juridice, ar trebui să definiție. În plus, persoanele juridice ar se aplice această definiție. În plus, trebui să aibă aceleași drepturi ca și persoanele juridice ar trebui să aibă utilizatorii finali care sunt persoane fizice aceleași drepturi ca și utilizatorii finali care în ceea ce privește autoritățile de sunt persoane fizice în ceea ce privește supraveghere, care ar trebui, în temeiul autoritățile de supraveghere, care ar trebui, prezentului regulament, să fie responsabile în temeiul prezentului regulament, să fie cu monitorizarea aplicării acestuia cu responsabile cu monitorizarea aplicării privire la persoanele juridice. acestuia cu privire la persoanele juridice. ______21 Regulamentul (UE) 2016/679 al 21 Regulamentul (UE) 2016/679 al Parlamentului European și al Consiliului Parlamentului European și al Consiliului din 27 aprilie 2016 privind protecția din 27 aprilie 2016 privind protecția persoanelor fizice în ceea ce privește persoanelor fizice în ceea ce privește prelucrarea datelor cu caracter personal și prelucrarea datelor cu caracter personal și privind libera circulație a acestor date și de privind libera circulație a acestor date și de abrogare a Directivei 95/46/CE abrogare a Directivei 95/46/CE (Regulamentul general privind protecția (Regulamentul general privind protecția datelor), (JO L 119, 4.5.2016, p. 1-88). datelor), (JO L 119, 4.5.2016, p. 1-88).
Or. ro
Amendment 147 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 4
Text proposed by the Commission Amendment
(4) Pursuant to Article 8(1) of the (4) Pursuant to Article 8(1) of the Charter and Article 16(1) of the Treaty on Charter and Article 16(1) of the Treaty on the Functioning of the European Union, the Functioning of the European Union, everyone has the right to the protection of everyone has the right to the protection of personal data concerning him or her. personal data concerning him or her. Regulation (EU) 2016/679 lays down rules Regulation (EU) 2016/679 lays down rules relating to the protection of natural persons relating to the protection of natural persons with regard to the processing of personal with regard to the processing of personal data and rules relating to the free data and rules relating to the free movement of personal data. Electronic movement of personal data. Since communications data may include personal electronic communications data may data as defined in Regulation (EU) include personal data as defined in 2016/679. Regulation (EU) 2016/679, the provisions related to the protection of natural persons apply to that extent in regard to the processing of personal data.
Or. en
Amendment 148 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 4
Text proposed by the Commission Amendment
(4) Pursuant to Article 8(1) of the (4) Pursuant to Article 8(1) of the Charter and Article 16(1) of the Treaty on Charter and Article 16(1) of the Treaty on the Functioning of the European Union, the Functioning of the European Union, everyone has the right to the protection of everyone has the right to the protection of personal data concerning him or her. personal data concerning him or her. Regulation (EU) 2016/679 lays down rules Regulation (EU) 2016/679 lays down rules relating to the protection of natural persons relating to the protection of natural persons with regard to the processing of personal with regard to the processing of personal data and rules relating to the free data and rules relating to the free movement of personal data. Electronic movement of personal data. Electronic communications data may include personal communications data are generally data as defined in Regulation (EU) personal data as defined in Regulation 2016/679. (EU) 2016/679, at least where the users or subscribers are natural persons. Or. en
Amendment 149 Cornelia Ernst
Proposal for a regulation Recital 4
Text proposed by the Commission Amendment
(4) Pursuant to Article 8(1) of the (4) Pursuant to Article 8(1) of the Charter and Article 16(1) of the Treaty on Charter and Article 16(1) of the Treaty on the Functioning of the European Union, the Functioning of the European Union, everyone has the right to the protection of everyone has the right to the protection of personal data concerning him or her. personal data concerning him or her. Regulation (EU) 2016/679 lays down rules Regulation (EU) 2016/679 lays down rules relating to the protection of natural persons relating to the protection of natural persons with regard to the processing of personal with regard to the processing of personal data and rules relating to the free data and rules relating to the free movement of personal data. Electronic movement of personal data. Electronic communications data may include personal communications data generally data as defined in Regulation (EU) are personal data as defined in Regulation 2016/679. (EU) 2016/679.
Or. en
Amendment 150 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Recital 5
Text proposed by the Commission Amendment
(5) The provisions of this Regulation (5) The provisions of this Regulation particularise and complement the general particularise and complement the general rules on the protection of personal data laid rules on the protection of personal data laid down in Regulation (EU) 2016/679 as down in Regulation (EU) 2016/679 as regards electronic communications data regards electronic communications data that qualify as personal data. This that qualify as personal data. This Regulation therefore does not lower the Regulation therefore does not lower the level of protection enjoyed by natural level of protection enjoyed by natural persons under Regulation (EU) 2016/679. persons under Regulation (EU) 2016/679. Processing of electronic communications On the contrary, it aims to provide data by providers of electronic additional, and complementary, communications services should only be safeguards taking into account the need for additional protection as regards the permitted in accordance with this confidentiality of communications. Regulation. Processing of electronic communications data should only be permitted in accordance with, and on a legal ground specifically provided under, this Regulation.
Or. en
Amendment 151 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 5
Text proposed by the Commission Amendment
(5) The provisions of this Regulation (5) The provisions of this Regulation particularise and complement the general complement the general rules on the rules on the protection of personal data laid protection of personal data laid down in down in Regulation (EU) 2016/679 as Regulation (EU) 2016/679 as regards regards electronic communications data electronic communications data that that qualify as personal data. This qualify as personal data and do not go Regulation therefore does not lower the beyond or contradict the high level of level of protection enjoyed by natural protection set down in Regulation (EU) persons under Regulation (EU) 2016/679. 2016/679. This Regulation therefore does Processing of electronic communications not lower the level of protection enjoyed data by providers of electronic by natural persons under Regulation (EU) communications services should only be 2016/679. Processing of electronic permitted in accordance with this communications data by providers of Regulation. electronic communications services should only be permitted in accordance with this Regulation.
Or. en
Amendment 152 Maria Grapini
Proposal for a regulation Recital 5
Text proposed by the Commission Amendment
(5) Dispozițiile prezentului regulament (5) Dispozițiile prezentului regulament detaliază și completează normele generale detaliază și completează normele generale privind protecția datelor cu caracter privind protecția datelor cu caracter personal prevăzute în Regulamentul (UE) personal prevăzute în Regulamentul (UE) 2016/679 referitoare la datele transmise în 2016/679 referitoare la datele transmise în cadrul comunicațiilor electronice care se cadrul comunicațiilor electronice care se încadrează în categoria datelor cu caracter încadrează în categoria datelor cu caracter personal. Prin urmare, prezentul personal. Prin urmare, prezentul regulament nu reduce nivelul de protecție regulament nu reduce nivelul de protecție de care beneficiază persoanele fizice în de care beneficiază persoanele fizice în temeiul Regulamentului (UE) 2016/679. temeiul Regulamentului (UE) 2016/679. Prelucrarea datelor transmise în cadrul Prelucrarea datelor transmise în cadrul comunicațiilor electronice de către comunicațiilor electronice de către furnizorii de servicii de comunicații furnizorii de servicii de comunicații electronice ar trebui să fie permisă numai electronice ar trebui să fie permisă numai în conformitate cu prezentul regulament. cu respectarea garanţiilor privind prelucrarea datelor în conformitate cu prezentul regulament.
Or. ro
Amendment 153 Cornelia Ernst
Proposal for a regulation Recital 5
Text proposed by the Commission Amendment
(5) The provisions of this Regulation (5) The provisions of this Regulation particularise and complement the general particularise and complement the general rules on the protection of personal data laid rules on the protection of personal data laid down in Regulation (EU) 2016/679 as down in Regulation (EU) 2016/679 as regards electronic communications data regards electronic communications data that qualify as personal data. This that qualify as personal data. This Regulation therefore does not lower the Regulation therefore does not lower the level of protection enjoyed by natural level of protection enjoyed by natural persons under Regulation (EU) 2016/679. persons under Regulation (EU) 2016/679. Processing of electronic communications Processing of electronic communications data by providers of electronic data should only be permitted in communications services should only be accordance with this Regulation. permitted in accordance with this Regulation.
Or. en
Amendment 154 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 6
Text proposed by the Commission Amendment
(6) While the principles and main (6) While the principles and main provisions of Directive 2002/58/EC of the provisions of Directive 2002/58/EC of the European Parliament and of the Council22 European Parliament and of the Council22 remain generally sound, that Directive has remain generally sound, that Directive has not fully kept pace with the evolution of not fully kept pace with the evolution of technological and market reality, resulting technological and market reality, resulting in an inconsistent or insufficient effective in insufficient clarity and inconsistent protection of privacy and confidentiality in enforcement of the protection of privacy relation to electronic communications. and confidentiality in relation to electronic Those developments include the entrance communications. Those developments on the market of electronic include the entrance on the market of communications services that from a electronic communications services that consumer perspective are substitutable to from a consumer perspective are traditional services, but do not have to substitutable to traditional services, or new comply with the same set of rules. techniques that allow for tracking of online Another development concerns new behaviour of end-users, both of which are techniques that allow for tracking of online covered by Regulation (EU) 2016/679. behaviour of end-users, which are not covered by Directive 2002/58/EC. Directive 2002/58/EC should therefore be repealed and replaced by this Regulation. ______22 Directive 2002/58/EC of the European 22 Directive 2002/58/EC of the European Parliament and of the Council of 12 July Parliament and of the Council of 12 July 2002 concerning the processing of personal 2002 concerning the processing of personal data and the protection of privacy in the data and the protection of privacy in the electronic communications sector electronic communications sector (Directive on privacy and electronic (Directive on privacy and electronic communications) (OJ L 201, 31.7.2002, communications) (OJ L 201, 31.7.2002, p.37). p.37).
Or. en
Amendment 155 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 6
Text proposed by the Commission Amendment
(6) While the principles and main (6) While the principles and main provisions of Directive 2002/58/EC of the provisions of Directive 2002/58/EC of the European Parliament and of the Council22 European Parliament and of the Council22 remain generally sound, that Directive has remain generally sound, that Directive has not fully kept pace with the evolution of not fully kept pace with the evolution of technological and market reality, resulting technological and market reality, resulting in an inconsistent or insufficient effective in an inconsistent or insufficient effective protection of privacy and confidentiality in protection of privacy and confidentiality in relation to electronic communications. relation to electronic communications. Those developments include the entrance Those developments include the entrance on the market of electronic on the market of electronic communications services that from a communications services that from a consumer perspective are substitutable to consumer perspective are substitutable to traditional services, but do not have to traditional services, but do not have to comply with the same set of rules. Another comply with the same set of rules. Another development concerns new techniques that development concerns new techniques that allow for tracking of online behaviour of allow for tracking of users, which are not end-users, which are not covered by covered by Directive 2002/58/EC. Directive 2002/58/EC. Directive Directive 2002/58/EC should therefore be 2002/58/EC should therefore be repealed repealed and replaced by this Regulation. and replaced by this Regulation. ______22 Directive 2002/58/EC of the European 22 Directive 2002/58/EC of the European Parliament and of the Council of 12 July Parliament and of the Council of 12 July 2002 concerning the processing of personal 2002 concerning the processing of personal data and the protection of privacy in the data and the protection of privacy in the electronic communications sector electronic communications sector (Directive on privacy and electronic (Directive on privacy and electronic communications) (OJ L 201, 31.7.2002, communications) (OJ L 201, 31.7.2002, p.37). p.37).
Or. en
Amendment 156 Cornelia Ernst
Proposal for a regulation Recital 6
Text proposed by the Commission Amendment
(6) While the principles and main (6) While the principles and main provisions of Directive 2002/58/EC of the provisions of Directive 2002/58/EC of the European Parliament and of the Council22 European Parliament and of the Council22 remain generally sound, that Directive has remain generally sound, that Directive has not fully kept pace with the evolution of not fully kept pace with the evolution of technological and market reality, resulting technological and market reality, resulting in an inconsistent or insufficient effective in an inconsistent or insufficient effective protection of privacy and confidentiality in protection of privacy and confidentiality in relation to electronic communications. relation to electronic communications. Those developments include the entrance Those developments include the entrance on the market of electronic on the market of electronic communications services that from a communications services that from a consumer perspective are substitutable to consumer perspective are substitutable to traditional services, but do not have to traditional services, but do not have to comply with the same set of rules. Another comply with the same set of rules. Another development concerns new techniques that development concerns new techniques that allow for tracking of online behaviour of allow for tracking of users, which are not end-users, which are not covered by covered by Directive 2002/58/EC. Directive 2002/58/EC. Directive Directive 2002/58/EC should therefore be 2002/58/EC should therefore be repealed repealed and replaced by this Regulation. and replaced by this Regulation. ______22 Directive 2002/58/EC of the European 22 Directive 2002/58/EC of the European Parliament and of the Council of 12 July Parliament and of the Council of 12 July 2002 concerning the processing of personal 2002 concerning the processing of personal data and the protection of privacy in the data and the protection of privacy in the electronic communications sector electronic communications sector (Directive on privacy and electronic (Directive on privacy and electronic communications) (OJ L 201, 31.7.2002, communications) (OJ L 201, 31.7.2002, p.37). p.37).
Or. en
Amendment 157 Cornelia Ernst
Proposal for a regulation Recital 7
Text proposed by the Commission Amendment
(7) The Member States should be deleted allowed, within the limits of this Regulation, to maintain or introduce national provisions to further specify and clarify the application of the rules of this Regulation in order to ensure an effective application and interpretation of those rules. Therefore, the margin of discretion, which Member States have in this regard, should maintain a balance between the protection of private life and personal data and the free movement of electronic communications data.
Or. en
Amendment 158 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 7
Text proposed by the Commission Amendment
(7) The Member States should be deleted allowed, within the limits of this Regulation, to maintain or introduce national provisions to further specify and clarify the application of the rules of this Regulation in order to ensure an effective application and interpretation of those rules. Therefore, the margin of discretion, which Member States have in this regard, should maintain a balance between the protection of private life and personal data and the free movement of electronic communications data.
Or. en
Justification
This recital must have slipped through the quality control of the Commission. It would undermine the approach of harmonisation of the Digital Single Market by means of a Regulation.
Amendment 159 Emilian Pavel
Proposal for a regulation Recital 7
Text proposed by the Commission Amendment
(7) The Member States should be deleted allowed, within the limits of this Regulation, to maintain or introduce national provisions to further specify and clarify the application of the rules of this Regulation in order to ensure an effective application and interpretation of those rules. Therefore, the margin of discretion, which Member States have in this regard, should maintain a balance between the protection of private life and personal data and the free movement of electronic communications data.
Or. en
Amendment 160 Sophia in 't Veld
Proposal for a regulation Recital 7
Text proposed by the Commission Amendment
(7) The Member States should be (7) The European Data Protection allowed, within the limits of this Board should, where necessary, issue Regulation, to maintain or introduce guidance and opinions within the limits of national provisions to further specify and this Regulation, to maintain or introduce clarify the application of the rules of this national provisions to further specify and Regulation in order to ensure an effective clarify the application of the rules of this application and interpretation of those Regulation in order to ensure an effective rules. Therefore, the margin of discretion, application and interpretation of those which Member States have in this regard, rules. Cooperation and consistency should maintain a balance between the between Member States, in particular protection of private life and personal data between national Data and the free movement of electronic Protection Authorities, is essential communications data. to maintain a balance between the protection of private life and personal data and the free movement of electronic communications data.
Or. en
Amendment 161 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Viviane Reding, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 7
Text proposed by the Commission Amendment
(7) The Member States should be (7) The European Data Protection allowed, within the limits of this Board should, where necessary, issue Regulation, to maintain or introduce guidance and opinions within the limits of national provisions to further specify and this Regulation, to further clarify the clarify the application of the rules of this application of the rules of this Regulation Regulation in order to ensure an effective in order to ensure an effective application application and interpretation of those and interpretation of those rules. These rules. Therefore, the margin of discretion, guidance and opinions should take into which Member States have in this regard, account the dual objective of this should maintain a balance between the Regulation, therefore they should maintain protection of private life and personal data a balance between the protection of private and the free movement of electronic life and personal data and the free communications data. movement of electronic communications data.
Or. en
Amendment 162 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 8
Text proposed by the Commission Amendment
(8) This Regulation should apply to (8) This Regulation should apply to providers of electronic communications providers of electronic communications services, to providers of publicly available services, to providers of publicly available directories, and to software providers directories, and to hardware and software permitting electronic communications, providers permitting electronic including the retrieval and presentation of communications, including the retrieval information on the internet. This and presentation of information on the Regulation should also apply to natural and internet. This Regulation should also apply legal persons who use electronic to natural and legal persons who use communications services to send direct electronic communications services to send marketing commercial communications or direct marketing commercial collect information related to or stored in communications or collect information end-users’ terminal equipment. related to, processed by or stored in subscribers' terminal equipment.
Or. en
Amendment 163 Cornelia Ernst
Proposal for a regulation Recital 8
Text proposed by the Commission Amendment
(8) This Regulation should apply to (8) This Regulation should apply to providers of electronic communications providers of electronic communications services, to providers of publicly available services, to providers of publicly available directories, and to software providers directories, and to providers of equipment permitting electronic communications, permitting electronic communications, including the retrieval and presentation of including the retrieval and presentation of information on the internet. This information on the internet. This Regulation should also apply to natural and Regulation should also apply to natural and legal persons who use electronic legal persons who use electronic communications services to send direct communications services to send direct marketing commercial communications or marketing commercial communications or collect information related to or stored in process information related to or stored in end-users’ terminal equipment. end-users’ terminal equipment.
Or. en
Amendment 164 Anna Maria Corazza Bildt
Proposal for a regulation Recital 8
Text proposed by the Commission Amendment
(8) This Regulation should apply to (8) This Regulation should apply to providers of electronic communications providers of electronic communications services, to providers of publicly available services, to providers of publicly available directories, and to software providers directories, and to software providers permitting electronic communications, permitting electronic communications, including the retrieval and presentation of including the retrieval and presentation of information on the internet. This information on the internet. This Regulation should also apply to natural Regulation should also apply to natural and legal persons who use electronic persons who use electronic communications services to send direct communications services to send direct marketing commercial communications or marketing commercial communications or collect information related to or stored in collect information related to or stored in end-users’ terminal equipment. consumers’ terminal equipment.
Or. en
Amendment 165 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 8 a (new)
Text proposed by the Commission Amendment
(8 a) This Regulation permits the processing of electronic communications data and of information conveyed to, stored in, retrieved from or otherwise processed in relation to terminal equipment to the extent strictly necessary and proportionate for the purposes of ensuring network and information security, i.e. the ability of networks or information systems to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted electronic communications data, and the security of the related services offered by, or accessible via, those networks and systems. Such processing is permitted to providers of electronic communications networks and services, to users, as well as to relevant third parties such as public authorities, computer emergency response teams (CERTs), computer security incident response teams (CSIRTs) and providers of security technologies and services.
Or. en
Amendment 166 Cornelia Ernst
Proposal for a regulation Recital 9
Text proposed by the Commission Amendment
(9) This Regulation should apply to (9) This Regulation should apply to electronic communications data processed electronic communications data processed in connection with the provision and use of in connection with the provision and use of electronic communications services in the electronic communications services in the Union, regardless of whether or not the Union, regardless of whether or not the processing takes place in the Union. processing takes place in the Union. Moreover, in order not to deprive end-users Moreover, in order not to deprive end-users in the Union of effective protection, this in the Union of effective protection, this Regulation should also apply to electronic Regulation should also apply to electronic communications data processed in communications data processed in connection with the provision of electronic connection with the provision of electronic communications services from outside the communications services from outside the Union to end-users in the Union. Union to end-users in the Union. This Regulation shall apply to electronic communications data processed in connection with the provision and use of electronic communications services, both paid and free of charge.
Or. en
Amendment 167 Daniel Dalton, John Procter
Proposal for a regulation Recital 9
Text proposed by the Commission Amendment
(9) This Regulation should apply to (9) This Regulation should apply to electronic communications data processed electronic communications data processed in connection with the provision and use of in connection with the offering and use of electronic communications services in the electronic communications services in the Union, regardless of whether or not the Union, regardless of whether or not the processing takes place in the Union. processing takes place in the Union. Moreover, in order not to deprive end-users Moreover, in order not to deprive end-users in the Union of effective protection, this in the Union of effective protection, this Regulation should also apply to electronic Regulation should also apply to electronic communications data processed in communications data processed in connection with the provision of electronic connection with the provision of electronic communications services from outside the communications services from outside the Union to end-users in the Union. Union to end-users in the Union. The mere accessibility of the electronic communication service in the Union is not sufficient to ascertain such intention.
Or. en
Amendment 168 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 9
Text proposed by the Commission Amendment
(9) This Regulation should apply to (9) This Regulation should apply to electronic communications data processed electronic communications data processed in connection with the provision and use of in connection with the provision and use of electronic communications services in the electronic communications services in the Union, regardless of whether or not the Union, regardless of whether or not the processing takes place in the Union. processing takes place in the Union. Moreover, in order not to deprive end- Moreover, in order not to deprive users in the Union of effective protection, subscribers in the Union of effective this Regulation should also apply to protection, this Regulation should also electronic communications data processed apply to electronic communications data in connection with the provision of processed in connection with the provision electronic communications services from of electronic communications services outside the Union to end-users in the from outside the Union to subscribers in Union. the Union. This should be the case irrespective of whether the electronic communications are connected to a payment or not.
Or. en
Amendment 169 Maria Grapini
Proposal for a regulation Recital 9
Text proposed by the Commission Amendment
(9) Prezentul regulament ar trebui să se (9) Prezentul regulament ar trebui să se aplice datelor transmise în cadrul aplice datelor transmise în cadrul comunicațiilor electronice care sunt comunicațiilor electronice care sunt prelucrate în legătură cu furnizarea și prelucrate în legătură cu furnizarea și utilizarea serviciilor de comunicații utilizarea serviciilor de comunicații electronice în Uniune, indiferent dacă electronice în Uniune, indiferent dacă prelucrarea are loc sau nu pe teritoriul prelucrarea are loc sau nu pe teritoriul Uniunii. În plus, pentru a nu priva Uniunii. În plus, pentru a nu priva utilizatorii finali din Uniune de o protecție utilizatorii finali din Uniune de o protecție eficace, prezentul regulament ar trebui să eficace, în condiţii de siguranţă şi cu un se aplice și în cazul datelor transmise în înalt grad de confidențialitate, prezentul cadrul comunicațiilor electronice care sunt regulament ar trebui să se aplice și în cazul prelucrate în legătură cu furnizarea datelor transmise în cadrul comunicațiilor serviciilor de comunicații electronice din electronice care sunt prelucrate în legătură afara Uniunii către utilizatorii finali din cu furnizarea serviciilor de comunicații Uniune. electronice din afara Uniunii către utilizatorii finali din Uniune.
Or. ro
Amendment 170 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 9 a (new)
Text proposed by the Commission Amendment
(9 a) For the purpose of this Regulation, where the provider of an electronic communications service is not established in the Union, it shall designate a representative in the Union. The representative should be designated in writing. The representative may be the same as the one designated under Article 27 of Regulation (EU) 2016/679.
Or. en
Amendment 171 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 10
Text proposed by the Commission Amendment
(10) Radio equipment and its software (10) Radio equipment and its software which is placed on the internal market in which is placed on the internal market in the Union, must comply with Directive the Union, must comply with Directive 2014/53/EU of the European Parliament 2014/53/EU of the European Parliament and of the Council23 . This Regulation and of the Council23 . This Regulation should not affect the applicability of any of should not affect the applicability of any of the requirements of Directive 2014/53/EU the requirements of Directive 2014/53/EU nor the power of the Commission to adopt nor the power of the Commission to adopt delegated acts pursuant to Directive delegated acts pursuant to Directive 2014/53/EU requiring that specific 2014/53/EU requiring that specific categories or classes of radio equipment categories or classes of radio equipment incorporate safeguards to ensure that incorporate safeguards to ensure that personal data and privacy of end-users are personal data and privacy of subscribers protected. are protected. ______23 Directive 2014/53/EU of the European 23 Directive 2014/53/EU of the European Parliament and of the Council of 16 April Parliament and of the Council of 16 April 2014 on the harmonisation of the laws of 2014 on the harmonisation of the laws of the Member States relating to the making the Member States relating to the making available on the market of radio equipment available on the market of radio equipment and repealing Directive 1999/5/EC (OJ L and repealing Directive 1999/5/EC (OJ L 153, 22.5.2014, p. 62). 153, 22.5.2014, p. 62). Or. en
Amendment 172 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 11
Text proposed by the Commission Amendment
(11) The services used for (11) The services used for communications purposes, and the communications purposes, and the technical means of their delivery, have technical means of their delivery, have evolved considerably. End-users evolved considerably. End-users increasingly replace traditional voice increasingly replace traditional voice telephony, text messages (SMS) and telephony, text messages (SMS) and electronic mail conveyance services in electronic mail conveyance services in favour of functionally equivalent online favour of functionally equivalent online services such as Voice over IP, messaging services such as Voice over IP, messaging services and web-based e-mail services. In services and web-based e-mail services. In order to ensure an effective and equal order to ensure an effective and equal protection of end-users when using protection of end-users when using functionally equivalent services, this functionally equivalent services, this Regulation uses the definition of electronic Regulation uses the definition of electronic communications services set forth in the communications services set forth in the [Directive of the European Parliament and [Directive of the European Parliament and of the Council establishing the European of the Council establishing the European Electronic Communications Code24 ]. That Electronic Communications Code24 ]. That definition encompasses not only internet definition encompasses not only internet access services and services consisting access services and services consisting wholly or partly in the conveyance of wholly in the conveyance of signals but signals but also interpersonal also interpersonal communications communications services, which may or services, which may or may not be may not be number-based, such as for number-based, such as for example, Voice example, Voice over IP, messaging over IP, messaging services and web-based services and web-based e-mail services. e-mail services. The protection of confidentiality of communications is crucial also as regards interpersonal communications services that are ancillary to another service; therefore, such type of services also having a communication functionality should be covered by this Regulation. ______24 Commission proposal for a Directive of 24 Commission proposal for a Directive of the European Parliament and of the the European Parliament and of the Council establishing the European Council establishing the European Electronic Communications Code (Recast) Electronic Communications Code (Recast) (COM/2016/0590 final - 2016/0288 (COM/2016/0590 final - 2016/0288 (COD)). (COD)).
Or. en
Amendment 173 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 11
Text proposed by the Commission Amendment
(11) The services used for (11) The services used for communications purposes, and the communications purposes, and the technical means of their delivery, have technical means of their delivery, have evolved considerably. End-users evolved considerably. End-users increasingly replace traditional voice increasingly replace traditional voice telephony, text messages (SMS) and telephony, text messages (SMS) and electronic mail conveyance services in electronic mail conveyance services in favour of functionally equivalent online favour of functionally equivalent online services such as Voice over IP, messaging services such as Voice over IP, messaging services and web-based e-mail services. In services and web-based e-mail services. In order to ensure an effective and equal order to ensure an effective and equal protection of end-users when using protection of end-users when using functionally equivalent services, this functionally equivalent services, this Regulation uses the definition of electronic Regulation uses the definition of electronic communications services set forth in the communications services set forth in the [Directive of the European Parliament and [Directive of the European Parliament and of the Council establishing the European of the Council establishing the European Electronic Communications Code24 ]. That Electronic Communications Code24 ]. That definition encompasses not only internet definition encompasses not only internet access services and services consisting access services and services consisting wholly or partly in the conveyance of wholly or partly in the conveyance of signals but also interpersonal signals but also interpersonal communications services, which may or communications services, which may or may not be number-based, such as for may not be number-based, such as for example, Voice over IP, messaging example, Voice over IP, messaging services and web-based e-mail services. services and web-based e-mail services. The protection of confidentiality of communications is crucial also as regards interpersonal communications services that are ancillary to another service; therefore, such type of services also having a communication functionality should be covered by this Regulation. ______24 Commission proposal for a Directive of 24 Commission proposal for a Directive of the European Parliament and of the the European Parliament and of the Council establishing the European Council establishing the European Electronic Communications Code (Recast) Electronic Communications Code (Recast) (COM/2016/0590 final - 2016/0288 (COM/2016/0590 final - 2016/0288 (COD)). (COD)).
Or. en
Amendment 174 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Recital 11
Text proposed by the Commission Amendment
(11) The services used for (11) The services used for communications purposes, and the communications purposes, and the technical means of their delivery, have technical means of their delivery, have evolved considerably. End-users evolved considerably. Users and increasingly replace traditional voice subscribers increasingly replace traditional telephony, text messages (SMS) and voice telephony, text messages (SMS) and electronic mail conveyance services in electronic mail conveyance services in favour of functionally equivalent online favour of functionally equivalent online services such as Voice over IP, messaging services such as Voice over IP, messaging services and web-based e-mail services. In services and web-based e-mail services, order to ensure an effective and equal also known as "over-the-top services" protection of end-users when using (OTTs). This Regulation aims at ensuring functionally equivalent services, this an effective and equal protection of users Regulation uses the definition of and subscribers when using functionally electronic communications services set equivalent services, so as to ensure the forth in the [Directive of the European confidentiality of their communication, Parliament and of the Council irrespective of the technological medium establishing the European Electronic chosen.. That definition encompasses not Communications Code24 ]. That definition only internet access services and services encompasses not only internet access consisting wholly or partly in the services and services consisting wholly or conveyance of signals but also partly in the conveyance of signals but also interpersonal communications services, interpersonal communications services, which may or may not be number-based, which may or may not be number-based, such as for example, Voice over IP, such as for example, Voice over IP, messaging services and web-based e-mail messaging services and web-based e-mail services. The protection of confidentiality services. The protection of confidentiality of communications is crucial also as of communications is crucial also as regards interpersonal communications regards interpersonal communications services that are ancillary to another services that are ancillary to another service, such as internal messaging, service; therefore, such type of services newsfeeds, timelines and similar functions in online services where messages are also having a communication functionality exchanged with other users within or should be covered by this Regulation. outside that service; therefore, such type of services also having a communication functionality should be covered by this Regulation. ______24 Commission proposal for a Directive of the European Parliament and of the Council establishing the European Electronic Communications Code (Recast) (COM/2016/0590 final - 2016/0288 (COD)).
Or. en
Amendment 175 Cornelia Ernst
Proposal for a regulation Recital 11
Text proposed by the Commission Amendment
(11) The services used for (11) The services used for communications purposes, and the communications purposes, and the technical means of their delivery, have technical means of their delivery, have evolved considerably. End-users evolved considerably. End-users increasingly replace traditional voice increasingly replace traditional voice telephony, text messages (SMS) and telephony, text messages (SMS) and electronic mail conveyance services in electronic mail conveyance services in favour of functionally equivalent online favour of functionally equivalent online services such as Voice over IP, messaging services such as Voice over IP, messaging services and web-based e-mail services. In services and web-based e-mail services. order to ensure an effective and equal This Regulation should ensure an effective protection of end-users when using and equal protection of the confidentiality functionally equivalent services, this of communications of end-users, and their Regulation uses the definition of privacy, when using functionally electronic communications services set equivalent services. That definition forth in the [Directive of the European encompasses not only internet access Parliament and of the Council services and services consisting wholly or establishing the European Electronic partly in the conveyance of signals but also Communications Code24 ]. That definition interpersonal communications services, encompasses not only internet access which may or may not be number-based, services and services consisting wholly or such as for example, Voice over IP, partly in the conveyance of signals but also messaging services and web-based e-mail interpersonal communications services, services. The protection of confidentiality which may or may not be number-based, of communications is crucial also as such as for example, Voice over IP, regards interpersonal communications messaging services and web-based e-mail services that are ancillary to another services. The protection of confidentiality service, such as internal messaging, of communications is crucial also as newsfeeds, closed groups, timelines and regards interpersonal communications similar functions in online services where services that are ancillary to another messages are exchanged with other users service; therefore, such type of services within or outside that service; therefore, also having a communication functionality such type of services also having a should be covered by this Regulation. communication functionality should be covered by this Regulation. ______24 Commission proposal for a Directive of the European Parliament and of the Council establishing the European Electronic Communications Code (Recast) (COM/2016/0590 final - 2016/0288 (COD)).
Or. en
Amendment 176 Daniel Dalton, John Procter
Proposal for a regulation Recital 12
Text proposed by the Commission Amendment
(12) Connected devices and machines deleted increasingly communicate with each other by using electronic communications networks (Internet of Things). The transmission of machine-to-machine communications involves the conveyance of signals over a network and, hence, usually constitutes an electronic communications service. In order to ensure full protection of the rights to privacy and confidentiality of communications, and to promote a trusted and secure Internet of Things in the digital single market, it is necessary to clarify that this Regulation should apply to the transmission of machine-to- machine communications. Therefore, the principle of confidentiality enshrined in this Regulation should also apply to the transmission of machine-to-machine communications. Specific safeguards could also be adopted under sectorial legislation, as for instance Directive 2014/53/EU.
Or. en
Amendment 177 Axel Voss, Heinz K. Becker, Rachida Dati, Brice Hortefeux
Proposal for a regulation Recital 12
Text proposed by the Commission Amendment
(12) Connected devices and machines deleted increasingly communicate with each other by using electronic communications networks (Internet of Things). The transmission of machine-to-machine communications involves the conveyance of signals over a network and, hence, usually constitutes an electronic communications service. In order to ensure full protection of the rights to privacy and confidentiality of communications, and to promote a trusted and secure Internet of Things in the digital single market, it is necessary to clarify that this Regulation should apply to the transmission of machine-to- machine communications. Therefore, the principle of confidentiality enshrined in this Regulation should also apply to the transmission of machine-to-machine communications. Specific safeguards could also be adopted under sectorial legislation, as for instance Directive 2014/53/EU.
Or. en
Justification
Recital 12 includes networked devices and machines within the scope of the proposal. Not all of the definitions or of the scope of the proposal are clear. That would render the impact on machine-to-machine communication (e.g. in the car industry, logistics or smart homes) uncertain. It is not clear where the conveyance of communications under ePrivacy begins and where data transmission under Regulation (EU) No 2016/679 begins.
Amendment 178 Anna Maria Corazza Bildt
Proposal for a regulation Recital 12
Text proposed by the Commission Amendment
(12) Connected devices and machines deleted increasingly communicate with each other by using electronic communications networks (Internet of Things). The transmission of machine-to-machine communications involves the conveyance of signals over a network and, hence, usually constitutes an electronic communications service. In order to ensure full protection of the rights to privacy and confidentiality of communications, and to promote a trusted and secure Internet of Things in the digital single market, it is necessary to clarify that this Regulation should apply to the transmission of machine-to- machine communications. Therefore, the principle of confidentiality enshrined in this Regulation should also apply to the transmission of machine-to-machine communications. Specific safeguards could also be adopted under sectorial legislation, as for instance Directive 2014/53/EU.
Or. en
Amendment 179 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 12
Text proposed by the Commission Amendment
(12) Connected devices and machines deleted increasingly communicate with each other by using electronic communications networks (Internet of Things). The transmission of machine-to-machine communications involves the conveyance of signals over a network and, hence, usually constitutes an electronic communications service. In order to ensure full protection of the rights to privacy and confidentiality of communications, and to promote a trusted and secure Internet of Things in the digital single market, it is necessary to clarify that this Regulation should apply to the transmission of machine-to- machine communications. Therefore, the principle of confidentiality enshrined in this Regulation should also apply to the transmission of machine-to-machine communications. Specific safeguards could also be adopted under sectorial legislation, as for instance Directive 2014/53/EU.
Or. en
Amendment 180 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 12
Text proposed by the Commission Amendment
(12) Connected devices and machines (12) Connected devices and machines increasingly communicate with each other increasingly communicate with each other by using electronic communications by using electronic communications networks (Internet of Things). The networks (Internet of Things). The transmission of machine-to-machine transmission of machine-to-machine communications involves the conveyance communications involves the conveyance of signals over a network and, hence, of signals over a network and, hence, usually constitutes an electronic usually constitutes an electronic communications service. In order to ensure communications service. In order to ensure full protection of the rights to privacy and full protection of the rights to privacy and confidentiality of communications, and to confidentiality of communications, and to promote a trusted and secure Internet of promote a trusted and secure Internet of Things in the digital single market, it is Things in the digital single market, it is necessary to clarify that this Regulation necessary to clarify that this Regulation should apply to the transmission of should apply to the transmission of machine-to-machine communications. machine-to-machine communications. In Therefore, the principle of confidentiality the context of automated supply-chains enshrined in this Regulation should also and elsewhere in the manufacturing or apply to the transmission of machine-to- industrial context, the communication by machine communications. Specific the machines involved may not be inter- safeguards could also be adopted under personal and may not involve natural sectorial legislation, as for instance persons. However, its confidentiality still Directive 2014/53/EU. needs protection in order to protect internal business information. Therefore, the principle of confidentiality enshrined in this Regulation should also apply to the transmission of machine-to-machine communications. Specific safeguards could also be adopted under sectorial legislation, as for instance Directive 2014/53/EU.
Or. en
(see justification for new Article 5(2))
Amendment 181 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 13
Text proposed by the Commission Amendment
(13) The development of fast and (13) The development of fast and efficient wireless technologies has fostered efficient wireless technologies has fostered the increasing availability for the public of the increasing availability for the public of internet access via wireless networks internet access via wireless networks accessible by anyone in public and semi- accessible by anyone in public and semi- private spaces such as 'hotspots' situated at private spaces such as wireless internet different places within a city, department access points situated at different places stores, shopping malls and hospitals. To within a city, department stores, shopping the extent that those communications malls, hospitals, airports, hotels and networks are provided to an undefined restaurants. Those access points might group of end-users, the confidentiality of require a login or provide a password and the communications transmitted through might be provided also by public such networks should be protected. The administrations, including Union bodies fact that wireless electronic and agencies. To the extent that those communications services may be ancillary communications networks are provided to to other services should not stand in the users, the confidentiality of the way of ensuring the protection of communications transmitted through such confidentiality of communications data and networks should be protected. The fact that application of this Regulation. Therefore, wireless electronic communications this Regulation should apply to electronic services may be ancillary to other services communications data using electronic should not stand in the way of ensuring the communications services and public protection of confidentiality of communications networks. In contrast, this communications data and application of Regulation should not apply to closed this Regulation. Therefore, this Regulation groups of end-users such as corporate should apply to electronic communications networks, access to which is limited to data using electronic communications members of the corporation. services and public communications networks. This regulation should also apply to closed social media profiles and groups that the users have defined as private. In contrast, this Regulation should not apply to closed groups of subscribers such as corporate networks, access to which is limited to members of an organisation.
Or. en
Amendment 182 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Brice Hortefeux, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 13
Text proposed by the Commission Amendment
(13) The development of fast and (13) The development of fast and efficient wireless technologies has fostered efficient wireless technologies has fostered the increasing availability for the public of the increasing availability for the public of internet access via wireless networks internet access via wireless networks accessible by anyone in public and semi- accessible by anyone in public and semi- private spaces such as 'hotspots' situated at private spaces such as 'hotspots' situated at different places within a city, department different places within a city, department stores, shopping malls and hospitals. To stores, shopping malls and hospitals. To the extent that those communications the extent that those communications networks are provided to an undefined networks are provided to an undefined group of end-users, the confidentiality of group of end-users, the confidentiality of the communications transmitted through the communications transmitted through such networks should be protected. The such networks should be protected. The fact that wireless electronic fact that wireless electronic communications services may be ancillary communications services may be ancillary to other services should not stand in the to other services should not stand in the way of ensuring the protection of way of ensuring the protection of confidentiality of communications data and confidentiality of communications data and application of this Regulation. Therefore, application of this Regulation. Therefore, this Regulation should apply to electronic this Regulation should apply to electronic communications data using electronic communications data using electronic communications services and public communications services and public communications networks. In contrast, this communications networks. It should apply Regulation should not apply to closed to restricted-access services offered by groups of end-users such as corporate social network services, such as user- created groups or private messaging, as networks, access to which is limited to long as the social network service as a members of the corporation. whole is publicly available. In contrast, this Regulation should not apply to closed groups of end-users such as corporate networks, access to which is limited to members of the corporation.
Or. en
Amendment 183 Sophia in 't Veld
Proposal for a regulation Recital 13
Text proposed by the Commission Amendment
(13) The development of fast and (13) The development of fast and efficient wireless technologies has fostered efficient wireless technologies has fostered the increasing availability for the public of the increasing availability for the public of internet access via wireless networks internet access via wireless networks accessible by anyone in public and semi- accessible by anyone in public and semi- private spaces such as 'hotspots' situated at private spaces such as 'hotspots' situated at different places within a city, department different places within a city, department stores, shopping malls and hospitals. To stores, shopping malls and hospitals. To the extent that those communications the extent that those communications networks are provided to an undefined networks are provided to an undefined group of end-users, the confidentiality of group of end-users, the confidentiality of the communications transmitted through the communications transmitted through such networks should be protected. The such networks should be protected. The fact that wireless electronic fact that wireless electronic communications services may be ancillary communications services may be ancillary to other services should not stand in the to other services should not stand in the way of ensuring the protection of way of ensuring the protection of confidentiality of communications data and confidentiality of communications data and application of this Regulation. Therefore, application of this Regulation. Therefore, this Regulation should apply to electronic this Regulation should apply to electronic communications data using electronic communications data using electronic communications services and public communications services and public communications networks. In contrast, this communications networks. In contrast, this Regulation should not apply to closed Regulation should not apply to closed groups of end-users such as corporate groups of end-users such as corporate networks, access to which is limited to networks, access to which is limited to members of the corporation. members of the corporation. The mere requirement of a password should not be considered as providing access to a closed group of end-users if the access is provided to an undefined group of end- users.
Or. en
Amendment 184 Daniel Dalton, John Procter
Proposal for a regulation Recital 13
Text proposed by the Commission Amendment
(13) The development of fast and (13) The development of fast and efficient wireless technologies has fostered efficient wireless technologies has fostered the increasing availability for the public of the increasing availability for the public of internet access via wireless networks internet access via wireless networks accessible by anyone in public and semi- accessible by anyone in public and semi- private spaces such as 'hotspots' situated at private spaces such as 'hotspots' situated at different places within a city, department different places within a city, department stores, shopping malls and hospitals. To stores, shopping malls and hospitals. To the extent that those communications the extent that those communications networks are provided to an undefined networks are provided to an undefined group of end-users, the confidentiality of group of end-users, the confidentiality of the communications transmitted through the communications transmitted through such networks should be protected. The such networks should be protected. This fact that wireless electronic Regulation should apply to electronic communications services may be ancillary communications data using publicly to other services should not stand in the available electronic communications way of ensuring the protection of services and public communications confidentiality of communications data networks. In this context, publicly and application of this Regulation. available means only services intended for Therefore, this Regulation should apply to consumers. It should not include services electronic communications data using intended for business users, nor should electronic communications services and the means of the delivery of the service in public communications networks. In question, whether obtained over the contrast, this Regulation should not apply public internet or not have any bearing on to closed groups of end-users such as the interpretation of whether the service is corporate networks, access to which is publicly available or not. This Regulation limited to members of the corporation. should not apply to closed groups of end- users such as corporate networks, access to which is limited to members of the corporation.
Or. en
Amendment 185 Anna Maria Corazza Bildt
Proposal for a regulation Recital 13
Text proposed by the Commission Amendment
(13) The development of fast and (13) The development of fast and efficient wireless technologies has fostered efficient wireless technologies has fostered the increasing availability for the public of the increasing availability for the public of internet access via wireless networks internet access via wireless networks accessible by anyone in public and semi- accessible by anyone in public and semi- private spaces such as 'hotspots' situated at private spaces such as 'hotspots' situated at different places within a city, department different places within a city, department stores, shopping malls and hospitals. To stores, shopping malls and hospitals. To the extent that those communications the extent that those communications networks are provided to an undefined networks are provided to an undefined group of end-users, the confidentiality of group of end-users, the confidentiality of the communications transmitted through the communications transmitted through such networks should be protected. The such networks should be protected. fact that wireless electronic Therefore, this Regulation should apply to communications services may be ancillary electronic communications data using to other services should not stand in the electronic communications services which way of ensuring the protection of are targeting the general public and confidentiality of communications data public communications networks. This and application of this Regulation. Regulation should not apply to closed Therefore, this Regulation should apply to groups of end-users such as corporate electronic communications data using networks access to which is limited to electronic communications services and members of the corporation. However, public communications networks. In even if undefined end-users use the contrast, this Regulation should not apply network in question in the context of the to closed groups of end-users such as activities of the defined group of end- corporate networks, access to which is users, it should not preclude them from limited to members of the corporation. being considered outside the material scope of the Regulation.
Or. en
Amendment 186 Cornelia Ernst
Proposal for a regulation Recital 13
Text proposed by the Commission Amendment
(13) The development of fast and (13) The development of fast and efficient wireless technologies has fostered efficient wireless technologies has fostered the increasing availability for the public of the increasing availability for the public of internet access via wireless networks internet access via wireless networks accessible by anyone in public and semi- accessible by anyone in public and semi- private spaces such as 'hotspots' situated private spaces such as wireless internet at different places within a city, access points. The confidentiality of the department stores, shopping malls and communications transmitted through such hospitals. To the extent that those networks should be protected. The fact that communications networks are provided to wireless electronic communications an undefined group of end-users, the services may be ancillary to other services confidentiality of the communications should not stand in the way of ensuring the transmitted through such networks should protection of confidentiality of be protected. The fact that wireless communications data and application of electronic communications services may be this Regulation. Therefore, this Regulation ancillary to other services should not stand should apply to electronic communications in the way of ensuring the protection of data using electronic communications confidentiality of communications data and services and public communications application of this Regulation. Therefore, networks. This regulation should also this Regulation should apply to electronic apply to closed social media profiles and communications data using electronic groups that the users have defined as communications services and public private. In contrast, this Regulation should communications networks. In contrast, this not apply to closed groups of users such as Regulation should not apply to closed corporate networks, access to which is groups of end-users such as corporate limited to members of an organisation. networks, access to which is limited to members of the corporation.
Or. en
Amendment 187 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 14
Text proposed by the Commission Amendment
(14) Electronic communications data (14) Electronic communications data should be defined in a sufficiently broad should be defined in a sufficiently broad and technology neutral way so as to and technology neutral way so as to encompass any information concerning the encompass any information concerning the content transmitted or exchanged content transmitted or exchanged (electronic communications content) and (electronic communications content) and the information concerning an end-user of the information concerning a user or electronic communications services subscriber of electronic communications processed for the purposes of transmitting, services processed for the purposes of distributing or enabling the exchange of transmitting, distributing or enabling the electronic communications content; exchange of electronic communications including data to trace and identify the content; including data to trace and identify source and destination of a communication, the source and destination of a geographical location and the date, time, communication, geographical location and duration and the type of communication. the date, time, duration and the type of Whether such signals and the related data communication. It should also include are conveyed by wire, radio, optical or location data, such as for example, the electromagnetic means, including satellite location of the terminal equipment from networks, cable networks, fixed (circuit- or to which a phone call or an internet and packet-switched, including internet) connection has been made or the wireless and mobile terrestrial networks, electricity access points that a device is connected to. cable systems, the data related to such It should also include data necessary to signals should be considered as electronic identify users' terminal equipment and communications metadata and therefore be data emitted by terminal equipment when subject to the provisions of this Regulation. searching for access points or other Electronic communications metadata may equipment. Whether such signals and the include information that is part of the related data are conveyed by wire, radio, subscription to the service when such optical or electromagnetic means, information is processed for the purposes including satellite networks, cable of transmitting, distributing or exchanging networks, fixed (circuit- and packet- electronic communications content. switched, including internet) and mobile terrestrial networks, electricity cable systems, the data related to such signals should be considered as electronic communications metadata and therefore be subject to the provisions of this Regulation. Electronic communications metadata may include information that is part of the subscription to the service when such information is processed for the purposes of transmitting, distributing or exchanging electronic communications content. The exclusion of services providing "content transmitted using electronic communications networks" from the definition of "electronic communications service" in Article 4 of this Regulation does not mean that service providers who offer both electronic communications services and content services are outside the scope of the provisions of the Regulation which applies to the providers of electronic communications services.
Or. en
Justification
This clarifies that wifi- or bluetooth tracking is processing of metadata. See amendment to Article 8(2) and the definition of “metadata” in Article 4.
Amendment 188 Cornelia Ernst
Proposal for a regulation Recital 14
Text proposed by the Commission Amendment
(14) Electronic communications data (14) Electronic communications data should be defined in a sufficiently broad should be defined in a sufficiently broad and technology neutral way so as to and technology neutral way so as to encompass any information concerning the encompass any information concerning the content transmitted or exchanged content transmitted or exchanged (electronic communications content) and (electronic communications content) and the information concerning an end-user of the information concerning an end-user of electronic communications services electronic communications services processed for the purposes of transmitting, processed for the purposes of transmitting, distributing or enabling the exchange of distributing or enabling the exchange of electronic communications content; electronic communications content; including data to trace and identify the including data to trace and identify the source and destination of a communication, source and destination of a communication, geographical location and the date, time, geographical location and the date, time, duration and the type of communication. duration and the type of communication. It Whether such signals and the related data should also include location data, such as are conveyed by wire, radio, optical or the location of the terminal equipment electromagnetic means, including satellite from or to which a phone call or an networks, cable networks, fixed (circuit- internet connection has been made or the and packet-switched, including internet) wireless access points that a device is and mobile terrestrial networks, electricity connected to. It should also include data cable systems, the data related to such necessary to identify users' terminal signals should be considered as electronic equipment and data emitted by terminal communications metadata and therefore be equipment when searching for access subject to the provisions of this Regulation. points or other equipment. Whether such Electronic communications metadata may signals and the related data are conveyed include information that is part of the by wire, radio, optical or electromagnetic subscription to the service when such means, including satellite networks, cable information is processed for the purposes networks, fixed (circuit- and packet- of transmitting, distributing or exchanging switched, including internet) and mobile electronic communications content. terrestrial networks, electricity cable systems, the data related to such signals should be considered as electronic communications metadata and therefore be subject to the provisions of this Regulation. Electronic communications metadata may include information that is part of the subscription to the service when such information is processed for the purposes of transmitting, distributing or exchanging electronic communications content. The exclusion of services providing "content transmitted using electronic communications networks" from the definition of "electronic communications service" in Article 4 of this Regulation does not mean that service providers who offer both electronic communications services and content services are outside the scope of the provisions of the Regulation which applies to the providers of electronic communications services.
Or. en
Amendment 189 Daniel Dalton, John Procter
Proposal for a regulation Recital 14
Text proposed by the Commission Amendment
(14) Electronic communications data (14) Electronic communications data should be defined in a sufficiently broad should be defined in a sufficiently broad and technology neutral way so as to and technology neutral way so as to encompass any information concerning the encompass any information concerning the content transmitted or exchanged content transmitted (electronic (electronic communications content) and communications content) and the the information concerning an end-user of information concerning an end-user of electronic communications services electronic communications services processed for the purposes of transmitting, processed for the purposes of transmitting distributing or enabling the exchange of of electronic communications content; electronic communications content; including data to trace and identify the including data to trace and identify the source and destination of a communication, source and destination of a communication, geographical location and the date, time, geographical location and the date, time, duration and the type of communication. duration and the type of communication. Whether such signals and the related data Whether such signals and the related data are conveyed by wire, radio, optical or are conveyed by wire, radio, optical or electromagnetic means, including satellite electromagnetic means, including satellite networks, cable networks, fixed (circuit- networks, cable networks, fixed (circuit- and packet-switched, including internet) and packet-switched, including internet) and mobile terrestrial networks, electricity and mobile terrestrial networks, electricity cable systems, the data related to such cable systems, the data related to such signals should be considered as electronic signals should be considered as electronic communications metadata and therefore be communications metadata and therefore be subject to the provisions of this Regulation. subject to the provisions of this Regulation. Electronic communications metadata may Electronic communications metadata may include information that is part of the include information that is part of the subscription to the service when such subscription to the service when such information is processed for the purposes information is processed for the purposes of transmitting electronic communications content. of transmitting, distributing or exchanging electronic communications content.
Or. en
Amendment 190 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 14 a (new)
Text proposed by the Commission Amendment
(14 a) Modern electronic communications services, including the internet and the OTT services that run on top of it, function on the basis of the separation of layers of protocols and services, as defined by the Open Systems Interconnection model (OSI model, ISO/IEC 7498-1). An internet (TCP/IP) data packet for example is encapsulated in an underlying ethernet or wireless data packet for local routing between the terminal equipment and the nearest router, which means that the full TCP/IP packet is content as seen from the ethernet or wireless connection layer. One layer above, an e-mail including its content and metadata is encapsulated in one or more TCP/IP packets, therefore the full e-mail is treated as content on the level of the TCP/IP protocol layer. The e- mail, in turn, consists of metadata using the SMTP protocol, and content data in the body of the e-mail. That means that what is metadata on one protocol layer is content data for the layers below. Where this Regulation lays down different rules for the processing of content and metadata, this should be understood for the respective electronic communications service and the protocol layer it is operating on. An internet access provider, for example, should therefore not scan the content of the TCP/IP packets routed by it, in order to detect malicious e-mail senders or attachments, because for the internet layer, e-mail is fully content. The scanning of e-mails however could be done by the e-mail provider if it is necessary for the security of the service or if the user specifically requests this. This separation of protocol layers is crucial for maintaining the neutrality of the electronic communications services (net neutrality), which is protected under Regulation (EU) 2015/2120.
Or. en
Justification
This explains the clarification in the definitions of “content” and “metadata” in Article 4.
Amendment 191 Monica Macovei, Barbara Spinelli
Proposal for a regulation Recital 15
Text proposed by the Commission Amendment
(15) Electronic communications data (15) Any processing of electronic should be treated as confidential. This communications data or any interference means that any interference with the with the transmission of electronic transmission of electronic communications communications data, whether directly by data, whether directly by human human intervention or through the intervention or through the intermediation intermediation of automated processing by of automated processing by machines, machines, by persons other than the end- without the consent of all the users, should be prohibited. When the communicating parties should be processing is allowed under any exception prohibited. The prohibition of interception to the prohibitions under the this of communications data should apply Regulation, any other processing of the during their conveyance, i.e. until receipt electronic communications data on the of the content of the electronic basis of Article 6 of the Regulation (EU) communication by the intended addressee. 2016/679 shall be considered as Interception of electronic communications prohibited, including processing for data may occur, for example, when another purpose on the basis of Article someone other than the communicating 6(4) of that Regulation. This would not parties, listens to calls, reads, scans or prevent controllers from asking for stores the content of electronic additional consent for new processing communications, or the associated operations. metadata for purposes other than the The prohibition of interception of exchange of communications. Interception communications data should apply also also occurs when third parties monitor during their conveyance, i.e. until receipt websites visited, timing of the visits, of the content of the electronic interaction with others, etc., without the communication by the intended addressee consent of the end-user concerned. As and any temporary files in the network technology evolves, the technical ways to after receipt. Interception of electronic engage in interception have also increased. communications data may occur, for Such ways may range from the installation example, when someone other than the of equipment that gathers data from communicating parties, listens to calls, terminal equipment over targeted areas, reads, scans or stores the content of such as the so-called IMSI (International electronic communications, or the Mobile Subscriber Identity) catchers, to associated metadata for purposes other than programs and techniques that, for example, the exchange of communications. surreptitiously monitor browsing habits for Interception also occurs when third parties the purpose of creating end-user profiles. monitor websites visited, timing of the Other examples of interception include visits, interaction with others, etc., without capturing payload data or content data the consent of the end-user concerned. As from unencrypted wireless networks and technology evolves, the technical ways to routers, including browsing habits without engage in interception have also increased. the end-users' consent. Such ways may range from the installation of equipment that gathers data from terminal equipment over targeted areas, such as the so-called IMSI (International Mobile Subscriber Identity) catchers, to programs and techniques that, for example, surreptitiously monitor browsing habits for the purpose of creating end-user profiles. Other examples of interception include capturing payload data or content data from unencrypted wireless networks and routers, and analysis of end users' electronic communications metadata, including browsing habits without the end- users' consent.
Or. en
Amendment 192 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 15
Text proposed by the Commission Amendment
(15) Electronic communications data (15) Electronic communications data should be treated as confidential. This should be treated as confidential. This means that any interference with the means that any processing of electronic transmission of electronic communications communications data or any interference data, whether directly by human with the transmission of electronic intervention or through the intermediation communications data, whether directly by of automated processing by machines, human intervention or through the without the consent of all the intermediation of automated processing by communicating parties should be machines, without the consent of the user prohibited. The prohibition of interception requesting a specific service or of all the of communications data should apply communicating parties should be during their conveyance, i.e. until receipt prohibited. When the processing is of the content of the electronic allowed under this Regulation, any other communication by the intended addressee. processing on the basis of Article 6 of Interception of electronic communications Regulation (EU) 2016/679 should be data may occur, for example, when considered as prohibited, including someone other than the communicating processing for another purpose on the parties, listens to calls, reads, scans or basis of Article 6(4) of that Regulation. stores the content of electronic This should not prevent requesting communications, or the associated additional consent for new processing metadata for purposes other than the operations. The prohibition of processing exchange of communications. Interception of communications data should apply also occurs when third parties monitor during their conveyance and when they websites visited, timing of the visits, are stored afterwards, in order to reflect interaction with others, etc., without the the growing trend that subscribers do not consent of the end-user concerned. As store all communications data on their technology evolves, the technical ways to own terminal equipment, but use cloud- engage in interception have also increased. based storage space of the Such ways may range from the installation communications provider or other parties. of equipment that gathers data from Interception of electronic communications terminal equipment over targeted areas, data may occur, for example, when such as the so-called IMSI (International someone other than the communicating Mobile Subscriber Identity) catchers, to parties, listens to calls, reads, scans or programs and techniques that, for example, stores the content of electronic surreptitiously monitor browsing habits for communications, or the associated the purpose of creating end-user profiles. metadata for purposes other than the Other examples of interception include exchange of communications. Interception capturing payload data or content data also occurs when other parties monitor from unencrypted wireless networks and websites visited, timing of the visits, routers, including browsing habits without interaction with others, etc., without the the end-users' consent. consent of the user concerned. As technology evolves, the technical ways to engage in interception have also increased. Such ways may range from the installation of equipment that gathers data from terminal equipment over targeted areas, such as the so-called IMSI (International Mobile Subscriber Identity) catchers, to programs and techniques that, for example, surreptitiously monitor browsing habits for the purpose of creating user profiles. Other examples of interception include capturing payload data or content data from unencrypted wireless networks and routers, and analysis of users' traffic data, including browsing habits, without the users' consent. Or. en
Amendment 193 Cornelia Ernst
Proposal for a regulation Recital 15
Text proposed by the Commission Amendment
(15) Electronic communications data (15) Electronic communications data should be treated as confidential. This should be treated as confidential. This means that any interference with the means that any processing of electronic transmission of electronic communications communications data or any interference data, whether directly by human with the transmission of electronic intervention or through the intermediation communications data, whether directly by of automated processing by machines, human intervention or through the without the consent of all the intermediation of automated processing by communicating parties should be machines, without the consent of the user prohibited. The prohibition of interception requesting a specific service or of all the of communications data should apply communicating parties should be during their conveyance, i.e. until receipt prohibited. When the processing is of the content of the electronic allowed under this Regulation, any other communication by the intended addressee. processing on the basis of Article 6 of Interception of electronic communications Regulation (EU) 2016/679 should be data may occur, for example, when considered as prohibited, including someone other than the communicating processing for another purpose on the parties, listens to calls, reads, scans or basis of Article 6(4) of that Regulation. stores the content of electronic The prohibition of processing of communications, or the associated communications data should apply during metadata for purposes other than the their conveyance and when they are stored exchange of communications. Interception afterwards, in order to reflect the growing also occurs when third parties monitor trend that subscribers do not store all websites visited, timing of the visits, communications data on their own interaction with others, etc., without the terminal equipment, but use cloud-based consent of the end-user concerned. As storage space of the communications technology evolves, the technical ways to provider or other parties. Interception of engage in interception have also increased. electronic communications data may occur, Such ways may range from the installation for example, when someone other than the of equipment that gathers data from communicating parties, listens to calls, terminal equipment over targeted areas, reads, scans or stores the content of such as the so-called IMSI (International electronic communications, or the Mobile Subscriber Identity) catchers, to associated metadata for purposes other than programs and techniques that, for example, the exchange of communications. surreptitiously monitor browsing habits for Interception also occurs when third parties the purpose of creating end-user profiles. monitor websites visited, timing of the Other examples of interception include visits, interaction with others, etc., without capturing payload data or content data the consent of the end-user concerned. As from unencrypted wireless networks and technology evolves, the technical ways to routers, including browsing habits without engage in interception have also increased. the end-users' consent. Such ways may range from the installation of equipment that gathers data from terminal equipment over targeted areas, such as the so-called IMSI (International Mobile Subscriber Identity) catchers, to programs and techniques that, for example, surreptitiously monitor browsing habits for the purpose of creating end-user profiles. Other examples of interception include capturing payload data or content data from unencrypted wireless networks and routers, and analysis of customers' traffic data, including browsing habits without the users' consent.
Or. en
Amendment 194 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 15
Text proposed by the Commission Amendment
(15) Electronic communications data (15) Electronic communications data should be treated as confidential. This should be treated as confidential. This means that any interference with the means that any interference with the transmission of electronic communications transmission of electronic communications data, whether directly by human content, whether directly by human intervention or through the intermediation intervention or through the intermediation of automated processing by machines, of automated processing by machines, without the consent of all the without the consent of all the communicating parties should be communicating parties should be prohibited. The prohibition of interception prohibited except for permissible uses of communications data should apply described under this Regulation. The during their conveyance, i.e. until receipt prohibition of interception of of the content of the electronic communications content should apply communication by the intended addressee. during their conveyance, i.e. until receipt Interception of electronic communications of the content of the electronic data may occur, for example, when communication by the intended addressee. someone other than the communicating Interception of electronic communications parties, listens to calls, reads, scans or content may occur, for example, when stores the content of electronic someone other than the communicating communications, or the associated parties or their electronic communications metadata for purposes other than the service providers, listens to calls, reads, exchange of communications. Interception scans or stores the content of electronic also occurs when third parties monitor communications, or the associated websites visited, timing of the visits, metadata, for purposes other than the interaction with others, etc., without the exchange of communications. Interception consent of the end-user concerned. As may also occurs when third parties monitor technology evolves, the technical ways to websites visited, timing of the visits, engage in interception have also increased. interaction with others, etc., by accessing Such ways may range from the installation electronic communications data during of equipment that gathers data from their transmission. As technology evolves, terminal equipment over targeted areas, the technical ways to engage in such as the so-called IMSI (International interception have also increased. Such Mobile Subscriber Identity) catchers, to ways may range from the installation of programs and techniques that, for example, equipment that gathers data from terminal surreptitiously monitor browsing habits for equipment over targeted areas, such as the the purpose of creating end-user profiles. so-called IMSI (International Mobile Other examples of interception include Subscriber Identity) catchers, to programs capturing payload data or content data and techniques that, for example, from unencrypted wireless networks and surreptitiously monitor browsing habits for routers, including browsing habits without the purpose of creating end-user profiles. the end-users' consent. Other examples of interception include capturing payload data or content data from unencrypted wireless networks and routers, including browsing habits without the end-users' consent.
Or. en
Amendment 195 Daniel Dalton, John Procter
Proposal for a regulation Recital 15
Text proposed by the Commission Amendment
(15) Electronic communications data (15) Electronic communications data should be treated as confidential. This should be treated as confidential. This means that any interference with the means that any interference with the transmission of electronic communications transmission of electronic communications data, whether directly by human data, whether directly by human intervention or through the intermediation intervention or through the intermediation of automated processing by machines, of automated processing by machines, without the consent of all the without the consent of all the communicating parties should be communicating parties should be prohibited. The prohibition of interception prohibited. The prohibition of interception of communications data should apply of communications data should apply during their conveyance, i.e. until receipt during their conveyance, i.e. until receipt of the content of the electronic of the content of the electronic communication by the intended addressee. communication by the intended addressee. Interception of electronic communications Interception of electronic communications data may occur, for example, when data may occur, for example, when someone other than the communicating someone other than the communicating parties, listens to calls, reads, scans or parties, listens to calls, reads, scans or stores the content of electronic stores the content of electronic communications, or the associated communications, or the associated metadata for purposes other than the metadata for purposes other than the exchange of communications. Interception exchange of communications. As also occurs when third parties monitor technology evolves, the technical ways to websites visited, timing of the visits, engage in interception have also increased. interaction with others, etc., without the Such ways may range from the installation consent of the end-user concerned. As of equipment that gathers data from technology evolves, the technical ways to terminal equipment over targeted areas, engage in interception have also increased. such as the so-called IMSI (International Such ways may range from the installation Mobile Subscriber Identity) catchers, to of equipment that gathers data from programs and techniques that, for example, terminal equipment over targeted areas, surreptitiously monitor browsing habits for such as the so-called IMSI (International the purpose of creating end-user profiles. Mobile Subscriber Identity) catchers, to Other examples of interception include programs and techniques that, for example, capturing payload data or content data surreptitiously monitor browsing habits for from unencrypted wireless networks and the purpose of creating end-user profiles. routers, including browsing habits without Other examples of interception include the end-users' consent. capturing payload data or content data from unencrypted wireless networks and routers, including browsing habits without the end-users' consent.
Or. en
Amendment 196 Michał Boni, Frank Engel, Tomáš Zdechovský, Pál Csáky, Elissavet Vozemberg- Vrionidi
Proposal for a regulation Recital 15
Text proposed by the Commission Amendment
(15) Electronic communications data (15) Electronic communications data should be treated as confidential. This should be treated as confidential. This means that any interference with the means that any interference with the transmission of electronic communications transmission of electronic communications data, whether directly by human data, whether directly by human intervention or through the intermediation intervention or through the intermediation of automated processing by machines, of automated processing by machines, without the consent of all the without the consent of all the communicating parties should be communicating parties should be prohibited. The prohibition of interception prohibited. The prohibition of interception of communications data should apply of communications data should apply during their conveyance, i.e. until receipt during their conveyance. For non-real- of the content of the electronic time electronic communication such as communication by the intended addressee. email or messaging, the transmission Interception of electronic communications starts with the submission of the content data may occur, for example, when for delivery and finishes with the receipt someone other than the communicating of the content of the electronic parties, listens to calls, reads, scans or communication by the service provider of stores the content of electronic the intended recipient. Interception of communications, or the associated electronic communications data may occur, metadata for purposes other than the for example, when someone other than the exchange of communications. Interception communicating parties, listens to calls, also occurs when third parties monitor reads, scans or stores the content of websites visited, timing of the visits, electronic communications, or the interaction with others, etc., without the associated metadata for purposes other than consent of the end-user concerned. As the exchange of communications. As technology evolves, the technical ways to technology evolves, the technical ways to engage in interception have also increased. engage in interception have also increased. Such ways may range from the installation Such ways may range from the installation of equipment that gathers data from of equipment that gathers data from terminal equipment over targeted areas, terminal equipment over targeted areas, such as the so-called IMSI (International such as the so-called IMSI (International Mobile Subscriber Identity) catchers, to Mobile Subscriber Identity) catchers, to programs and techniques that, for example, programs and techniques that, for example, surreptitiously monitor browsing habits for surreptitiously monitor browsing habits for the purpose of creating end-user profiles. the purpose of creating end-user profiles. Other examples of interception include Other examples of interception include capturing payload data or content data capturing payload data or content data from unencrypted wireless networks and from unencrypted wireless networks and routers, including browsing habits without routers, including browsing habits without the end-users' consent. the end-users' consent.
Or. en
Amendment 197 Axel Voss, Heinz K. Becker, Rachida Dati, Brice Hortefeux
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) The prohibition of storage of (16) The prohibition of storage of communications is not intended to prohibit communications during conveyance is not any automatic, intermediate and transient intended to prohibit any automatic, storage of this information insofar as this intermediate and transient storage of this takes place for the sole purpose of carrying information insofar as this takes place for out the transmission in the electronic the sole purpose of carrying out the communications network. It should not transmission in the electronic prohibit either the processing of electronic communications network. It should not communications data to ensure the security prohibit either the processing of electronic and continuity of the electronic communications data to ensure the security communications services, including and continuity of the electronic checking security threats such as the communications services, including presence of malware or the processing of checking security threats such as the metadata to ensure the necessary quality of presence of malware or the processing of service requirements, such as latency, jitter metadata to ensure the necessary quality of etc. service requirements, such as latency, jitter etc.
Or. en
Amendment 198 Marju Lauristin
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) The prohibition of storage of (16) The prohibition of storage of communications is not intended to prohibit communications is not intended to prohibit any automatic, intermediate and transient any automatic, intermediate and transient storage of this information insofar as this storage of this information insofar as this takes place for the sole purpose of carrying takes place for the sole purpose of carrying out the transmission in the electronic out the transmission. It should not prohibit communications network. It should not the processing of electronic prohibit either the processing of electronic communications data by public communications data to ensure the authorities, computer emergency response security and continuity of the electronic teams (CERTs), computer security communications services, including incident response teams (CSIRTs), checking security threats such as the providers of electronic communications presence of malware or the processing of networks and services and by certified metadata to ensure the necessary quality of providers of security technologies and service requirements, such as latency, jitter services, in compliance with Regulation etc. 2016/679 and to the extent strictly necessary and proportionate for the sole purposes of ensuring network and information security, i.e. preservation of availability, integrity and confidentiality of information, and ensuring the security of the related services offered by, or accessible via, those networks and systems. This could, for example, include preventing unauthorised access to electronic communications networks and malicious code distribution and stopping 'denial of service' attacks and damage to computer and electronic communication systems, checking security threats such as the presence of malware, spam or to check against DDoS attacks, or the processing of metadata to ensure the necessary quality of service requirements such as latency, jitter etc.
Or. en
Amendment 199 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) The prohibition of storage of (16) The prohibition of storage of communications is not intended to prohibit communications during transmission is any automatic, intermediate and transient not intended to prohibit any automatic, storage of this information insofar as this intermediate and transient storage of this takes place for the sole purpose of carrying information insofar as this takes place for out the transmission in the electronic the sole purpose of carrying out the communications network. It should not transmission in the electronic prohibit either the processing of electronic communications network. The processing communications data to ensure the security of pseudonymised data, should be and continuity of the electronic incentivised as the act of psedonymisation communications services, including dramatically reduces any privacy and checking security threats such as the security risk associated with processing of presence of malware or the processing of data related to transmission. It should not metadata to ensure the necessary quality of prohibit either the processing of electronic service requirements, such as latency, jitter communications data to ensure the security etc. and continuity of the electronic communications services, including checking security threats such as the presence of malware or the processing of metadata to ensure the appropriate quality of service requirements, such as latency, jitter etc.
Or. en
Amendment 200 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) The prohibition of storage of (16) The prohibition of storage of communications is not intended to prohibit communications is not intended to prohibit any automatic, intermediate and transient any automatic, intermediate and transient storage of this information insofar as this storage of this information insofar as this takes place for the sole purpose of carrying takes place for the sole purpose of carrying out the transmission in the electronic out the transmission in the electronic communications network. It should not communications network. It should not prohibit either the processing of electronic prohibit either the processing of electronic communications data to ensure the security communications data to ensure the and continuity of the electronic security, confidentiality, integrity, communications services, including availability, authenticity and continuity of checking security threats such as the the electronic communications services presence of malware or the processing of and networks, including checking security metadata to ensure the necessary quality of threats such as the presence of malware or service requirements, such as latency, jitter the processing of metadata to ensure the etc. necessary quality of service requirements, such as latency, jitter etc.
Or. en
Amendment 201 Maria Grapini
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) Interdicția stocării comunicațiilor (16) Interdicția stocării comunicațiilor nu vizează împiedicarea stocării automate, nu vizează împiedicarea stocării automate, intermediare și tranzitorii a acestor intermediare și tranzitorii a acestor informații, în măsura în care are loc cu informații, în măsura în care are loc cu unicul scop de a efectua transmisia în unicul scop de a efectua transmisia și cu rețeaua de comunicații electronice. Acesta garantarea confidențialității datelor în nu ar trebui să interzică nici prelucrarea timpul perioadei de stocare. Acesta nu ar datelor transmise în cadrul comunicațiilor trebui să interzică nici prelucrarea datelor electronice cu scopul de a asigura transmise în cadrul comunicațiilor securitatea și continuitatea serviciilor de electronice cu scopul de a asigura comunicații electronice, inclusiv securitatea și continuitatea serviciilor de verificările în vederea depistării comunicații electronice, inclusiv amenințărilor la adresa securității, cum ar fi verificările în vederea depistării prezența unui software rău-intenționat, nici amenințărilor la adresa securității, cum ar fi prelucrarea de metadate pentru a răspunde prezența unui software rău-intenționat, nici cerințelor în materie de calitate a prelucrarea de metadate pentru a răspunde serviciilor, cum ar fi timpul de așteptare, cerințelor în materie de calitate a serviciilor, cum ar fi timpul de așteptare, variația întârzierii de transfer a pachetelor variația întârzierii de transfer a pachetelor de date etc. de date etc.
Or. ro
Amendment 202 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) The prohibition of storage of (16) The prohibition of storage of communications is not intended to prohibit communications is not intended to prohibit any automatic, intermediate and transient any automatic, intermediate and transient storage of this information insofar as this storage of this information insofar as this takes place for the sole purpose of carrying takes place for the sole purpose of carrying out the transmission in the electronic out the transmission in the electronic communications network. It should not communications network. It should not prohibit either the processing of electronic prohibit either the processing of electronic communications data to ensure the security communications data to ensure the and continuity of the electronic security, availability and continuity of the communications services, including electronic communications services and checking security threats such as the networks, including checking security presence of malware or the processing of threats such as the presence of malware or metadata to ensure the necessary quality of the processing of metadata to ensure the service requirements, such as latency, jitter appropriate quality of service etc. requirements, such as latency, jitter etc.
Or. en
Amendment 203 Cornelia Ernst
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) The prohibition of storage of (16) The prohibition of storage of communications is not intended to prohibit communications is not intended to prohibit any automatic, intermediate and transient any automatic, intermediate and transient storage of this information insofar as this storage of this information insofar as this takes place for the sole purpose of carrying takes place for the sole purpose of carrying out the transmission in the electronic out the transmission. It should not prohibit communications network. It should not either the processing of electronic prohibit either the processing of electronic communications data to ensure the security communications data to ensure the security and continuity of the electronic and continuity of the electronic communications services, including communications services, including checking security threats such as the checking security threats such as the presence of malware or the processing of presence of malware or the processing of metadata to ensure the necessary quality of metadata to ensure the necessary quality of service requirements, such as latency, jitter service requirements, such as latency, jitter etc. etc.
Or. en
Amendment 204 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 16
Text proposed by the Commission Amendment
(16) The prohibition of storage of (16) The prohibition of storage of communications is not intended to prohibit communications is not intended to prohibit any automatic, intermediate and transient any automatic, intermediate and transient storage of this information insofar as this storage of this information insofar as this takes place for the sole purpose of carrying takes place for the sole purpose of carrying out the transmission in the electronic out the transmission. It should not prohibit communications network. It should not either the processing of electronic prohibit either the processing of electronic communications data to ensure the security communications data to ensure the security and continuity of the electronic and continuity of the electronic communications services, including communications services, including checking security threats related to the checking security threats such as the respective service, or the processing of presence of malware or the processing of metadata of the respective service to metadata to ensure the necessary quality of ensure the necessary quality of service service requirements, such as latency, jitter requirements, such as latency, jitter etc. etc.
Or. en
(related to the clarifications in Recital 14a(new) and Article 4.)
Amendment 205 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications metadata can be useful businesses, consumers and society as a for businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. Vis-à-vis Directive 2002/58/EC, this Regulation broadens the possibilities this Regulation broadens the possibilities for providers of electronic communications for providers of electronic communications services to process electronic services to process electronic communications metadata, based on end- communications metadata, in accordance users consent. However, end-users attach with Article 6(1) and 6(4) of Regulation great importance to the confidentiality of (EU) No 2016/679. However, end-users their communications, including their attach great importance to the online activities, and that they want to confidentiality of their communications, control the use of electronic including their online activities, and that communications data for purposes other they want to control the use of electronic than conveying the communication. communications data for purposes other Therefore, this Regulation should require than conveying the communication. providers of electronic communications Therefore, this Regulation should require services to obtain end-users' consent to providers of electronic communications process electronic communications services to comply with Regulation (EU) metadata, which should include data on the No 2016/679 when processing electronic location of the device generated for the communications metadata, which should purposes of granting and maintaining include data on the location of the device. access and connection to the service. As an exception from obtaining end- Location data that is generated other than users' consent, the processing of in the context of providing electronic electronic communications metadata for communications services should not be purposes other than those for which the considered as metadata. Examples of personal data were initially collected commercial usages of electronic should be allowed in cases where further communications metadata by providers of processing is compatible in accordance electronic communications services may with Article 6 (4) and Article 6 (1) of include the provision of heatmaps; a Regulation (EU) 2016/679. generated for graphical representation of data using the purposes of granting and maintaining colors to indicate the presence of access and connection to the service. individuals. To display the traffic Location data that is generated other than movements in certain directions during a in the context of providing electronic certain period of time, an identifier is communications services should not be necessary to link the positions of considered as metadata. Examples of individuals at certain time intervals. This commercial usages of electronic identifier would be missing if anonymous communications metadata by providers of data were to be used and such movement electronic communications services may could not be displayed. Such usage of include the provision of heatmaps; a electronic communications metadata could, graphical representation of data using for example, benefit public authorities and colors to indicate the presence of public transport operators to define where individuals. To display the traffic to develop new infrastructure, based on the movements in certain directions during a usage of and pressure on the existing certain period of time, an identifier is structure. Where a type of processing of necessary to link the positions of electronic communications metadata, in individuals at certain time intervals. This particular using new technologies, and identifier would be missing if anonymous taking into account the nature, scope, data were to be used and such movement context and purposes of the processing, is could not be displayed. Therefore, likely to result in a high risk to the rights whenever the purpose(s) of further and freedoms of natural persons, a data processing cannot be achieved by protection impact assessment and, as the processing data that is made anonymous, case may be, a consultation of the pseudonymisation of data should be supervisory authority should take place allowed. Such usage of electronic prior to the processing, in accordance with communications metadata could, for Articles 35 and 36 of Regulation (EU) example, benefit public authorities and 2016/679. public transport operators to define where to develop new infrastructure, based on the usage of and pressure on the existing structure. Where a type of processing of electronic communications metadata, in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, a data protection impact assessment and, as the case may be, a consultation of the supervisory authority should take place prior to the processing, in accordance with Articles 35 of Regulation (EU) 2016/679.
Or. en
Amendment 206 Axel Voss, Heinz K. Becker, Anna Maria Corazza Bildt
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications data can be useful for businesses, consumers and society as a businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. Vis-à-vis Directive 2002/58/EC, this Regulation broadens the possibilities this Regulation broadens the possibilities for providers of electronic communications for providers of electronic communications services to process electronic services to process electronic communications metadata, based on end- communications metadata in accordance users consent. However, end-users attach with Regulation (EU) No 2016/679. great importance to the confidentiality of However, end-users attach great their communications, including their importance to the confidentiality of their online activities, and that they want to communications, including their online control the use of electronic activities, and that they want to control the communications data for purposes other use of electronic communications data for than conveying the communication. purposes other than conveying the Therefore, this Regulation should require communication. Therefore, this Regulation providers of electronic communications should require providers of electronic services to obtain end-users' consent to communications services to comply with process electronic communications Regulation (EU) No 2016/679 when metadata, which should include data on the processing electronic communications location of the device generated for the metadata, which should include data on the purposes of granting and maintaining location of the device generated for the access and connection to the service. purposes of granting and maintaining Location data that is generated other than access and connection to the service. in the context of providing electronic Location data that is generated other than communications services should not be in the context of providing electronic considered as metadata. Examples of communications services should not be commercial usages of electronic considered as metadata. Examples of communications metadata by providers of commercial usages of electronic electronic communications services may communications metadata by providers of include the provision of heatmaps; a electronic communications services may graphical representation of data using include the provision of heatmaps; a colors to indicate the presence of graphical representation of data using individuals. To display the traffic colors to indicate the presence of movements in certain directions during a individuals. To display the traffic certain period of time, an identifier is movements in certain directions during a necessary to link the positions of certain period of time, an identifier is individuals at certain time intervals. This necessary to link the positions of identifier would be missing if anonymous individuals at certain time intervals. This data were to be used and such movement identifier would be missing if anonymous could not be displayed. Such usage of data were to be used and such movement electronic communications metadata could, could not be displayed. Such usage of for example, benefit public authorities and electronic communications metadata could, public transport operators to define where for example, benefit public authorities and to develop new infrastructure, based on the public transport operators to define where usage of and pressure on the existing to develop new infrastructure, based on the structure. Where a type of processing of usage of and pressure on the existing electronic communications metadata, in structure. particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, a data protection impact assessment and, as the case may be, a consultation of the supervisory authority should take place prior to the processing, in accordance with Articles 35 and 36 of Regulation (EU) 2016/679.
Or. en
Amendment 207 Emilian Pavel
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications metadata can be useful businesses, consumers and society as a for businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. Vis-à-vis Directive 2002/58/EC, this Regulation broadens the possibilities this Regulation broadens the possibilities for providers of electronic communications for providers of electronic communications services to process electronic services to further process electronic communications metadata, based on end- communications metadata, based on end- users consent. However, end-users attach users consent. However, end-users attach great importance to the confidentiality of great importance to the confidentiality of their communications, including their their communications, including their online activities, and that they want to online activities, and that they want to control the use of electronic control the use of electronic communications data for purposes other communications data for purposes other than conveying the communication. than conveying the communication, Therefore, this Regulation should require billing, interconnection payments or providers of electronic communications security. Therefore, this Regulation should services to obtain end-users' consent to require providers of electronic process electronic communications communications services to obtain end- metadata, which should include data on the users' consent to further process electronic location of the device generated for the communications metadata, which should purposes of granting and maintaining include data on the location of the device access and connection to the service. generated for the purposes of granting and Location data that is generated other than maintaining access and connection to the in the context of providing electronic service. Location data that is generated communications services should not be other than in the context of providing considered as metadata. Examples of electronic communications services should commercial usages of electronic not be considered as metadata. As an communications metadata by providers of exception from obtaining end-users' electronic communications services may consent, the. The further processing of include the provision of heatmaps; a electronic communications metadata, graphical representation of data using where such processing is not based on the colors to indicate the presence of data subject's consent, and for purposes individuals. To display the traffic other than those for which the personal movements in certain directions during a data were initially collected, should be certain period of time, an identifier is allowed in cases where the processing is necessary to link the positions of compatible in accordance with point (4) of individuals at certain time intervals. This Article 6 of Regulation (EU) 2016/679. identifier would be missing if anonymous Examples of commercial usages of data were to be used and such movement electronic communications metadata by could not be displayed. Such usage of providers of electronic communications electronic communications metadata could, services may include the provision of for example, benefit public authorities and heatmaps; a graphical representation of public transport operators to define where data using colors to indicate the presence to develop new infrastructure, based on the of individuals. To display the traffic usage of and pressure on the existing movements in certain directions during a structure. Where a type of processing of certain period of time, an identifier is electronic communications metadata, in necessary to link the positions of particular using new technologies, and individuals at certain time intervals. This taking into account the nature, scope, identifier would be missing if anonymous context and purposes of the processing, is data were to be used and such movement likely to result in a high risk to the rights could not be displayed. Such usage of and freedoms of natural persons, a data electronic communications metadata could, protection impact assessment and, as the for example, benefit public authorities and case may be, a consultation of the public transport operators to define where supervisory authority should take place to develop new infrastructure, based on the prior to the processing, in accordance usage of and pressure on the existing with Articles 35 and 36 of Regulation structure. (EU) 2016/679.
Or. en
Amendment 208 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications metadata can be useful businesses, consumers and society as a for businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. Vis-à-vis Directive 2002/58/EC, this Regulation broadens the possibilities this Regulation broadens the possibilities for providers of electronic communications for providers of electronic communications services to process electronic networks and services to further process communications metadata, based on end- electronic communications metadata. users consent. However, end-users attach However, end-users attach great great importance to the confidentiality of importance to the confidentiality of their their communications, including their communications, including their online online activities, and that they want to activities, and that they want to control the control the use of electronic use of electronic communications data for communications data for purposes other purposes other than conveying the than conveying the communication. communication, billing, interconnection Therefore, this Regulation should require payments or security. Therefore, this providers of electronic communications Regulation should, in principle, require services to obtain end-users' consent to providers of electronic communications process electronic communications networks and services to obtain end-users' metadata, which should include data on the consent to further process electronic location of the device generated for the communications metadata, which should purposes of granting and maintaining include data on the location of the device access and connection to the service. generated for the purposes of granting and Location data that is generated other than maintaining access and connection to the in the context of providing electronic service. Location data that is generated communications services should not be other than in the context of providing considered as metadata. Examples of electronic communications services should commercial usages of electronic not be considered as metadata. As an communications metadata by providers of exception from obtaining end-users' electronic communications services may consent, the processing of electronic include the provision of heatmaps; a communications metadata for purposes graphical representation of data using other than those for which the personal colors to indicate the presence of data were initially collected should be individuals. To display the traffic allowed in cases where the processing is movements in certain directions during a compatible in accordance with point (4) of certain period of time, an identifier is Article 6 of Regulation (EU) necessary to link the positions of 2016/679.Examples of commercial usages individuals at certain time intervals. This of electronic communications metadata by identifier would be missing if anonymous providers of electronic communications data were to be used and such movement services may include the provision of could not be displayed. Such usage of heatmaps; a graphical representation of electronic communications metadata could, data using colors to indicate the presence for example, benefit public authorities and of individuals. To display the traffic public transport operators to define where movements in certain directions during a to develop new infrastructure, based on the certain period of time, an identifier is usage of and pressure on the existing necessary to link the positions of structure. Where a type of processing of individuals at certain time intervals. This electronic communications metadata, in identifier would be missing if anonymous particular using new technologies, and data were to be used and such movement taking into account the nature, scope, could not be displayed. Such usage of context and purposes of the processing, is electronic communications metadata could, likely to result in a high risk to the rights for example, benefit public authorities and and freedoms of natural persons, a data public transport operators to define where protection impact assessment and, as the to develop new infrastructure, based on the case may be, a consultation of the usage of and pressure on the existing supervisory authority should take place structure. prior to the processing, in accordance with Articles 35 and 36 of Regulation (EU) 2016/679.
Or. en
Amendment 209 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications data can be useful for businesses, consumers and society as a businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. Examples of commercial usages of this Regulation broadens the possibilities electronic communications metadata by for providers of electronic providers of electronic communications communications services to process services may include the provision of electronic communications metadata, heatmaps; a graphical representation of based on end-users consent. However, data using colors to indicate the presence end-users attach great importance to the of individuals. To display the traffic confidentiality of their communications, movements in certain directions during a including their online activities, and that certain period of time, an identifier may be they want to control the use of electronic necessary to link the positions of communications data for purposes other individuals at certain time intervals. Such than conveying the communication. usage of electronic communications Therefore, this Regulation should require metadata could, for example, benefit public providers of electronic communications authorities and public transport operators to services to obtain end-users' consent to define where to develop new infrastructure, process electronic communications based on the usage of and pressure on the metadata, which should include data on existing structure. Where processing of the location of the device generated for electronic communications data is the purposes of granting and maintaining foreseen, a data protection impact access and connection to the service. assessment and, as the case may be, a Location data that is generated other than consultation of the supervisory authority in the context of providing electronic should take place prior to the processing, in communications services should not be accordance with Articles 35 and 36 of considered as metadata. Examples of Regulation (EU) 2016/679. commercial usages of electronic communications metadata by providers of electronic communications services may include the provision of heatmaps; a graphical representation of data using colors to indicate the presence of individuals. To display the traffic movements in certain directions during a certain period of time, an identifier is necessary to link the positions of individuals at certain time intervals. This identifier would be missing if anonymous data were to be used and such movement could not be displayed. Such usage of electronic communications metadata could, for example, benefit public authorities and public transport operators to define where to develop new infrastructure, based on the usage of and pressure on the existing structure. Where a type of processing of electronic communications metadata, in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, a data protection impact assessment and, as the case may be, a consultation of the supervisory authority should take place prior to the processing, in accordance with Articles 35 and 36 of Regulation (EU) 2016/679.
Or. en
Justification
Based on LIBE AM 17 Rapporteur, moved parts to this to Recital (17a)(new).
Amendment 210 Cornelia Ernst
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications data can be useful for businesses, consumers and society as a businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. Examples of commercial usages of this Regulation broadens the possibilities electronic communications metadata by for providers of electronic providers of electronic communications communications services to process services may include the provision of electronic communications metadata, heatmaps; a graphical representation of based on end-users consent. However, data using colors to indicate the presence end-users attach great importance to the of individuals. To display the traffic confidentiality of their communications, movements in certain directions during a including their online activities, and that certain period of time, an identifier may be they want to control the use of electronic necessary to link the positions of communications data for purposes other individuals at certain time intervals. Such than conveying the communication. usage of electronic communications Therefore, this Regulation should require metadata could, for example, benefit public providers of electronic communications authorities and public transport operators to services to obtain end-users' consent to define where to develop new infrastructure, process electronic communications based on the usage of and pressure on the metadata, which should include data on existing structure. Where processing of the location of the device generated for electronic communications metadata is the purposes of granting and maintaining envisaged, a data protection impact access and connection to the service. assessment and, as the case may be, a Location data that is generated other than consultation of the supervisory authority in the context of providing electronic should take place prior to the processing, in communications services should not be accordance with Articles 35 and 36 of considered as metadata. Examples of Regulation (EU) 2016/679. commercial usages of electronic communications metadata by providers of electronic communications services may include the provision of heatmaps; a graphical representation of data using colors to indicate the presence of individuals. To display the traffic movements in certain directions during a certain period of time, an identifier is necessary to link the positions of individuals at certain time intervals. This identifier would be missing if anonymous data were to be used and such movement could not be displayed. Such usage of electronic communications metadata could, for example, benefit public authorities and public transport operators to define where to develop new infrastructure, based on the usage of and pressure on the existing structure. Where a type of processing of electronic communications metadata, in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, a data protection impact assessment and, as the case may be, a consultation of the supervisory authority should take place prior to the processing, in accordance with Articles 35 and 36 of Regulation (EU) 2016/679.
Or. en
Amendment 211 Sophia in 't Veld
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications data can be useful for businesses, consumers and society as a businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. However, end-users attach great this Regulation broadens the possibilities importance to the confidentiality of their for providers of electronic communications, including their online communications services to process activities, and they want to control the use electronic communications metadata, of electronic communications data for based on end-users consent. However, purposes other than conveying the end-users attach great importance to the communication. Therefore, this Regulation confidentiality of their communications, should require providers of electronic including their online activities, and that communications services to obtain end- they want to control the use of electronic users' consent to process electronic communications data for purposes other communications metadata, which should than conveying the communication. include data on the location of the device Therefore, this Regulation should require generated for the purposes of granting and providers of electronic communications maintaining access and connection to the services to obtain end-users' consent to service. Location data that is generated process electronic communications other than in the context of providing metadata, which should include data on the electronic communications services should location of the device generated for the not be considered as metadata. Examples purposes of granting and maintaining of usages of electronic communications access and connection to the service. metadata by providers of electronic Location data that is generated other than communications services may include the in the context of providing electronic provision of heatmaps; a graphical communications services should not be representation of data using colors to considered as metadata. Examples of indicate the presence of individuals. Such commercial usages of electronic usage of electronic communications communications metadata by providers of metadata could, for example, benefit public electronic communications services may authorities and public transport operators to include the provision of heatmaps; a define where to develop new infrastructure, graphical representation of data using based on the usage of and pressure on the colors to indicate the presence of existing structure. Where a type of individuals. To display the traffic processing of electronic communications movements in certain directions during a metadata, in particular using new certain period of time, an identifier is technologies, and taking into account the necessary to link the positions of nature, scope, context and purposes of the individuals at certain time intervals. This processing, is likely to result in a high risk identifier would be missing if anonymous to the rights and freedoms of natural data were to be used and such movement persons, a data protection impact could not be displayed. Such usage of assessment and, as the case may be, a electronic communications metadata could, consultation of the supervisory authority for example, benefit public authorities and should take place prior to the processing, in public transport operators to define where accordance with Articles 35 and 36 of to develop new infrastructure, based on the Regulation (EU) 2016/679. usage of and pressure on the existing structure. Where a type of processing of electronic communications metadata, in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, a data protection impact assessment and, as the case may be, a consultation of the supervisory authority should take place prior to the processing, in accordance with Articles 35 and 36 of Regulation (EU) 2016/679.
Or. en
Amendment 212 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 17
Text proposed by the Commission Amendment
(17) The processing of electronic (17) The processing of electronic communications data can be useful for communications data can be useful for businesses, consumers and society as a businesses, consumers and society as a whole. Vis-à-vis Directive 2002/58/EC, whole. Vis-à-vis Directive 2002/58/EC, this Regulation broadens the possibilities this Regulation broadens the possibilities for providers of electronic communications for providers of electronic communications services to process electronic services to process electronic communications metadata, based on end- communications metadata, based on end- users consent. However, end-users attach users consent. However, end-users attach great importance to the confidentiality of great importance to the confidentiality of their communications, including their their communications, including their online activities, and that they want to online activities, and that they want to control the use of electronic control the use of electronic communications data for purposes other communications data for purposes other than conveying the communication. than conveying the communication. Therefore, this Regulation should require Therefore, this Regulation should require providers of electronic communications providers of electronic communications services to obtain end-users' consent to services to obtain end-users' consent to process electronic communications process electronic communications metadata, which should include data on the metadata, which should include data on the location of the device generated for the location of the device generated for the purposes of granting and maintaining purposes of granting and maintaining access and connection to the service. access and connection to the service. Location data that is generated other than Location data that is generated other than in the context of providing electronic in the context of providing electronic communications services should not be communications services should not be considered as metadata. Examples of considered as metadata. Examples of commercial usages of electronic commercial usages of electronic communications metadata by providers of communications metadata by providers of electronic communications services may electronic communications services may include the provision of heatmaps; a include the provision of heatmaps; a graphical representation of data using graphical representation of data using colors to indicate the presence of colors to indicate the presence of individuals. To display the traffic individuals. To display the traffic movements in certain directions during a movements in certain directions during a certain period of time, an identifier is certain period of time, an identifier is necessary to link the positions of necessary to link the positions of individuals at certain time intervals. This individuals at certain time intervals. This identifier would be missing if anonymous identifier would be missing if anonymous data were to be used and such movement data were to be used and such movement could not be displayed. Such usage of could not be displayed. Such usage of electronic communications metadata could, electronic communications metadata could, for example, benefit public authorities and for example, benefit public authorities and public transport operators to define where public transport operators to define where to develop new infrastructure, based on the to develop new infrastructure, based on the usage of and pressure on the existing usage of and pressure on the existing structure. Where a type of processing of structure. As an exemption from obtaining electronic communications metadata, in end-user´s consent, the processing of particular using new technologies, and metadata for purposes other than those taking into account the nature, scope, for which they were initially collected context and purposes of the processing, is should be allowed in cases where the likely to result in a high risk to the rights processing is compatible and is subject to and freedoms of natural persons, a data specific safeguards, especially protection impact assessment and, as the pseudonymisation as set forth in point (4) case may be, a consultation of the of Article 6 of Regulation (EU) 2016/679, supervisory authority should take place as well as if it is necessary in accordance prior to the processing, in accordance with Article 6 (1) (f) of Regulation (EU) with Articles 35 and 36 of Regulation (EU) 2016/679 for the purpose of legitimate 2016/679. interest, provided that the data protection impact assessment was carried out, as prescribed in Article 35 of Regulation (EU) 2016/679.
Or. en
Amendment 213 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 17 a (new)
Text proposed by the Commission Amendment
(17 a) Regulation (EU) 2016/679 lays down rules relating to the further processing of personal data where such processing is not based on the data subject's consent. In accordance with point (4) of Article 6 of Regulation (EU) 2016/679, the processing of electronic communications metadata for purposes other than for which the data were initially collected should be allowed where the processing is compatible with the purposes for which the data were initially collected. In such a case, no legal basis separate from that which allowed the collection of the electronic communications metadata should be required. In accordance with Regulation (EU) 2016/679, further processing of electronic communications metadata for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes should be considered to be compatible lawful processing operations.
Or. en
Amendment 214 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Recital 17 a (new)
Text proposed by the Commission Amendment
(17 a) This Regulation broadens the possibilities for providers of electronic communications services to process electronic communications metadata, which should include data on the location of the device generated for the purposes of granting and maintaining access and connection to the service. However, users attach great importance to the confidentiality of their communications, including their online activities, and they want to control the use of their electronic communications data for purposes other than conveying the communication. Therefore, this Regulation should require providers of electronic communications services to obtain users' consent to process electronic communications data. For the purposes of this Regulation, the consent of a user should have the same meaning and be subject to the same conditions as the consent of the data subject under Regulation (EU) 2016/679.
Or. en Justification
Based on LIBE AM 17 Rapporteur.
Amendment 215 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 18
Text proposed by the Commission Amendment
(18) End-users may consent to the (18) Users may consent to the processing of their metadata to receive processing of their electronic specific services such as protection communications data to receive specific services against fraudulent activities (by services requested by them, such as analysing usage data, location and protection services against malware, customer account in real time). In the unsolicited communication, or fraudulent digital economy, services are often activities. Consent for processing supplied against counter-performance electronic communications data will not other than money, for instance by end- be valid if the data subject has no genuine users being exposed to advertisements. and free choice, or is unable to refuse or For the purposes of this Regulation, withdraw consent without detriment. consent of an end-user, regardless of Without prejudice to Article 7 of whether the latter is a natural or a legal Regulation (EU) 2016/679, consent should person, should have the same meaning not be considered as freely given if it is and be subject to the same conditions as required to access any service or obtained the data subject's consent under through insisting and repetitive requests. Regulation (EU) 2016/679. Basic In order to prevent such abusive requests, broadband internet access and voice users should be able to order service communications services are to be providers to remember their choice not to considered as essential services for consent and to adhere to technical individuals to be able to communicate and specifications signalling not to consent, participate to the benefits of the digital withdrawal of consent, or an objection. economy. Consent for processing data from internet or voice communication usage will not be valid if the data subject has no genuine and free choice, or is unable to refuse or withdraw consent without detriment.
Or. en
Amendment 216 Cornelia Ernst
Proposal for a regulation Recital 18
Text proposed by the Commission Amendment
(18) End-users may consent to the (18) Users may consent to the processing of their metadata to receive processing of their electronic specific services such as protection communications data to receive specific services against fraudulent activities (by services requested by them, such as analysing usage data, location and protection services against malware, customer account in real time). In the unsolicited communication, or fraudulent digital economy, services are often activities. Consent for processing supplied against counter-performance electronic communications data will not other than money, for instance by end- be valid if the data subject has no genuine users being exposed to advertisements. and free choice, or is unable to refuse or For the purposes of this Regulation, withdraw consent without detriment. consent of an end-user, regardless of Without prejudice to Article 7 of whether the latter is a natural or a legal Regulation (EU) 2016/679, consent should person, should have the same meaning not be considered as freely given if it is and be subject to the same conditions as required to access any service or obtained the data subject's consent under through insisting and repetitive requests. Regulation (EU) 2016/679. Basic In order to prevent such abusive requests, broadband internet access and voice users should be able to order service communications services are to be providers to remember their choice not to considered as essential services for consent and to adhere to technical individuals to be able to communicate and specifications signalling not to consent, participate to the benefits of the digital withdrawal of consent, or an objection. economy. Consent for processing data from internet or voice communication usage will not be valid if the data subject has no genuine and free choice, or is unable to refuse or withdraw consent without detriment.
Or. en
Amendment 217 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 18
Text proposed by the Commission Amendment
(18) End-users may consent to the (18) End-users may consent to the processing of their metadata to receive processing of their metadata to receive specific services such as protection specific services such as protection services against fraudulent activities (by services against fraudulent activities (by analysing usage data, location and analysing usage data, location and customer account in real time). In the customer account in real time). In the digital economy, services are often digital economy, services are often supplied against counter-performance other supplied against counter-performance other than money, for instance by end-users than money, for instance by end-users being exposed to advertisements. For the being exposed to advertisements. For the purposes of this Regulation, consent of an purposes of this Regulation, consent of an end-user, regardless of whether the latter end-user, regardless, should have the same is a natural or a legal person, should have meaning and be subject to the same the same meaning and be subject to the conditions as the data subject's consent or same conditions as the data subject's another basis for processing under consent under Regulation (EU) 2016/679. Regulation (EU) 2016/679. Basic Basic broadband internet access and voice broadband internet access and voice communications services are to be communications services are to be considered as essential services for considered as essential services for individuals to be able to communicate and individuals to be able to communicate and participate to the benefits of the digital participate to the benefits of the digital economy. Consent for processing data economy. Consent for processing data from internet or voice communication from internet or voice communication usage will not be valid if the data subject usage will not be valid if the data subject has no genuine and free choice, or is has no genuine and free choice, or is unable to refuse or withdraw consent unable to refuse or withdraw consent. without detriment.
Or. en
Amendment 218 Sophia in 't Veld
Proposal for a regulation Recital 18
Text proposed by the Commission Amendment
(18) End-users may consent to the (18) End-users may consent to the processing of their metadata to receive processing of their metadata to receive specific services such as protection specific services such as protection services against fraudulent activities (by services against fraudulent activities (by analysing usage data, location and analysing usage data, location and customer account in real time). In the customer account in real time). In the digital economy, services are often digital economy, services are often supplied against counter-performance supplied against payment other than other than money, for instance by end- money, for instance by end-users being users being exposed to advertisements. For exposed to advertisements. For the the purposes of this Regulation, consent of purposes of this Regulation, consent of an an end-user, regardless of whether the end-user, regardless of whether the latter is latter is a natural or a legal person, should a natural or a legal person, should have the have the same meaning and be subject to same meaning and be subject to the same the same conditions as the data subject's conditions as the data subject's consent consent under Regulation (EU) 2016/679. under Regulation (EU) 2016/679. Basic Basic broadband internet access and voice broadband internet access and voice communications services are to be communications services are to be considered as essential services for considered as essential services for individuals to be able to communicate and individuals to be able to communicate and participate to the benefits of the digital participate to the benefits of the digital economy. Consent for processing data economy. Consent for processing data from internet or voice communication from internet or voice communication usage will not be valid if the data subject usage will not be valid if the data subject has no genuine and free choice, or is has no genuine and free choice, or is unable to refuse or withdraw consent unable to refuse or withdraw consent without detriment. without detriment.
Or. en
Amendment 219 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 19
Text proposed by the Commission Amendment
(19) The content of electronic (19) The content of electronic communications pertains to the essence of communications pertains to the essence of the fundamental right to respect for private the fundamental right to respect for private and family life, home and communications and family life, home and communications protected under Article 7 of the Charter. protected under Article 7 of the Charter. Any interference with the content of Any processing of content data of electronic communications should be electronic communications should be allowed only under very clear defined allowed only under very clear defined conditions, for specific purposes and be conditions, for specific purposes and be subject to adequate safeguards against subject to adequate safeguards against abuse. This Regulation provides for the abuse. This Regulation provides for the possibility of providers of electronic possibility of providers of electronic communications services to process communications services to process electronic communications data in transit, electronic communications data in transit, with the informed consent of all the end- with the informed consent of all the users users concerned. For example, providers concerned. For example, providers may may offer services that entail the scanning offer services that entail the scanning of of emails to remove certain pre-defined emails to remove certain pre-defined material. Given the sensitivity of the material. Given the sensitivity of electronic content of communications, this communications data, this Regulation sets Regulation sets forth a presumption that forth a presumption that the processing of the processing of such content data will such content data will result in high risks to result in high risks to the rights and the rights and freedoms of natural persons. freedoms of natural persons. When When processing such type of data, the processing such type of data, the provider provider of the electronic communications of the electronic communications service service should always carry out an impact should always consult the supervisory assessment as provided for in Regulation authority prior to the processing. Such (EU) 2016/679 and if necessary under consultation should be in accordance with that Regulation, consult the supervisory Article 36 (2) and (3) of Regulation (EU) authority prior to the processing. After 2016/679. The presumption does not electronic communications content has encompass the processing of content data been sent by the user and received by the to provide a service requested by the end- intended end-user or end-users, it may be user where the end-user has consented to recorded or stored by the end-user, end- such processing and it is carried out for users or by another party entrusted by the purposes and duration strictly them to record or store such data, which necessary and proportionate for such could be the electronic communications service. After electronic communications provider. Any processing of such stored content has been sent by the end-user and communications data where the data is received by the intended end-user or end- stored on behalf of the end-user must users, it may be recorded or stored by the comply with this Regulation. The end- end-user, end-users or by a third party user may further process the data, and if entrusted by them to record or store such it contains personal data, must comply data. Any processing of such data must with Regulation (EU) 2016/679. comply with Regulation (EU) 2016/679.
Or. en
Amendment 220 Cornelia Ernst
Proposal for a regulation Recital 19
Text proposed by the Commission Amendment
(19) The content of electronic (19) The content of electronic communications pertains to the essence of communications pertains to the essence of the fundamental right to respect for private the fundamental right to respect for private and family life, home and communications and family life, home and communications protected under Article 7 of the Charter. protected under Article 7 of the Charter. Any interference with the content of Any interference with the content of electronic communications should be electronic communications should be allowed only under very clear defined allowed only under very clear defined conditions, for specific purposes and be conditions, for specific purposes and be subject to adequate safeguards against subject to adequate safeguards against abuse. This Regulation provides for the abuse. This Regulation provides for the possibility of providers of electronic possibility of providers of electronic communications services to process communications services to process electronic communications data in transit, electronic communications data in transit, with the informed consent of all the end- with the informed consent of all the end- users concerned. For example, providers users concerned. For example, providers may offer services that entail the scanning may offer services that entail the scanning of emails to remove certain pre-defined of emails to remove certain pre-defined material. Given the sensitivity of the material. Given the sensitivity of the content of communications, this Regulation content of communications, this Regulation sets forth a presumption that the processing sets forth a presumption that the processing of such content data will result in high of such content data will result in high risks to the rights and freedoms of natural risks to the rights and freedoms of natural persons. When processing such type of persons. When processing such type of data, the provider of the electronic data, the provider of the electronic communications service should always communications service should always consult the supervisory authority prior to carry out an impact assessment as the processing. Such consultation should provided for in Regulation (EU) 2016/679 be in accordance with Article 36 (2) and and if necessary under that Regulation, (3) of Regulation (EU) 2016/679. The consult the supervisory authority prior to presumption does not encompass the the processing. After electronic processing of content data to provide a communications content has been sent by service requested by the end-user where the end-user and received by the intended the end-user has consented to such end-user or end-users, it may be recorded processing and it is carried out for the or stored by the end-user, end-users or by a purposes and duration strictly necessary third party entrusted by them to record or and proportionate for such service. After store such data. Any processing of such electronic communications content has data must comply with Regulation (EU) been sent by the end-user and received by 2016/679. the intended end-user or end-users, it may be recorded or stored by the end-user, end- users or by a third party entrusted by them to record or store such data. Any processing of such data must comply with Regulation (EU) 2016/679.
Or. en
Amendment 221 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 19
Text proposed by the Commission Amendment
(19) The content of electronic (19) The content of electronic communications pertains to the essence of communications pertains to the essence of the fundamental right to respect for private the fundamental right to respect for private and family life, home and communications and family life, home and communications protected under Article 7 of the Charter. protected under Article 7 of the Charter. Any interference with the content of Any interference with the content of electronic communications should be electronic communications should be allowed only under very clear defined allowed only under very clear defined conditions, for specific purposes and be conditions, for specific purposes and be subject to adequate safeguards against subject to adequate safeguards against abuse. This Regulation provides for the abuse provided in Regulation (EU) possibility of providers of electronic 2016/679. This Regulation provides for the communications services to process possibility of providers of electronic electronic communications data in transit, communications services to process with the informed consent of all the end- electronic communications data, with the users concerned. For example, providers informed consent of the electronic may offer services that entail the scanning communication service provider's end- of emails to remove certain pre-defined user. For example, providers may offer material. Given the sensitivity of the services that entail the scanning of emails content of communications, this Regulation to remove certain pre-defined material. sets forth a presumption that the processing Given the sensitivity of the content of of such content data will result in high communications, this Regulation sets forth risks to the rights and freedoms of natural a presumption that the processing of such persons. When processing such type of content data will result in high risks to the data, the provider of the electronic rights and freedoms of natural persons. communications service should always When processing such type of data, the consult the supervisory authority prior to provider of the electronic communications the processing. Such consultation should service should always consult the be in accordance with Article 36 (2) and supervisory authority prior to the (3) of Regulation (EU) 2016/679. The processing. Such consultation should be in presumption does not encompass the accordance with Article 36 (2) and (3) of processing of content data to provide a Regulation (EU) 2016/679. The service requested by the end-user where presumption does not encompass the the end-user has consented to such processing of content data to provide a processing and it is carried out for the service requested by the end-user where purposes and duration strictly necessary the end-user has consented to such and proportionate for such service. After processing and it is carried out for the electronic communications content has purposes and duration strictly necessary been sent by the end-user and received by and proportionate for such service, for the intended end-user or end-users, it may example text to voice service, organization be recorded or stored by the end-user, end- of the mailbox or spam filter services. users or by a third party entrusted by them After electronic communications content to record or store such data. Any has been sent by the end-user and received processing of such data must comply with by the intended end-user or end-users, it Regulation (EU) 2016/679. may be recorded or stored by the end-user, end-users or by a third party entrusted by them to record or store such data. Any processing of such data must comply with Regulation (EU) 2016/679.
Or. en
Amendment 222 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 19
Text proposed by the Commission Amendment
(19) The content of electronic (19) The content of electronic communications pertains to the essence of communications pertains to the essence of the fundamental right to respect for private the fundamental right to respect for private and family life, home and communications and family life, home and communications protected under Article 7 of the Charter. protected under Article 7 of the Charter. Any interference with the content of Any interference with the content of electronic communications should be electronic communications should be allowed only under very clear defined allowed only under very clear defined conditions, for specific purposes and be conditions, for specific purposes and be subject to adequate safeguards against subject to adequate safeguards against abuse. This Regulation provides for the abuse. This Regulation provides for the possibility of providers of electronic possibility of providers of electronic communications services to process communications services to process electronic communications data in transit, electronic communications data in transit, with the informed consent of all the end- with the informed consent of all the end- users concerned. For example, providers users concerned. For example, providers may offer services that entail the scanning may offer services that entail the scanning of emails to remove certain pre-defined of emails to remove certain pre-defined material. Given the sensitivity of the material. Given the sensitivity of the content of communications, this Regulation content of communications, this Regulation sets forth a presumption that the processing sets forth a presumption that the processing of such content data will result in high of such content data will result in high risks to the rights and freedoms of natural risks to the rights and freedoms of natural persons. When processing such type of persons. When processing such type of data, the provider of the electronic data, the provider of the electronic communications service should always communications service should always consult the supervisory authority prior to consult the supervisory authority prior to the processing. Such consultation should the processing. Such consultation should be in accordance with Article 36 (2) and be in accordance with Article 36 (2) and (3) of Regulation (EU) 2016/679. The (3) of Regulation (EU) 2016/679. The presumption does not encompass the presumption does not encompass the processing of content data to provide a processing of content data to provide a service requested by the end-user where service requested by the end-user where the end-user has consented to such the end-user has consented to such processing and it is carried out for the processing and it is carried out for the purposes and duration strictly necessary purposes and duration strictly necessary and proportionate for such service. After and proportionate for such service, for electronic communications content has example text to voice service, organisation been sent by the end-user and received by of the mailbox, calendar assistants or the intended end-user or end-users, it may SPAM filter service. After electronic be recorded or stored by the end-user, end- communications content has been sent by users or by a third party entrusted by them the end-user and received by the intended to record or store such data. Any end-user or end-users, it may be recorded processing of such data must comply with or stored by the end-user, end-users or by a Regulation (EU) 2016/679. third party entrusted by them to record or store such data. Any processing of such data must comply with Regulation (EU) 2016/679.
Or. en
Amendment 223 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 19
Text proposed by the Commission Amendment
(19) The content of electronic (19) The content of electronic communications pertains to the essence of communications pertains to the essence of the fundamental right to respect for private the fundamental right to respect for private and family life, home and communications and family life, home and communications protected under Article 7 of the Charter. protected under Article 7 of the Charter. Any interference with the content of Any interference with the content of electronic communications should be electronic communications should be allowed only under very clear defined allowed only under very clear defined conditions, for specific purposes and be conditions, for specific purposes and be subject to adequate safeguards against subject to adequate safeguards against abuse. This Regulation provides for the abuse. This Regulation provides for the possibility of providers of electronic possibility of providers of electronic communications services to process communications services to process electronic communications data in transit, electronic communications data in transit, with the informed consent of all the end- with the informed consent of all the end- users concerned. For example, providers users concerned. For example, providers may offer services that entail the scanning may offer services that entail the scanning of emails to remove certain pre-defined of emails to remove certain pre-defined material. Given the sensitivity of the material. Given the sensitivity of the content of communications, this Regulation content of communications, this Regulation sets forth a presumption that the processing sets forth a presumption that the processing of such content data will result in high of such content data will result in high risks to the rights and freedoms of natural risks to the rights and freedoms of natural persons. When processing such type of persons. When processing such type of data, the provider of the electronic data, the provider of the electronic communications service should always communications service should always consult the supervisory authority prior to consult the supervisory authority prior to the processing. Such consultation should the processing. Such consultation should be in accordance with Article 36 (2) and be in accordance with Article 36 (2) and (3) of Regulation (EU) 2016/679. The (3) of Regulation (EU) 2016/679. The presumption does not encompass the presumption does not encompass the processing of content data to provide a processing of content data to provide a service requested by the end-user where service requested by the end-user where the end-user has consented to such the end-user has consented to such processing and it is carried out for the processing and it is carried out for the purposes and duration strictly necessary purposes and duration strictly necessary and proportionate for such service. After and proportionate for such service. After electronic communications content has electronic communications content has been sent by the end-user and received by been sent by the end-user and received by the intended end-user or end-users, it may the intended end-user or end-users, it may be recorded or stored by the end-user, end- be recorded, stored or processed by the users or by a third party entrusted by them end-user, end-users or by a third party to record or store such data. Any entrusted by them to record, store or processing of such data must comply with process such data. Any processing of such Regulation (EU) 2016/679. data must comply with Regulation (EU) 2016/679.
Or. en
Amendment 224 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 19 a (new)
Text proposed by the Commission Amendment
(19 a) It should be possible to process electronic communications data for the purposes of providing services specifically requested by a user for personal or personal work-related purposes such as search or keyword indexing functionality, text-to-speech engines and translation services, including picture-to-voice or other automated content processing used as accessibility tools by persons with disabilities. This should be possible without the consent of all users who are part of the communication, but may take place with the consent of the user requesting the service. Such specific consent also precludes the provider from processing those data for different purposes.
Or. en
Justification
Based on LIBE AM 20 Rapporteur
Amendment 225 Sophia in 't Veld
Proposal for a regulation Recital 19 a (new)
Text proposed by the Commission Amendment (19 a) Interference with the confidentiality of metadata or interference with the protection of information stored in and related to end-users' terminal equipment can only be regarded to be lawful where it is strictly necessary and proportionate to protect an interest which is essential for the life of the data subject or that of another natural person. Such interference based on the vital interest of another natural person should take place only in a specific case and where the processing cannot be manifestly based on another legal basis.
Or. en
Justification
Alignment with Recital 46 of the GDPR, applicable to for instance 112 services and Amber Alert for locating victims, injured people or missing children.
Amendment 226 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 20
Text proposed by the Commission Amendment
(20) Terminal equipment of end-users (20) Terminal equipment of users of of electronic communications networks electronic communications networks and and any information relating to the usage any information relating to the usage of of such terminal equipment, whether in such terminal equipment, whether in particular is stored in or emitted by such particular is stored in or emitted by such equipment, requested from or processed in equipment, requested from or processed in order to enable it to connect to another order to enable it to connect to another device and or network equipment, are part device and or network equipment, are part of the private sphere of the end-users of the private sphere of the users requiring requiring protection under the Charter of protection under the Charter of Fundamental Rights of the European Union Fundamental Rights of the European Union and the European Convention for the and the European Convention for the Protection of Human Rights and Protection of Human Rights and Fundamental Freedoms. Given that such Fundamental Freedoms. Given that such equipment contains or processes equipment contains or processes very information that may reveal details of an sensitive data that may reveal details of the individual's emotional, political, social behaviour, psychological features, complexities, including the content of emotional condition and political communications, pictures, the location of convictions, religious beliefs and social individuals by accessing the device’s GPS complexities of an individual, including capabilities, contact lists, and other the content of communications, pictures, information already stored in the device, the location of individuals by accessing the the information related to such equipment device's GPS capabilities, contact lists, and requires enhanced privacy protection. other information already stored in the Furthermore, the so-called spyware, web device, the information processed by or bugs, hidden identifiers, tracking cookies related to such equipment requires and other similar unwanted tracking tools enhanced privacy protection. Information can enter end-user's terminal equipment related to the user's device may also be without their knowledge in order to gain collected remotely for the purpose of access to information, to store hidden identification and tracking, using information and to trace the activities. techniques such as the so-called 'device Information related to the end-user’s fingerprinting', often without the device may also be collected remotely for knowledge of the user, and may seriously the purpose of identification and tracking, intrude upon the privacy of these users. using techniques such as the so-called Furthermore, the so-called spyware, web ‘device fingerprinting’, often without the bugs, hidden identifiers, tracking cookies knowledge of the end-user, and may and other similar tracking tools can enter seriously intrude upon the privacy of user's terminal equipment without their these end-users. Techniques that knowledge in order to gain access to surreptitiously monitor the actions of end- information, to store hidden information, to users, for example by tracking their process data and use input and output activities online or the location of their functionalities such as sensors, and to terminal equipment, or subvert the trace the activities. Techniques that operation of the end-users’ terminal surreptitiously monitor the actions of equipment pose a serious threat to the users, for example by tracking their privacy of end-users. Therefore, any such activities online or the location of their interference with the end-user's terminal terminal equipment, or subvert the equipment should be allowed only with the operation of the users' terminal equipment end-user's consent and for specific and pose a serious threat to the privacy of transparent purposes. users. Therefore, any such interference with the user's terminal equipment should be allowed only with the user's consent and for specific and transparent purposes.
Or. en
Amendment 227 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 20
Text proposed by the Commission Amendment
(20) Terminal equipment of end-users of (20) Terminal equipment of end-users of electronic communications networks and electronic communications networks and any information relating to the usage of any information relating to the usage of such terminal equipment, whether in such terminal equipment, whether in particular is stored in or emitted by such particular is stored in or emitted by such equipment, requested from or processed in equipment, requested from or processed in order to enable it to connect to another order to enable it to connect to another device and or network equipment, are part device and or network equipment, are part of the private sphere of the end-users of the private sphere of the end-users requiring protection under the Charter of requiring protection under the Charter of Fundamental Rights of the European Union Fundamental Rights of the European Union and the European Convention for the and the European Convention for the Protection of Human Rights and Protection of Human Rights and Fundamental Freedoms. Given that such Fundamental Freedoms. Given that such equipment contains or processes equipment contains or processes information that may reveal details of an information that may reveal details of an individual's emotional, political, social individual's emotional, political, social complexities, including the content of complexities, including the content of communications, pictures, the location of communications, pictures, the location of individuals by accessing the device’s GPS individuals by accessing the device’s GPS capabilities, contact lists, and other capabilities, contact lists, and other information already stored in the device, information already stored in the device, the information related to such equipment the information related to such equipment requires enhanced privacy protection. requires enhanced privacy protection. Furthermore, the so-called spyware, web Furthermore, the so-called spyware, web bugs, hidden identifiers, tracking cookies bugs, hidden identifiers, tracking cookies and other similar unwanted tracking tools and other similar unwanted tracking tools can enter end-user's terminal equipment can enter end-user's terminal equipment without their knowledge in order to gain without their knowledge in order to gain access to information, to store hidden access to information, to store hidden information and to trace the activities. information and to trace the activities. Information related to the end-user’s Information related to the end-user’s device may also be collected remotely for device may also be collected remotely for the purpose of identification and tracking, the purpose of identification and tracking, using techniques such as the so-called using techniques such as the so-called ‘device fingerprinting’, often without the ‘device fingerprinting’, often without the knowledge of the end-user, and may knowledge of the end-user, and may seriously intrude upon the privacy of these seriously intrude upon the privacy of these end-users. Techniques that surreptitiously end-users. Techniques that surreptitiously monitor the actions of end-users, for monitor the actions of end-users, for example by tracking their activities online example by tracking their activities online or the location of their terminal equipment, or the location of their terminal equipment, or subvert the operation of the end-users’ or subvert the operation of the end-users’ terminal equipment pose a serious threat to terminal equipment pose a serious threat to the privacy of end-users. Therefore, any the privacy of end-users. Therefore, any such interference with the end-user's such interference with the end-user's terminal equipment should be allowed only terminal equipment should be allowed only with the end-user's consent and for specific with the end-user's consent or for clearly and transparent purposes. defined exceptions and for specific and transparent purposes.
Or. en
Amendment 228 Maria Grapini
Proposal for a regulation Recital 20
Text proposed by the Commission Amendment
(20) Echipamentele terminale ale (20) Echipamentele terminale ale utilizatorilor finali ai rețelelor de utilizatorilor finali ai rețelelor de comunicații electronice și orice informații comunicații electronice și orice informații referitoare la utilizarea unor astfel de referitoare la utilizarea unor astfel de echipamente terminale, în special în cazul echipamente terminale, în special în cazul în care informațiile sunt stocate în astfel de în care informațiile sunt stocate în astfel de echipamente sau emise de acestea, echipamente sau emise de acestea, solicitate acestora sau prelucrate în scopul solicitate acestora sau prelucrate în scopul de a le permite conectarea la un alt de a le permite conectarea la un alt dispozitiv și/sau alte echipamente de rețea, dispozitiv și/sau alte echipamente de rețea, fac parte din sfera privată a utilizatorilor fac parte din sfera privată a utilizatorilor finali și necesită protecție în temeiul Cartei finali și necesită protecție în temeiul Cartei drepturilor fundamentale a Uniunii drepturilor fundamentale a Uniunii Europene și a Convenției europene pentru Europene și a Convenției europene pentru apărarea drepturilor omului și a libertăților apărarea drepturilor omului și a libertăților fundamentale. Având în vedere faptul că fundamentale. Având în vedere faptul că astfel de echipamente conțin sau astfel de echipamente conțin sau prelucrează informații care ar putea prelucrează informații care ar putea dezvălui detalii privind complexitatea dezvălui detalii privind complexitatea emoțională, politică sau socială a unei emoțională, politică sau socială şi persoane fizice, inclusiv conținutul orientarea religioasă a unei persoane comunicațiilor, imagini, localizarea fizice, inclusiv conținutul comunicațiilor, persoanelor prin accesarea funcțiilor GPS imagini, localizarea persoanelor prin ale dispozitivelor, listele datelor de contact accesarea funcțiilor GPS ale dispozitivelor, și alte informații deja stocate în dispozitiv, listele datelor de contact și alte informații informațiile legate de astfel de echipamente deja stocate în dispozitiv, informațiile necesită o protecție sporită a vieții private. legate de astfel de echipamente necesită o În plus, așa-numitele programe spyware, protecție sporită a vieții private. În plus, semnalizatoare web (web bugs), așa-numitele programe spyware, identificatori ascunși (hidden identifiers), semnalizatoare web (web bugs), cookie-uri permanente și alte instrumente identificatori ascunși (hidden identifiers), similare de urmărire nedorită pot intra în cookie-uri permanente și alte instrumente echipamentele terminale ale utilizatorului similare de urmărire nedorită pot intra în final fără cunoștința acestuia pentru a echipamentele terminale ale utilizatorului obține accesul la informații, a stoca final fără cunoștința acestuia pentru a informații ascunse și a monitoriza obține accesul la informații, a stoca activitățile. Informațiile referitoare la informații ascunse și a monitoriza dispozitivul utilizatorului final pot fi, de activitățile. Informațiile referitoare la asemenea, colectate de la distanță în dispozitivul utilizatorului final pot fi, de scopuri de identificare și urmărire, asemenea, colectate de la distanță în utilizând tehnici cum ar fi așa-numita scopuri de identificare și urmărire, „prelevare a amprentelor digitale” (device utilizând tehnici cum ar fi așa-numita fingerprinting), adesea fără cunoștința „prelevare a amprentelor digitale” (device utilizatorului final, ceea ce poate periclita fingerprinting), adesea fără cunoștința în mod flagrant viața privată a acestor utilizatorului final, ceea ce poate periclita utilizatori finali. Tehnicile prin care se în mod flagrant viața privată a acestor monitorizează în mod discret acțiunile utilizatori finali. Tehnicile prin care se utilizatorilor finali, de exemplu prin monitorizează în mod discret acțiunile urmărirea activităților online ale acestora utilizatorilor finali, de exemplu prin sau a localizării echipamentelor lor urmărirea activităților online ale acestora terminale sau care subminează sau a localizării echipamentelor lor funcționarea echipamentelor terminale ale terminale sau care subminează utilizatorilor finali reprezintă o amenințare funcționarea echipamentelor terminale ale majoră la adresa vieții lor private. Prin utilizatorilor finali reprezintă o amenințare urmare, orice astfel de amestec în legătură majoră la adresa vieții lor private. Prin cu echipamentele terminale ale urmare, orice astfel de amestec în legătură utilizatorului final ar trebui să fie permis cu echipamentele terminale ale numai cu consimțământul acestuia și în utilizatorului final ar trebui să fie permis scopuri specifice și transparente. numai cu consimțământul acestuia și în scopuri specifice și transparente.
Or. ro
Amendment 229 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 20
Text proposed by the Commission Amendment
(20) Terminal equipment of end-users of (20) Terminal equipment of end-users of electronic communications networks and electronic communications networks and any information relating to the usage of any information relating to the usage of such terminal equipment, whether in such terminal equipment, whether in particular is stored in or emitted by such particular is stored in or emitted by such equipment, requested from or processed in equipment, requested from or processed in order to enable it to connect to another order to enable it to connect to another device and or network equipment, are part device and or network equipment, are part of the private sphere of the end-users of the private sphere of the end-users requiring protection under the Charter of requiring protection under the Charter of Fundamental Rights of the European Union Fundamental Rights of the European Union and the European Convention for the and the European Convention for the Protection of Human Rights and Protection of Human Rights and Fundamental Freedoms. Given that such Fundamental Freedoms. Given that such equipment contains or processes equipment contains or processes information that may reveal details of an information that may reveal details of an individual's emotional, political, social individual's emotional, political, social complexities, including the content of complexities, including the content of communications, pictures, the location of communications, pictures, the location of individuals by accessing the device’s GPS individuals by accessing the device’s GPS capabilities, contact lists, and other capabilities, contact lists, and other information already stored in the device, information already stored in the device, the information related to such equipment the information related to such equipment requires enhanced privacy protection. requires enhanced privacy protection. Furthermore, the so-called spyware, web Furthermore, the so-called spyware, web bugs, hidden identifiers, tracking cookies bugs, hidden identifiers, and other and other similar unwanted tracking tools unwanted tracking tools can enter end- can enter end-user's terminal equipment user's terminal equipment without their without their knowledge in order to gain knowledge in order to gain access to access to information, to store hidden information, to store hidden information information and to trace the activities. and to trace the activities. Information Information related to the end-user’s related to the end-user’s device may also device may also be collected remotely for be collected remotely for the purpose of the purpose of identification and tracking, identification and tracking, using using techniques such as the so-called techniques such as the so-called ‘device ‘device fingerprinting’, often without the fingerprinting’, often without the knowledge of the end-user, and may knowledge of the end-user, and may seriously intrude upon the privacy of these seriously intrude upon the privacy of these end-users. Techniques that surreptitiously end-users. Techniques that surreptitiously monitor the actions of end-users, for monitor the actions of end-users, for example by tracking their activities online example by tracking their activities online or the location of their terminal equipment, or the location of their terminal equipment, or subvert the operation of the end-users’ or subvert the operation of the end-users’ terminal equipment pose a serious threat to terminal equipment pose a serious threat to the privacy of end-users. Therefore, any the privacy of end-users. Therefore, any such interference with the end-user's such interference with the end-user's terminal equipment should be allowed only terminal equipment should be allowed only with the end-user's consent and for specific with the end-user's consent and for specific and transparent purposes. and transparent purposes.
Or. en
Amendment 230 Axel Voss, Heinz K. Becker, Anna Maria Corazza Bildt
Proposal for a regulation Recital 20
Text proposed by the Commission Amendment
(20) Terminal equipment of end-users of (20) Terminal equipment of end-users of electronic communications networks and electronic communications networks and any information relating to the usage of any information relating to the usage of such terminal equipment, whether in such terminal equipment, whether in particular is stored in or emitted by such particular is stored in or emitted by such equipment, requested from or processed in equipment, requested from or processed in order to enable it to connect to another order to enable it to connect to another device and or network equipment, are part device and or network equipment, are part of the private sphere of the end-users of the private sphere of the end-users requiring protection under the Charter of requiring protection under the Charter of Fundamental Rights of the European Union Fundamental Rights of the European Union and the European Convention for the and the European Convention for the Protection of Human Rights and Protection of Human Rights and Fundamental Freedoms. Given that such Fundamental Freedoms. Given that such equipment contains or processes equipment contains or processes information that may reveal details of an information that may reveal details of an individual's emotional, political, social individual's emotional, political, social complexities, including the content of complexities, including the content of communications, pictures, the location of communications, pictures, the location of individuals by accessing the device’s GPS individuals by accessing the device’s GPS capabilities, contact lists, and other capabilities, contact lists, and other information already stored in the device, information already stored in the device, the information related to such equipment the information related to such equipment requires enhanced privacy protection. requires enhanced privacy protection. Furthermore, the so-called spyware, web Furthermore, the so-called spyware, web bugs, hidden identifiers, tracking cookies bugs, hidden identifiers and other similar and other similar unwanted tracking tools unwanted tracking tools can enter end- can enter end-user's terminal equipment user's terminal equipment without their without their knowledge in order to gain knowledge in order to gain access to access to information, to store hidden information, to store hidden information information and to trace the activities. and to trace the activities. Information Information related to the end-user’s related to the end-user’s device may also device may also be collected remotely for be collected remotely for the purpose of the purpose of identification and tracking, identification and tracking, using using techniques such as the so-called techniques such as the so-called ‘device ‘device fingerprinting’, often without the fingerprinting’, often without the knowledge of the end-user, and may knowledge of the end-user, and may seriously intrude upon the privacy of these seriously intrude upon the privacy of these end-users. Techniques that surreptitiously end-users. Techniques that surreptitiously monitor the actions of end-users, for monitor the actions of end-users, for example by tracking their activities online example by tracking their activities online or the location of their terminal equipment, or the location of their terminal equipment, or subvert the operation of the end-users’ or subvert the operation of the end-users’ terminal equipment pose a serious threat to terminal equipment pose a serious threat to the privacy of end-users. Therefore, any the privacy of end-users. Therefore, any such interference with the end-user's such interference with the end-user's terminal equipment should be allowed only terminal equipment should be allowed only with the end-user's consent and for specific with the end-user's consent and for specific and transparent purposes. and transparent purposes.
Or. en
Amendment 231 Heinz K. Becker
Proposal for a regulation Recital 20
Text proposed by the Commission Amendment
(20) Die Endeinrichtungen der (20) Die Endeinrichtungen der Endnutzer elektronischer Endnutzer elektronischer Kommunikationsnetze und alle Kommunikationsnetze und alle Informationen im Zusammenhang mit der Informationen im Zusammenhang mit der Nutzung dieser Endeinrichtungen, ob sie Nutzung dieser Endeinrichtungen, ob sie nun von solchen Geräten gespeichert oder nun von solchen Geräten gespeichert oder ausgesendet, von ihnen angefordert oder ausgesendet, von ihnen angefordert oder verarbeitet werden, um sich mit anderen verarbeitet werden, um sich mit anderen Geräten oder mit Netzanlagen verbinden zu Geräten oder mit Netzanlagen verbinden zu können, sind Teil der Privatsphäre der können, sind Teil der Privatsphäre der Endnutzer, die dem Schutz aufgrund der Endnutzer, die dem Schutz aufgrund der Charta der Grundrechte der Europäischen Charta der Grundrechte der Europäischen Union und der Europäischen Konvention Union und der Europäischen Konvention zum Schutz der Menschenrechte und zum Schutz der Menschenrechte und Grundfreiheiten unterliegt. Die Grundfreiheiten unterliegt. Die Informationen im Zusammenhang mit Informationen im Zusammenhang mit solchen Endeinrichtungen erfordern einen solchen Endeinrichtungen erfordern einen erhöhten Schutz der Privatsphäre, da erhöhten Schutz der Privatsphäre, da solche Endeinrichtungen Informationen solche Endeinrichtungen Informationen enthalten oder verarbeiten, die einen tiefen enthalten oder verarbeiten, die einen tiefen Einblick in komplexe emotionale, Einblick in komplexe emotionale, politische und soziale Aspekte der politische und soziale Aspekte der Persönlichkeit einer Person geben können, Persönlichkeit einer Person geben können, darunter Nachrichteninhalte, Bilder, darunter Nachrichteninhalte, Bilder, Aufenthaltsorte durch Zugriff auf die GPS- Aufenthaltsorte durch Zugriff auf die GPS- Funktionen der Geräte sowie Kontaktlisten Funktionen der Geräte sowie Kontaktlisten und andere bereits in dem Gerät und andere bereits in dem Gerät gespeicherte Informationen. Darüber gespeicherte Informationen. Darüber hinaus können unerwünschte hinaus können unerwünschte Verfolgungswerkzeuge wie z. B. Spyware, Verfolgungswerkzeuge wie z. B. Spyware, Webbugs, versteckte Kennungen und Webbugs und versteckte Kennungen ohne Verfolgungs-Cookies ohne das Wissen des das Wissen des Endnutzers in dessen Endnutzers in dessen Endeinrichtung Endeinrichtung eindringen, um Zugang zu eindringen, um Zugang zu Informationen Informationen zu erlangen, versteckte zu erlangen, versteckte Informationen zu Informationen zu speichern oder die speichern oder die Nutzeraktivität zu Nutzeraktivität zu verfolgen. verfolgen. Informationen in Bezug auf das Informationen in Bezug auf das Gerät des Gerät des Endnutzers können auch im Endnutzers können auch im Fernzugang zu Fernzugang zu Identifizierungs- und Identifizierungs- und Verfolgungszwecken Verfolgungszwecken erhoben werden, mit erhoben werden, mit Techniken wie der Techniken wie der Verfolgung von Verfolgung von Gerätekennungen, was oft Gerätekennungen, was oft ohne Wissen des ohne Wissen des Endnutzers geschieht, Endnutzers geschieht, und können eine und können eine ernsthafte Verletzung der ernsthafte Verletzung der Privatsphäre Privatsphäre dieser Endnutzer darstellen. dieser Endnutzer darstellen. Techniken, mit Techniken, mit denen die Aktivitäten der denen die Aktivitäten der Endnutzer Endnutzer heimlich beobachtet werden, heimlich beobachtet werden, indem z. B. indem z. B. ihre Online-Aktivitäten oder ihre Online-Aktivitäten oder die Standorte die Standorte ihrer Endeinrichtungen ihrer Endeinrichtungen verfolgt werden, verfolgt werden, oder mit denen die oder mit denen die Funktionsweise der Funktionsweise der Endeinrichtungen der Endeinrichtungen der Endnutzer Endnutzer unbemerkt manipuliert wird, unbemerkt manipuliert wird, stellen eine stellen eine ernste Bedrohung der ernste Bedrohung der Privatsphäre der Privatsphäre der Endnutzer dar. Deshalb Endnutzer dar. Deshalb sollten derartige sollten derartige Eingriffe in die Eingriffe in die Endeinrichtungen der Endeinrichtungen der Endnutzer nur Endnutzer nur mit Einwilligung des aufgrund eines Rechtmäßigkeitsgrundes Endnutzers und für bestimmte im Sinne des Artikels 6 der VO (EU) transparente Zwecke erlaubt sein. 2016/679 erlaubt sein.
Or. de
Amendment 232 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 21
Text proposed by the Commission Amendment
(21) Exceptions to the obligation to (21) Exceptions to the obligation to obtain consent to make use of the obtain consent to make use of the processing and storage capabilities of processing and storage capabilities of terminal equipment or to access terminal equipment or to access information stored in terminal equipment information stored in terminal equipment should be limited to situations that involve should be limited to situations that involve no, or only very limited, intrusion of no, or only very limited, intrusion of privacy. For instance, consent should not privacy. For instance, consent should not be requested for authorizing the technical be requested for authorizing the technical storage or access which is strictly storage or access which is strictly necessary and proportionate for the necessary and proportionate for the legitimate purpose of enabling the use of a legitimate purpose of enabling the use of a specific service explicitly requested by the specific service explicitly requested by the end-user. This may include the storing of end-user. This may include the storing of cookies for the duration of a single cookies for the duration of a single established session on a website to keep established session on a website to keep track of the end-user’s input when filling in track of the end-user’s input when filling in online forms over several pages. Cookies online forms over several pages. Consent can also be a legitimate and useful tool, for should also not be necessary if the example, in measuring web traffic to a information processed or stored is website. Information society providers that necessary to protect privacy, security or engage in configuration checking to safety of the end-user, or to protect provide the service in compliance with the confidentiality, integrity, availability and end-user's settings and the mere logging of authenticity of the terminal equipment. the fact that the end-user’s device is unable Cookies can also be a legitimate and useful to receive content requested by the end- tool, for example, in measuring web traffic user should not constitute access to such a to a website. Information society providers device or use of the device processing that engage in configuration checking to capabilities. provide the service in compliance with the end-user's settings and the mere logging of the fact that the end-user’s device is unable to receive content requested by the end- user should not constitute access to such a device or use of the device processing capabilities. As an exemption from obtaining end-user´s consent, the processing of information and data that are or are rendered pseudonymous or anonymous should be allowed or for purposes other than those for which they were initially collected in cases where the processing is compatible and is subject to specific safeguards, especially pseudonymisation as set forth in point (4) of Article 6 of Regulation (EU) 2016/679, as well as if it is necessary in accordance with Article 6 (1) (f) of Regulation (EU) 2016/679 for the purpose of legitimate interest, provided that the data protection impact assessment was carried out, as prescribed in Article 35 of Regulation (EU) 2016/679. Adherence to the data protection certification mechanisms, seals or marks, as defined respectively in Article 40 and Article 42 of Regulation (EU) 2016/679, shall be encouraged and promoted, especially to demonstrate compliance with the Regulation in case of exceptions concerning compatible processing and legitimate interests as described above.
Or. en
Amendment 233 Anna Maria Corazza Bildt
Proposal for a regulation Recital 21
Text proposed by the Commission Amendment
(21) Exceptions to the obligation to (21) Exceptions to the obligation to obtain consent to make use of the obtain consent store information in processing and storage capabilities of terminal equipment or to access terminal equipment or to access information stored in terminal equipment information stored in terminal equipment should be limited to situations that comply should be limited to situations that involve with all obligations pursuant to regulation no, or only very limited, intrusion of (EU) 2016/679. For instance, the technical privacy. For instance, consent should not storage or access which is strictly be requested for authorizing the technical necessary and proportionate for the storage or access which is strictly legitimate purpose of enabling the use of a necessary and proportionate for the specific service explicitly requested by the legitimate purpose of enabling the use of a consumer. This may include the storing of specific service explicitly requested by the cookies on a website to keep track of the end-user. This may include the storing of consumer’s input when filling in online cookies for the duration of a single forms over several pages or enabling other established session on a website to keep adaptation to individual track of the end-user’s input when filling preferences. Cookies can also be a in online forms over several pages. legitimate and useful tool to improve the Cookies can also be a legitimate and useful performance of a website, for example, in tool, for example, in measuring web traffic measuring web traffic to a website or to a website. Information society providers identify if consumers get error messages that engage in configuration checking to from certain pages on a website. provide the service in compliance with the Similarly, providers of terminal end-user's settings and the mere logging of equipment and the software needed to the fact that the end-user’s device is unable operate such equipment regularly need to receive content requested by the end- access to configuration and other device user should not constitute access to such a information and the processing and device or use of the device processing storage capabilities to maintain the capabilities. equipment, prevent security vulnerabilities or their exploitation and correct problems related to the equipment's operation. Information society providers and electronic communications service providers that engage in configuration checking to provide the service in compliance with the consumer's settings and the mere logging of the fact that the consumer’s device is unable to receive content requested by the consumer should not constitute access to such a device or use of the device processing capabilities.
Or. en
Amendment 234 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 21
Text proposed by the Commission Amendment (21) Exceptions to the obligation to (21) Exceptions to the obligation to obtain consent to make use of the obtain consent to make use of the processing and storage capabilities of processing and storage capabilities of terminal equipment or to access terminal equipment or to access information stored in terminal equipment information stored in terminal equipment should be limited to situations that involve should be limited to situations that involve no, or only very limited, intrusion of no, or only limited, impact on the privacy privacy. For instance, consent should not of the end-user concerned, in accordance be requested for authorizing the technical with Regulation (EU) 2016/679. For storage or access which is strictly instance, consent should not be requested necessary and proportionate for the for authorizing the technical storage or legitimate purpose of enabling the use of a access which is strictly necessary and specific service explicitly requested by the proportionate for the legitimate purpose of end-user. This may include the storing of providing, including enabling or cookies for the duration of a single subsidizing the use of a specific service established session on a website to keep explicitly requested by the end-user. This track of the end-user’s input when filling in may include the storing of cookies for the online forms over several pages. Cookies duration of a single established session on can also be a legitimate and useful tool, for a website to keep track of the end-user’s example, in measuring web traffic to a input when filling in online forms over website. Information society providers that several pages. Cookies can also be a engage in configuration checking to legitimate and useful tool for other provide the service in compliance with the legitimate purposes, for example, securing end-user's settings and the mere logging of a service, measuring web traffic to a the fact that the end-user’s device is unable website or measuring the effectiveness of to receive content requested by the end- advertisements. Information society user should not constitute access to such a providers that engage in configuration device or use of the device processing checking to provide the service in capabilities. compliance with the end-user's settings and the mere logging of the fact that the end- user’s device is unable to receive content requested by the end-user should not constitute access to such a device or use of the device processing capabilities.
Or. en
Amendment 235 Heinz K. Becker
Proposal for a regulation Recital 21
Text proposed by the Commission Amendment
(21) Ausnahmen von der Verpflichtung, (21) Ausnahmen von der die Einwilligung in die Nutzung der Verpflichtung, einen Verarbeitungs- und Speicherfunktionen Rechtmäßigkeitsgrund im Sinne des von Endeinrichtungen oder den Zugriff auf Artikels 6 der VO (EU) 2016/679 für die in Endeinrichtungen gespeicherte Nutzung der Verarbeitungs- und Informationen einzuholen, sollten auf Speicherfunktionen von Endeinrichtungen Situationen beschränkt sein, in denen kein oder den Zugriff auf in Endeinrichtungen oder nur ein geringfügiger Eingriff in die gespeicherte Informationen nachweisen zu Privatsphäre stattfindet. Beispielsweise müssen, sollten auf Situationen beschränkt sollte keine Einwilligung eingeholt werden sein, in denen kein oder nur ein für ein technisches Speichern oder geringfügiger Eingriff in die Privatsphäre Zugreifen, das zu dem rechtmäßigen stattfindet oder ein berechtigtes Interesse Zweck, die vom Endnutzer ausdrücklich verfolgt wird. Beispielsweise sollte keine gewünschte Nutzung eines bestimmten Einwilligung eingeholt werden für ein Dienstes zu ermöglichen, unbedingt technisches Speichern oder Zugreifen, das notwendig und verhältnismäßig ist. Dazu zu dem rechtmäßigen Zweck, die vom gehört auch das Speichern von Cookies für Endnutzer ausdrücklich gewünschte die Dauer einer für den Besuch einer Nutzung eines bestimmten Dienstes zu Website einmal aufgebauten Sitzung, um ermöglichen, unbedingt notwendig und die Eingaben des Endnutzers beim verhältnismäßig ist. Dazu gehört auch das Ausfüllen von Online-Formularen, die sich Speichern von Cookies für die Dauer einer über mehrere Seiten erstrecken, für den Besuch einer Website einmal mitverfolgen zu können. Cookies können aufgebauten Sitzung, um die Eingaben des auch ein legitimes und nützliches Endnutzers beim Ausfüllen von Online- Hilfsmittel sein, um beispielsweise den Formularen, die sich über mehrere Seiten Webdatenverkehr zu einer Website zu erstrecken, mitverfolgen zu können. messen. Konfigurationsprüfungen, die Cookies können auch ein legitimes und Anbieter von Diensten der nützliches Hilfsmittel sein, um Informationsgesellschaft vornehmen, um beispielsweise den Webdatenverkehr von ihren Dienst entsprechend den Websites zu messen. Einstellungen des Endnutzers bereitstellen Konfigurationsprüfungen, die Anbieter von zu können, wie auch das bloße Feststellen Diensten der Informationsgesellschaft der Tatsache, dass das Gerät des vornehmen, um ihren Dienst entsprechend Endnutzers die vom Endnutzer den Einstellungen des Endnutzers angeforderten Inhalte nicht empfangen bereitstellen zu können oder sich dessen kann, sollten nicht als Zugriff auf ein Gerät bestimmungsgemäße Erbringung oder als Nutzung der vorzubehalten, wie auch das bloße Verarbeitungsfunktionen des Geräts Feststellen der Tatsache, dass das Gerät des betrachtet werden. Endnutzers die vom Endnutzer angeforderten Inhalte ganz oder teilweise nicht empfangen kann, sollten nicht als Zugriff auf ein Gerät oder als Nutzung der Verarbeitungsfunktionen des Geräts betrachtet werden.
Or. de
Amendment 236 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 21
Text proposed by the Commission Amendment
(21) Exceptions to the obligation to (21) Exceptions to the obligation to obtain consent to make use of the obtain consent to make use of the processing and storage capabilities of processing and storage capabilities of terminal equipment or to access terminal equipment or to access information stored in terminal equipment information stored in terminal equipment should be limited to situations that involve should be limited to situations that involve no, or only very limited, intrusion of no, or only very limited, intrusion of privacy. For instance, consent should not privacy. For instance, consent should not be requested for authorizing the technical be requested for authorizing the technical storage or access which is strictly storage or access which is necessary and necessary and proportionate for the proportionate for the legitimate purpose of legitimate purpose of enabling the use of a enabling the use of a specific service specific service explicitly requested by the explicitly requested by the end-user. This end-user. This may include the storing of may include the storing of cookies for the cookies for the duration of a single duration of a single established session on established session on a website to keep a website to keep track of the end-user's track of the end-user’s input when filling input when filling in online forms over in online forms over several pages. several pages. This may also cover Cookies can also be a legitimate and useful situations where end-users use a service tool, for example, in measuring web traffic across devices for the purpose of service to a website. Information society providers personalisation and content that engage in configuration checking to recommendation. Cookies can also be a provide the service in compliance with the legitimate and useful tool, for example, in end-user's settings and the mere logging of measuring web traffic to a website. the fact that the end-user’s device is unable Information society providers that engage to receive content requested by the end- in configuration checking to provide the user should not constitute access to such a service in compliance with the end-user's device or use of the device processing settings and the mere logging of the fact capabilities. that the end-user's device is unable to receive content requested by the end-user should not constitute access to such a device or use of the device processing capabilities.
Or. en
Amendment 237 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 21
Text proposed by the Commission Amendment
(21) Exceptions to the obligation to (21) Exceptions to the obligation to obtain consent to make use of the obtain consent to make use of the input, processing and storage capabilities of output, processing and storage capabilities terminal equipment or to access of terminal equipment or to access information stored in terminal equipment information stored in terminal equipment should be limited to situations that involve should be limited to situations that involve no, or only very limited, intrusion of no, or only very limited, intrusion of privacy. For instance, consent should not privacy. For instance, consent should not be requested for authorizing the technical be requested for authorizing the technical storage or access which is strictly storage or access which is strictly necessary and proportionate for the necessary and proportionate for the legitimate purpose of enabling the use of a legitimate purpose of enabling the use of a specific service explicitly requested by the specific service explicitly requested by the end-user. This may include the storing of user or subscriber. This may include the cookies for the duration of a single storing of information (such as cookies established session on a website to keep and identifiers) for the duration of a single track of the end-user’s input when filling in established session on a website to keep online forms over several pages. Cookies track of the user's input when filling in can also be a legitimate and useful tool, online forms over several pages. for example, in measuring web traffic to a Information society service providers that website. Information society providers that engage in configuration checking to engage in configuration checking to provide the service in compliance with the provide the service in compliance with the user's settings and the mere logging of the end-user's settings and the mere logging of fact that the user's device is unable to the fact that the end-user’s device is unable receive content requested by the user to receive content requested by the end- should not constitute illegitimate access. user should not constitute access to such a device or use of the device processing capabilities.
Or. en
Amendment 238 Sophia in 't Veld
Proposal for a regulation Recital 21
Text proposed by the Commission Amendment
(21) Exceptions to the obligation to (21) Exceptions to the obligation to obtain consent to make use of the obtain consent to make use of the processing and storage capabilities of processing and storage capabilities of terminal equipment or to access terminal equipment or to access information stored in terminal equipment information stored in terminal equipment should be limited to situations that involve should be limited to situations that involve no, or only very limited, intrusion of no, or only very limited, privacy. For instance, consent should not intrusion of privacy. For instance, consent be requested for authorizing the technical should not be requested for authorizing the storage or access which is strictly technical storage or access which is strictly necessary and proportionate for the necessary and proportionate for the legitimate purpose of enabling the use of a legitimate purpose of enabling the use of a specific service explicitly requested by the specific service explicitly requested by the end-user. This may include the storing of end-user. This may include the storing of cookies for the duration of a single cookies for the duration of a single established session on a website to keep established session on a website to keep track of the end-user’s input when filling track of the end-user's input when filling in online forms over several pages. in online forms over several pages. Cookies can also be a legitimate and useful Cookies can also be a legitimate and useful tool, for example, in measuring web traffic tool, for example, in measuring web traffic to a website. Information society providers to a website. Information society providers that engage in configuration checking to that engage in configuration checking to provide the service in compliance with the provide the service in compliance with the end-user's settings and the mere logging of end-user's settings and the mere logging of the fact that the end-user’s device is unable the fact that the end-user's device is unable to receive content requested by the end- to receive content requested by the end- user should not constitute access to such a user should not constitute access to such a device or use of the device processing device or use of the device processing capabilities. capabilities for which consent is required.
Or. en
Amendment 239 Heinz K. Becker
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) Die Methoden zur Bereitstellung entfällt von Informationen und die Einholung der Einwilligung des Endnutzers sollten so benutzerfreundlich wie möglich sein. Wegen der allgegenwärtigen Verwendung von Verfolgungs-Cookies und anderer Verfolgungstechniken werden die Endnutzer immer häufiger aufgefordert, ihre Einwilligung in die Speicherung solcher Verfolgungs-Cookies in ihren Endeinrichtungen zu geben. Infolge dessen werden die Endnutzer mit Einwilligungsanfragen überhäuft. Mit Hilfe technischer Mittel für die Erteilung der Einwilligung, z. B. durch transparente und benutzerfreundliche Einstellungen, könnte dieses Problem behoben werden. Deshalb sollte diese Verordnung die Möglichkeit vorsehen, dass die Einwilligung durch die entsprechenden Einstellungen in einem Browser oder einer anderen Anwendung erteilt werden kann. Die Auswahl, die Endnutzer bei der Festlegung ihrer allgemeinen Einstellungen zur Privatsphäre in einem Browser oder einer anderen Anwendung getroffen haben, sollte für Dritte verbindlich und ihnen gegenüber auch durchsetzbar sein. Webbrowser sind eine Art von Softwareanwendung, die es ermöglicht, Informationen aus dem Internet abzurufen und darzustellen. Andere Arten von Anwendungen wie solche, die Anrufe und die Nachrichtenübermittlung ermöglichen oder Navigationshilfe bieten, sind dazu ebenfalls in der Lage. Ein Großteil der Vorgänge, die zwischen dem Endnutzer und der Website ablaufen, werden von Webbrowsern abgewickelt. Aus dieser Sicht kommt ihnen eine Sonderstellung zu, wenn es darum geht, den Endnutzern die Kontrolle über den Informationsfluss zu und von ihrer Endeinrichtung zu erleichtern. So können Webbrowser insbesondere als Torwächter dienen und den Endnutzern helfen, ein Speichern von Informationen in ihren Endeinrichtungen (wie Smartphones, Tablets oder Computer) bzw. den Zugriff darauf zu verhindern.
Or. de
Amendment 240 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) The methods used for providing (22) The methods used for providing information and obtaining end-user's information and obtaining end-user's consent should be as user-friendly as consent should be as user-friendly as possible. Given the ubiquitous use of possible. Given the ubiquitous use of tracking cookies and other tracking tracking cookies and other tracking techniques, end-users are increasingly techniques, end-users are increasingly requested to provide consent to store such requested to provide consent to store such tracking cookies in their terminal tracking cookies in their terminal equipment. As a result, end-users are equipment. As a result, end-users are overloaded with requests to provide overloaded with requests to provide consent. The use of technical means to consent. The use of technical means to provide consent, for example, through provide consent, for example, through transparent and user-friendly settings, may transparent and user-friendly settings, may address this problem. Therefore, this address this problem. Therefore, this Regulation should provide for the Regulation should provide for the possibility to express consent by using the possibility to express consent by appropriate settings of a browser or other appropriate technical settings. application. The choices made by end- users when establishing its general privacy settings of a browser or other application should be binding on, and enforceable against, any third parties. Web browsers are a type of software application that permits the retrieval and presentation of information on the internet. Other types of applications, such as the ones that permit calling and messaging or provide route guidance, have also the same capabilities. Web browsers mediate much of what occurs between the end-user and the website. From this perspective, they are in a privileged position to play an active role to help the end-user to control the flow of information to and from the terminal equipment. More particularly web browsers may be used as gatekeepers, thus helping end-users to prevent information from their terminal equipment (for example smart phone, tablet or computer) from being accessed or stored.
Or. en
Amendment 241 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Csaba Sógor, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) The methods used for providing (22) The methods used for providing information and obtaining end-user's information and obtaining end-user's consent should be as user-friendly as consent should be as user-friendly as possible. Given the ubiquitous use of possible. Given the ubiquitous use of tracking cookies and other tracking tracking cookies and other tracking techniques, end-users are increasingly techniques, end-users are increasingly requested to provide consent to store such requested to provide consent to store such tracking cookies in their terminal tracking cookies in their terminal equipment. As a result, end-users are equipment. As a result, end-users are overloaded with requests to provide overloaded with requests to provide consent. The use of technical means to consent. The use of technical means to provide consent, for example, through provide consent, for example, through transparent and user-friendly settings, may transparent and user-friendly settings, may address this problem. Therefore, this address this problem. Therefore, this Regulation should provide for the Regulation should provide for the possibility to express consent by using the possibility to express consent by using appropriate settings of a browser or other appropriate technical settings of a browser application. The choices made by end- or other application. users when establishing its general privacy settings of a browser or other application should be binding on, and enforceable against, any third parties. Web browsers are a type of software application that permits the retrieval and presentation of information on the internet. Other types of applications, such as the ones that permit calling and messaging or provide route guidance, have also the same capabilities. Web browsers mediate much of what occurs between the end-user and the website. From this perspective, they are in a privileged position to play an active role to help the end-user to control the flow of information to and from the terminal equipment. More particularly web browsers may be used as gatekeepers, thus helping end-users to prevent information from their terminal equipment (for example smart phone, tablet or computer) from being accessed or stored.
Or. en
Amendment 242 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment (22) The methods used for providing (22) The methods used for providing information and obtaining end-user's information and obtaining user's consent consent should be as user-friendly as should be as user-friendly as possible. possible. Given the ubiquitous use of Given the ubiquitous use of tracking tracking cookies and other tracking cookies and other tracking techniques, techniques, end-users are increasingly users are increasingly requested to provide requested to provide consent to store such consent to store such tracking cookies in tracking cookies in their terminal their terminal equipment. As a result, users equipment. As a result, end-users are are overloaded with requests to provide overloaded with requests to provide consent. This Regulation should prevent consent. The use of technical means to the use of so- called "cookie walls" and provide consent, for example, through "cookie banners" that do not help users transparent and user-friendly settings, may to maintain control over their personal address this problem. Therefore, this information and privacy or become Regulation should provide for the informed about their rights. The use of possibility to express consent by using the technical means to provide consent, for appropriate settings of a browser or other example, through transparent and user- application. The choices made by end- friendly settings, may address this problem. users when establishing its general privacy Therefore, this Regulation should provide settings of a browser or other application for the possibility to express or withdraw should be binding on, and enforceable consent and to object by technical against, any third parties. Web browsers specifications using automated means, are a type of software application that such as the appropriate settings of a permits the retrieval and presentation of hardware or software permitting the information on the internet. Other types of retrieval and presentation of information applications, such as the ones that permit on the internet. Those settings should calling and messaging or provide route include choices concerning the use of guidance, have also the same capabilities. processing and storage capabilities of the Web browsers mediate much of what user's terminal equipment as well as a occurs between the end-user and the signal sent by the hardware or software website. From this perspective, they are in indicating the user's preferences to other a privileged position to play an active role parties. The choices made by users when to help the end-user to control the flow of establishing its general privacy settings of information to and from the terminal a hardware of software should be binding equipment. More particularly web on, and enforceable against, any third browsers may be used as gatekeepers, thus parties. Web browsers are a type of helping end-users to prevent information software application that permits the from their terminal equipment (for retrieval and presentation of information on example smart phone, tablet or computer) the internet. Other types of applications, from being accessed or stored. such as the ones that permit calling and messaging or provide route guidance, have also the same capabilities. More particularly web browsers, applications or mobile operating systems may be used as a user's personal privacy assistant communicating the user's choices, thus helping users to prevent information related to or processed by their terminal equipment (for example smart phone, tablet or computer) from being accessed, processed or stored. They should therefore not abuse their position as gate- keepers and still allow for possibilities for the user to individually give consent with regard to a certain specific service or service provider.
Or. en
Justification
“Do not track” does not mean “Do not ask”.
Amendment 243 Cornelia Ernst
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) The methods used for providing (22) The methods used for providing information and obtaining end-user's information and obtaining user's consent consent should be as user-friendly as should be as user-friendly as possible. possible. Given the ubiquitous use of Given the ubiquitous use of tracking tracking cookies and other tracking cookies and other tracking techniques, techniques, end-users are increasingly users are increasingly requested to provide requested to provide consent to store such consent to store such tracking cookies in tracking cookies in their terminal their terminal equipment. As a result, users equipment. As a result, end-users are are overloaded with requests to provide overloaded with requests to provide consent. This Regulation should prevent consent. The use of technical means to the use of so-called "cookie walls" and provide consent, for example, through "cookie banners" that do not help users transparent and user-friendly settings, may to maintain control over their personal address this problem. Therefore, this information and privacy or become Regulation should provide for the informed about their rights. The use of possibility to express consent by using the technical means to provide consent, for appropriate settings of a browser or other example, through transparent and user- application. The choices made by end- friendly settings, may address this problem. users when establishing its general Therefore, this Regulation should provide privacy settings of a browser or other for the possibility to express or withdraw application should be binding on, and consent and to object by technical enforceable against, any third parties. specifications using automated means, Web browsers are a type of software such as the appropriate settings of a application that permits the retrieval and hardware or software permitting the presentation of information on the internet. retrieval and presentation of information on Other types of applications, such as the the internet. Those settings should include ones that permit calling and messaging or choices concerning the use of processing provide route guidance, have also the and storage capabilities of the user's same capabilities. Web browsers mediate terminal equipment as well as a signal much of what occurs between the end- sent by the hardware or software user and the website. From this indicating the user's preferences to other perspective, they are in a privileged parties. The choices made by users when position to play an active role to help the establishing its general privacy settings end-user to control the flow of should be binding on, and enforceable information to and from the terminal against, any third parties. Web browsers, equipment. More particularly web applications or mobile operating systems browsers may be used as gatekeepers, thus may be used as a user's personal privacy helping end-users to prevent information assistant communicating the user's from their terminal equipment (for choices, thus helping users to prevent example smart phone, tablet or computer) information related to or processed by from being accessed or stored. their terminal equipment (for example smart phone, tablet or computer) from being accessed, processed or stored.
Or. en
Amendment 244 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) The methods used for providing (22) The methods used for providing information and obtaining end-user's information and obtaining end-user's consent should be as user-friendly as consent should be as user-friendly as possible. Given the ubiquitous use of possible. Given the ubiquitous use of tracking cookies and other tracking tracking cookies and other tracking techniques, end-users are increasingly techniques, end-users are increasingly requested to provide consent to store such requested to provide consent to store such tracking cookies in their terminal tracking cookies in their terminal equipment. As a result, end-users are equipment. As a result, end-users are overloaded with requests to provide overloaded with requests to provide consent. The use of technical means to consent. The use of technical means to provide consent, for example, through provide consent, for example, through transparent and user-friendly settings, may transparent and user-friendly settings, may address this problem. Therefore, this address this problem. Web browsers are a Regulation should provide for the type of software application that permits possibility to express consent by using the the retrieval and presentation of appropriate settings of a browser or other information on the internet. Mobile application. The choices made by end- operating systems or other types of users when establishing its general applications, such as the ones that permit privacy settings of a browser or other calling and messaging or provide route application should be binding on, and guidance, have also the same capabilities. enforceable against, any third parties. From this perspective, they are in a Web browsers are a type of software privileged position to play an active role to application that permits the retrieval and help the end-user to control the flow of presentation of information on the internet. information to and from the terminal Other types of applications, such as the equipment. ones that permit calling and messaging or provide route guidance, have also the same capabilities. Web browsers mediate much of what occurs between the end-user and the website. From this perspective, they are in a privileged position to play an active role to help the end-user to control the flow of information to and from the terminal equipment. More particularly web browsers may be used as gatekeepers, thus helping end-users to prevent information from their terminal equipment (for example smart phone, tablet or computer) from being accessed or stored.
Or. en
Amendment 245 Emilian Pavel
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) The methods used for providing (22) The methods used for providing information and obtaining end-user's information and obtaining end-user's consent should be as user-friendly as consent should be as user-friendly as possible. Given the ubiquitous use of possible. Given the ubiquitous use of tracking cookies and other tracking tracking cookies and other tracking techniques, end-users are increasingly techniques, end-users are increasingly requested to provide consent to store such requested to provide consent to store such tracking cookies in their terminal tracking cookies in their terminal equipment. As a result, end-users are equipment. As a result, end-users are overloaded with requests to provide overloaded with requests to provide consent. The use of technical means to consent. The use of technical means to provide consent, for example, through provide consent, for example, through transparent and user-friendly settings, may transparent and user-friendly settings, may address this problem. Therefore, this address this problem. Therefore, this Regulation should provide for the Regulation should provide for the possibility to express consent by using the possibility to express consent by using the appropriate settings of a browser or other appropriate settings of a browser or other application. The choices made by end- application. The choices made by end- users when establishing its general privacy users when establishing its general privacy settings of a browser or other application settings of a browser or other application should be binding on, and enforceable should be binding on, and enforceable against, any third parties. Web browsers against, any third parties. Web browsers are a type of software application that are a type of software application that permits the retrieval and presentation of permits the retrieval and presentation of information on the internet. Other types of information on the internet. Other types of applications, such as the ones that permit applications, such as the ones that permit calling and messaging or provide route calling and messaging or provide route guidance, have also the same capabilities. guidance, have also the same capabilities. Web browsers mediate much of what Web browsers mediate much of what occurs between the end-user and the occurs between the end-user and the website. From this perspective, they are in website. From this perspective, they help a privileged position to play an active role the end-user to control the flow of to help the end-user to control the flow of information to and from the terminal information to and from the terminal equipment. More particularly web equipment. More particularly web browsers may be used as gatekeepers, thus browsers may be used as gatekeepers, thus helping end-users to prevent information helping end-users to prevent information from their terminal equipment (for example from their terminal equipment (for example smart phone, tablet or computer) from smart phone, tablet or computer) from being accessed or stored. This can be done being accessed or stored. through settings such as those that allow users to block all cookies or only third- party cookies, and those that allow users to choose a "Do Not Track" option during their browsing experience.
Or. en
Amendment 246 Maria Grapini
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) Metodele folosite pentru a furniza (22) Metodele folosite pentru a furniza informații și a obține consimțământul informații și a obține consimțământul utilizatorului final ar trebui să fie cât mai utilizatorului final ar trebui să fie cât mai ușor de utilizat cu putință. Având în vedere ușor de utilizat cu putință. Având în vedere utilizarea omniprezentă a cookie-urilor utilizarea omniprezentă a cookie-urilor permanente și a altor tehnici de urmărire, permanente și a altor tehnici de urmărire, utilizatorilor finali li se solicită într-o utilizatorilor finali li se solicită într-o măsură tot mai mare să își dea măsură tot mai mare să își dea consimțământul privind stocarea acestor consimțământul privind stocarea acestor cookie-uri permanente în echipamentele lor cookie-uri permanente în echipamentele lor terminale. Prin urmare, utilizatorii finali terminale. Prin urmare, utilizatorii finali sunt supraîncărcați cu solicitări privind sunt supraîncărcați cu solicitări privind acordarea consimțământului. Utilizarea de acordarea consimțământului. Utilizarea de mijloace tehnice pentru acordarea mijloace tehnice pentru acordarea consimțământului, de exemplu, prin setări consimțământului, de exemplu, prin setări transparente și ușor de utilizat, poate transparente și ușor de utilizat, poate soluționa această problemă. Prin urmare, soluționa această problemă. Prin urmare, prezentul regulament ar trebui să prevadă prezentul regulament ar trebui să prevadă posibilitatea de exprimare a posibilitatea de exprimare a consimțământului prin utilizarea setărilor consimțământului, care să poată fi dat corespunzătoare ale unui browser sau ale doar după o informare obiectivă, exactă și altei aplicații. Alegerile făcute de corectă a utilizatorului, prin utilizarea utilizatorii finali atunci când își stabilesc setărilor corespunzătoare ale unui browser setările de confidențialitate generale pentru sau ale altei aplicații. Alegerile făcute de un browser sau o altă aplicație ar trebui să utilizatorii finali atunci când își stabilesc aibă un caracter obligatoriu pentru orice setările de confidențialitate generale pentru parte terță și să fie opozabile acestora. un browser sau o altă aplicație ar trebui să Browserele sunt un tip de aplicație aibă un caracter obligatoriu pentru orice software care permite obținerea și parte terță și să fie opozabile acestora. prezentarea informațiilor pe internet. De Browserele sunt un tip de aplicație asemenea, alte tipuri de aplicații, cum ar fi software care permite obținerea și cele care permit efectuarea de apeluri și prezentarea informațiilor pe internet. De transmiterea de mesaje sau care oferă asemenea, alte tipuri de aplicații, cum ar fi îndrumare rutieră, au aceleași capacități. cele care permit efectuarea de apeluri și Browserele asigură o mare parte din transmiterea de mesaje sau care oferă interacțiunile care au loc între utilizatorul îndrumare rutieră, au aceleași capacități. final și site-ul web. Din acest punct de Browserele asigură o mare parte din vedere, ele se află într-o poziție privilegiată interacțiunile care au loc între utilizatorul pentru a juca un rol activ constând în final și site-ul web. Din acest punct de sprijinirea utilizatorului final în ceea ce vedere, ele se află într-o poziție privilegiată privește controlul fluxului de informații pentru a juca un rol activ constând în către și de la echipamentele terminale. Mai sprijinirea utilizatorului final în ceea ce precis, browserele pot fi utilizate ca entități privește controlul fluxului de informații de control, ajutând astfel utilizatorii finali către și de la echipamentele terminale. Mai să împiedice accesul la informații precis, browserele pot fi utilizate ca entități provenind de la echipamentele lor de control, ajutând astfel utilizatorii finali terminale (de exemplu telefon inteligent, să împiedice accesul la informații tabletă sau computer) și stocarea acestora. provenind de la echipamentele lor terminale (de exemplu telefon inteligent, tabletă sau computer) și stocarea acestora.
Or. ro
Amendment 247 Sophia in 't Veld
Proposal for a regulation Recital 22
Text proposed by the Commission Amendment
(22) The methods used for providing (22) The methods used for providing information and obtaining end-user's information and obtaining end-user's consent should be as user-friendly as consent should be as user-friendly as possible. Given the ubiquitous use of possible. Given the ubiquitous use of tracking cookies and other tracking tracking cookies and other tracking techniques, end-users are increasingly techniques, end-users are increasingly requested to provide consent to store such requested to provide consent to store such tracking cookies in their terminal tracking cookies in their terminal equipment. As a result, end-users are equipment. As a result, end-users are overloaded with requests to provide overloaded with requests to provide consent. The use of technical means to consent. The use of technical means to provide consent, for example, through provide consent, for example, through transparent and user-friendly settings, may transparent and user-friendly settings, may address this problem. Therefore, this address this problem. Therefore, this Regulation should provide for the Regulation should provide for the possibility to express consent by using the possibility to express consent by using the appropriate settings of a browser or other appropriate settings of a browser or other application. The choices made by end- application. The choices made by end- users when establishing its general privacy users when establishing its general privacy settings of a browser or other application settings of a browser or other application should be binding on, and enforceable should be binding on, and enforceable against, any third parties. Web browsers against, any party. Web browsers are a are a type of software application that type of software application that permits permits the retrieval and presentation of the retrieval and presentation of information on the internet. Other types of information on the internet. Other types of applications, such as the ones that permit applications, such as the ones that permit calling and messaging or provide route calling and messaging or provide route guidance, have also the same capabilities. guidance, have also the same capabilities. Web browsers mediate much of what Web browsers mediate much of what occurs between the end-user and the occurs between the end-user and the website. From this perspective, they are in website. From this perspective, they are in a privileged position to play an active role a privileged position to play an active role to help the end-user to control the flow of to help the end-user to control the flow of information to and from the terminal information to and from the terminal equipment. More particularly web equipment. The web browsers should browsers may be used as gatekeepers, thus communicate the user settings to the helping end-users to prevent information website visited, thus helping end-users to from their terminal equipment (for example prevent information from their terminal smart phone, tablet or computer) from equipment (for example smart phone, being accessed or stored. tablet or computer) from being accessed or stored.
Or. en
Amendment 248 Heinz K. Becker
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment (23) Die Grundsätze des Datenschutzes entfällt durch Technikgestaltung und durch datenschutzfreundliche Voreinstellungen wurden in Artikel 25 der Verordnung (EU) 2016/679 festgeschrieben. Gegenwärtig haben die meisten weitverbreiteten Browser für Cookies die Standardeinstellung „Alle Cookies annehmen“. Deshalb sollten Anbieter von Software, die das Abrufen und Darstellen von Informationen aus dem Internet erlaubt, dazu verpflichtet sein, die Software so zu konfigurieren, dass sie die Möglichkeit bietet zu verhindern, dass Dritte Informationen in der Endeinrichtung speichern; diese Einstellung wird häufig als „Cookies von Drittanbietern zurückweisen“ bezeichnet. Den Endnutzern sollte eine Reihe von Einstellungsmöglichkeiten zur Privatsphäre angeboten werden, die vom höheren Schutz (z. B. „Cookies niemals annehmen“) über einen mittleren Schutz (z. B. „Cookies von Drittanbietern zurückweisen“ oder „Nur Cookies von Erstanbietern annehmen“) bis zum niedrigeren Schutz (z. B. „Cookies immer annehmen“) reicht. Solche Einstellungen zur Privatsphäre sollten in leicht sichtbarer und verständlicher Weise dargestellt werden.
Or. de
Amendment 249 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment
(23) The principles of data protection by (23) The principles of data protection by design and by default were codified under design and by default were codified under Article 25 of Regulation (EU) 2016/679. Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies Currently, the default settings for cookies are set in most current browsers to ‘accept are set in most current browsers to ‘accept all cookies’. Therefore providers of all cookies’. End-users should be offered to software enabling the retrieval and choose appropriate technical settings presentation of information on the expressing their privacy preferences. Such internet should have an obligation to privacy settings should be presented in a an configure the software so that it offers the easily visible and intelligible manner. option to prevent third parties from storing information on the terminal equipment; this is often presented as ‘reject third party cookies’. End-users should be offered a set of privacy setting options, ranging from higher (for example, ‘never accept cookies’) to lower (for example, ‘always accept cookies’) and intermediate (for example, ‘reject third party cookies’ or ‘only accept first party cookies’). Such privacy settings should be presented in a an easily visible and intelligible manner.
Or. en
Amendment 250 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment
(23) The principles of data protection by (23) The principles of data protection by design and by default were codified under design and by default were codified under Article 25 of Regulation (EU) 2016/679. Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies Currently, the default settings for cookies are set in most current browsers to ‘accept are set in most current browsers to 'accept all cookies’. Therefore providers of all cookies'. Therefore providers of software enabling the retrieval and hardware or software enabling the presentation of information on the internet retrieval and presentation of information on should have an obligation to configure the the internet should have an obligation to software so that it offers the option to configure the software so that it offers and prevent third parties from storing activates as default the option to prevent information on the terminal equipment; this the cross-domain tracking and storing is often presented as ‘reject third party information on the terminal equipment by cookies’. End-users should be offered a set other parties; this is often presented as of privacy setting options, ranging from 'reject third party trackers and cookies'. higher (for example, ‘never accept Users should be offered a set of privacy cookies’) to lower (for example, ‘always setting options, ranging from higher (for accept cookies’) and intermediate (for example, 'never accept trackers and example, ‘reject third party cookies’ or cookies') to lower (for example, 'always ‘only accept first party cookies’). Such accept trackers and cookies') and intermediate (for example, 'reject all trackers and cookies that are not strictly privacy settings should be presented in a an necessary to provide a service explicitly easily visible and intelligible manner. requested by the user' or 'reject all cross- domain tracking'). These options may also be more fine-grained and, among other aspects, reflect the possibility that another party might act as a data processor within the meaning of Regulation (EU) 2016/679 for the provider of the service. Privacy settings should also include options to allow the user to decide for example, whether multimedia players, interactive programming language viewers, or similar software can be executed, if a website can collect geo-location data from the user, or if it can access specific hardware such as a webcam or microphone. Such privacy settings should be presented in a an easily visible and intelligible manner, and at the moment of installation or first use, users should be informed about the possibility to change the default privacy settings among the various options. Information provided should not dissuade users from selecting higher privacy settings and should include relevant information about the risks associated to allowing cross-domain trackers, including the compilation of long-term records of individuals' browsing histories and the use of such records to send targeted advertising or sharing with more third parties. Hardware and software manufacturers should be required to provide easy ways for users to change the privacy settings at any time during use and to allow the user to make exceptions for or to whitelist certain information society services or to specify for such services websites trackers and cookies are always or never allowed. In case of no active choice, or action from the user, the settings shall be set by default in a manner that rejects and blocks trackers, including cookies, that are not strictly necessary in order to provide an information society service specifically requested by the user.
Or. en Justification
Based on LIBE AMs 24 and 25 Rapporteur (merging Recitals 23 and 24)
Amendment 251 Sophia in 't Veld
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment
(23) The principles of data protection by (23) The principles of data protection by design and by default were codified under design and by default are codified under Article 25 of Regulation (EU) 2016/679. Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies Therefore providers of software are set in most current browsers to ‘accept permitting electronic communications all cookies’. Therefore providers of (such as browsers, operating systems, software enabling the retrieval and communication apps and internet of presentation of information on the things devices) shall configure the internet should have an obligation to software so that privacy is protected by configure the software so that it offers the default. In addition, providers of such option to prevent third parties from storing software are required to offer sufficiently information on the terminal equipment; granular options to consent to each this is often presented as ‘reject third distinct category of purposes. These party cookies’. End-users should be distinct categories include, at least, the offered a set of privacy setting options, following categories: ranging from higher (for example, ‘never (i) tracking for commercial purposes or accept cookies’) to lower (for example, for direct marketing for non-commercial ‘always accept cookies’) and intermediate purposes (behavioural advertising) (for example, ‘reject third party cookies’ (ii) tracking for personalised content or ‘only accept first party cookies’). Such (iii) tracking for analytical purposes privacy settings should be presented in a (iv) tracking of location data an easily visible and intelligible manner. (v) providing personal data to third parties (including providing unique identifiers to match with personal data held by third parties) No consent is required for information that is collected from end-users' terminal equipment when it is strictly necessary for providing an information society service requested by the end-user, for example in order to adapt the screen size to the device, or to remember items in a shopping basket. Web browsers, operating systems and communication apps should allow the end-user to consent to cookies or other information that is stored on, or read from terminal equipment (including the browser on that equipment) by a specific website or originator even when the general settings prevent the interference and vice versa. With regard to a specific party, web browsers and communication apps should also allow users to separately consent to internet-wide tracking.
Or. en
Amendment 252 Cornelia Ernst
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment
(23) The principles of data protection by (23) The principles of data protection by design and by default were codified under design and by default were codified under Article 25 of Regulation (EU) 2016/679. Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies Currently, the default settings for cookies are set in most current browsers to ‘accept are set in most current browsers to 'accept all cookies’. Therefore providers of all cookies'. Therefore providers of software enabling the retrieval and hardware or software enabling the presentation of information on the internet retrieval and presentation of information on should have an obligation to configure the the internet should have an obligation to software so that it offers the option to configure the software so that it offers and prevent third parties from storing activates as default the option to prevent information on the terminal equipment; this the cross-domain tracking and storing is often presented as ‘reject third party information on the terminal equipment by cookies’. End-users should be offered a other parties; this is often presented as set of privacy setting options, ranging 'reject third party trackers and cookies'. from higher (for example, ‘never accept Such privacy settings should be presented cookies’) to lower (for example, ‘always in a an easily visible and intelligible accept cookies’) and intermediate (for manner. Information provided should not example, ‘reject third party cookies’ or dissuade users from selecting higher ‘only accept first party cookies’). Such privacy settings and should include privacy settings should be presented in a relevant information about the risks an easily visible and intelligible manner. associated to allowing cross-domain trackers, including the compilation of long-term records of individuals' browsing histories and the use of such records to send targeted advertising or sharing with more third parties. In case of no active choice, or action from the user, the settings shall be set by default in a manner that rejects and blocks trackers, including cookies, that are not strictly necessary in order to provide an information society service specifically requested by the user.
Or. en
Amendment 253 Michał Boni, Frank Engel, Tomáš Zdechovský, Csaba Sógor, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment
(23) The principles of data protection by (23) The principles of data protection by design and by default were codified under design and by default were codified under Article 25 of Regulation (EU) 2016/679. Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies Currently, the default settings for cookies are set in most current browsers to ‘accept are set in most current browsers to ‘accept all cookies’. Therefore providers of all cookies’. Therefore providers of software enabling the retrieval and software enabling the retrieval and presentation of information on the internet presentation of information on the internet should have an obligation to configure the should have an obligation to inform the software so that it offers the option to end-user about the possibility to express prevent third parties from storing his or her consent using appropriate information on the terminal equipment; technical settings. The end-user should be this is often presented as ‘reject third offered multiple options to choose from, party cookies’. End-users should be including to prevent third parties from offered a set of privacy setting options, storing information on the terminal ranging from higher (for example, ‘never equipment. End-users should be offered a accept cookies’) to lower (for example, set of privacy setting options, ranging ‘always accept cookies’) and intermediate from, for example, rejecting tracking that (for example, ‘reject third party cookies’ is not necessary for the functionality of or ‘only accept first party cookies’). Such the website or other software to, for privacy settings should be presented in a example, accepting tracking necessary for an easily visible and intelligible manner. the functionality of the website or other software as well as for other purposes or, for example, accepting tracking necessary for the functionality of the website or other software and tracking for other purposes by parties that demonstrate the compliance with the EU data protection and privacy legislation, for instance in line with Article 40 and 42 of Regulation (EU) 2016/679.
Or. en
Amendment 254 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment
(23) The principles of data protection by (23) The principles of data protection by design and by default were codified under design and by default were codified under Article 25 of Regulation (EU) 2016/679. Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies Therefore providers of software enabling are set in most current browsers to ‘accept publically available electronic all cookies’. Therefore providers of communications services and permitting software enabling the retrieval and the retrieval and presentation of presentation of information on the internet information on the internet should have an should have an obligation to configure the obligation to configure the software so that software so that it offers the option to it offers end-users a set of privacy setting prevent third parties from storing options in order that end-users may information on the terminal equipment; actively select a preferred option after this is often presented as ‘reject third being given the necessary information to party cookies’. End-users should be make the choice. Such privacy settings offered a set of privacy setting options, should be presented in an easily visible and ranging from higher (for example, ‘never intelligible manner. accept cookies’) to lower (for example, ‘always accept cookies’) and intermediate (for example, ‘reject third party cookies’ or ‘only accept first party cookies’). Such privacy settings should be presented in a an easily visible and intelligible manner.
Or. en
Amendment 255 Anna Maria Corazza Bildt
Proposal for a regulation Recital 23
Text proposed by the Commission Amendment
(23) The principles of data protection by (23) The principles of data protection by design and by default were codified under design and by default were codified under Article 25 of Regulation (EU) 2016/679. Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies Therefore providers of software enabling are set in most current browsers to ‘accept publicly available electronic all cookies’. Therefore providers of communications services and permitting software enabling the retrieval and the retrieval and presentation of presentation of information on the internet information on the internet should have an should have an obligation to configure the obligation to configure the software so that software so that it offers the option to it offers the option to prevent third parties prevent third parties from storing from storing information on the terminal information on the terminal equipment; this equipment; this is often presented as ‘reject is often presented as ‘reject third party third party cookies’. Consumers should be cookies’. End-users should be offered a set offered a set of privacy setting options, of privacy setting options, ranging from ranging from higher (for example, ‘never higher (for example, ‘never accept accept cookies’) to lower (for example, cookies’) to lower (for example, ‘always ‘always accept cookies’) and intermediate accept cookies’) and intermediate (for (for example, ‘reject third party cookies’ or example, ‘reject third party cookies’ or ‘only accept first party cookies’). Such ‘only accept first party cookies’). Such privacy settings should be presented in a an privacy settings should be presented in a an easily visible and intelligible manner. easily visible and intelligible manner.
Or. en
Amendment 256 Heinz K. Becker
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) Damit Webbrowser die in der entfällt Verordnung (EU) 2016/679 vorgeschriebene Einwilligung der Endnutzer, z. B. in die Speicherung von Verfolgungs-Cookies von Drittanbietern, einholen können, sollten sie unter anderem eine eindeutige bestätigende Handlung von der Endeinrichtung des Endnutzers verlangen, mit der dieser seine freiwillig für den bestimmten Fall, in informierter Weise und unmissverständlich erklärte Zustimmung zur Speicherung solcher Cookies in seiner Endeinrichtung und zum Zugriff darauf bekundet. Eine solche Handlung kann als bestätigend verstanden werden, wenn Endnutzer zur Einwilligung beispielsweise die Option „Cookies von Drittanbietern annehmen“ aktiv auswählen müssen und ihnen die dazu notwendigen Informationen gegeben werden. Hierzu müssen die Anbieter von Software, die den Zugang zum Internet ermöglicht, verpflichtet werden, die Endnutzer zum Zeitpunkt der Installation darauf hinzuweisen, dass die Einstellungen zur Privatsphäre unter den verschiedenen Möglichkeiten ausgewählt werden können, und sie aufzufordern, eine Wahl zu treffen. Die gegebenen Informationen sollten die Endnutzer nicht davon abschrecken, höhere Einstellungen zur Privatsphäre zu wählen, und sie sollten alle wichtigen Informationen über die mit der Annahme von Cookies von Drittanbietern verbundenen Risiken enthalten, wozu auch das Anlegen langfristiger Aufzeichnungen über die Browserverläufe des Betroffenen und die Verwendung solcher Aufzeichnungen zur Übermittlung gezielter Werbung gehören. Es sollte gefördert werden, dass Webbrowser den Endnutzern einfache Möglichkeiten bieten, die Einstellungen zur Privatsphäre während der Benutzung jederzeit zu ändern, und dem Nutzer erlauben, Ausnahmen für bestimmte Websites zu machen oder in Listen festzulegen oder anzugeben, von welchen Websites Cookies (auch von Drittanbietern) immer oder niemals angenommen werden sollen.
Or. de
Amendment 257 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) For web browsers to be able to deleted obtain end-users’ consent as defined under Regulation (EU) 2016/679, for example, to the storage of third party tracking cookies, they should, among others, require a clear affirmative action from the end-user of terminal equipment to signify his or her freely given, specific informed, and unambiguous agreement to the storage and access of such cookies in and from the terminal equipment. Such action may be considered to be affirmative, for example, if end-users are required to actively select ‘accept third party cookies’ to confirm their agreement and are given the necessary information to make the choice. To this end, it is necessary to require providers of software enabling access to internet that, at the moment of installation, end-users are informed about the possibility to choose the privacy settings among the various options and ask them to make a choice. Information provided should not dissuade end-users from selecting higher privacy settings and should include relevant information about the risks associated to allowing third party cookies to be stored in the computer, including the compilation of long-term records of individuals' browsing histories and the use of such records to send targeted advertising. Web browsers are encouraged to provide easy ways for end-users to change the privacy settings at any time during use and to allow the user to make exceptions for or to whitelist certain websites or to specify for which websites (third) party cookies are always or never allowed.
Or. en
Amendment 258 Cornelia Ernst
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) For web browsers to be able to deleted obtain end-users’ consent as defined under Regulation (EU) 2016/679, for example, to the storage of third party tracking cookies, they should, among others, require a clear affirmative action from the end-user of terminal equipment to signify his or her freely given, specific informed, and unambiguous agreement to the storage and access of such cookies in and from the terminal equipment. Such action may be considered to be affirmative, for example, if end-users are required to actively select ‘accept third party cookies’ to confirm their agreement and are given the necessary information to make the choice. To this end, it is necessary to require providers of software enabling access to internet that, at the moment of installation, end-users are informed about the possibility to choose the privacy settings among the various options and ask them to make a choice. Information provided should not dissuade end-users from selecting higher privacy settings and should include relevant information about the risks associated to allowing third party cookies to be stored in the computer, including the compilation of long-term records of individuals' browsing histories and the use of such records to send targeted advertising. Web browsers are encouraged to provide easy ways for end-users to change the privacy settings at any time during use and to allow the user to make exceptions for or to whitelist certain websites or to specify for which websites (third) party cookies are always or never allowed.
Or. en
Amendment 259 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) For web browsers to be able to deleted obtain end-users’ consent as defined under Regulation (EU) 2016/679, for example, to the storage of third party tracking cookies, they should, among others, require a clear affirmative action from the end-user of terminal equipment to signify his or her freely given, specific informed, and unambiguous agreement to the storage and access of such cookies in and from the terminal equipment. Such action may be considered to be affirmative, for example, if end-users are required to actively select ‘accept third party cookies’ to confirm their agreement and are given the necessary information to make the choice. To this end, it is necessary to require providers of software enabling access to internet that, at the moment of installation, end-users are informed about the possibility to choose the privacy settings among the various options and ask them to make a choice. Information provided should not dissuade end-users from selecting higher privacy settings and should include relevant information about the risks associated to allowing third party cookies to be stored in the computer, including the compilation of long-term records of individuals' browsing histories and the use of such records to send targeted advertising. Web browsers are encouraged to provide easy ways for end-users to change the privacy settings at any time during use and to allow the user to make exceptions for or to whitelist certain websites or to specify for which websites (third) party cookies are always or never allowed.
Or. en
Justification
Integrated into Recital 23 for better clarity.
Amendment 260 Michał Boni, Frank Engel, Tomáš Zdechovský, Csaba Sógor, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) For web browsers to be able to (24) For web browsers to be able to obtain end-users’ consent as defined under obtain end-users’ consent as defined under Regulation (EU) 2016/679, for example, to Regulation (EU) 2016/679, they should, the storage of third party tracking cookies, among others, require a clear affirmative they should, among others, require a clear action from the end-user of terminal affirmative action from the end-user of equipment to signify his or her freely terminal equipment to signify his or her given, specific informed, and unambiguous freely given, specific informed, and agreement to the storage and access of such unambiguous agreement to the storage and cookies or other tracking mechanisms in access of such cookies in and from the and from the terminal equipment. Such terminal equipment. Such action may be action may be considered to be affirmative, considered to be affirmative, for example, for example, if end-users are required to if end-users are required to actively select actively select one of the offered options ‘accept third party cookies’ to confirm to confirm their agreement and are given their agreement and are given the the necessary information to make the necessary information to make the choice. choice. To this end, it is necessary to To this end, it is necessary to require require providers of software enabling providers of software enabling access to access to internet that, at the moment of internet that, at the moment of installation, installation, end-users are informed about end-users are informed about the the possibility to choose the privacy possibility to choose the privacy settings settings among the various options and ask among the various options and ask them to them to make a choice. Information make a choice. Information provided provided should not dissuade end-users should not dissuade end-users from from selecting higher privacy settings and selecting higher privacy settings and should include relevant information about should include relevant information about the risks associated to allowing third party the risks associated to allowing third party cookies or other tracking mechanisms to cookies to be stored in the computer, be stored in the computer, including the including the compilation of long-term compilation of long-term records of records of individuals' browsing histories individuals' browsing histories and the use and the use of such records to send targeted of such records to send targeted advertising. Web browsers are encouraged advertising. Web browsers are encouraged to provide easy ways for end-users to to provide easy ways for end-users to change the privacy settings at any time change the privacy settings at any time during use and to allow the user to make during use. Web browsers shall allow the exceptions for or to whitelist certain end-user to customise his or her privacy websites or to specify for which websites settings for each individual website (third) party cookies are always or never visited. The website shall be able to allowed. communicate to the end-user the fact that their privacy settings may influence his or her customer experience or access to all functionalities of the website and shall be allowed to offer end-user information how to change his or her settings, request consent from the end-user or offer him or her alternative options, such as i.e. subscription or paid access. The choice of end user for specific websites shall be respected by web browsers.
Or. en
Amendment 261 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) For web browsers to be able to (24) For web browsers, applications or obtain end-users’ consent as defined under other software to be able to obtain end- Regulation (EU) 2016/679, for example, to users’ consent as defined under Regulation the storage of third party tracking cookies, (EU) 2016/679, for example, to the storage they should, among others, require a clear of tracking cookies, they should, among affirmative action from the end-user of others, require a clear affirmative action terminal equipment to signify his or her from the end-user of terminal equipment to freely given, specific informed, and signify his or her freely given, specific unambiguous agreement to the storage and informed, and unambiguous agreement to access of such cookies in and from the the storage and access of such cookies in terminal equipment. Such action may be and from the terminal equipment. To this considered to be affirmative, for example, end, end-users are informed about the if end-users are required to actively select possibility to choose the privacy settings ‘accept third party cookies’ to confirm among various options. Information their agreement and are given the provided should not dissuade end-users necessary information to make the choice. from selecting higher privacy settings and To this end, it is necessary to require should include relevant information about providers of software enabling access to the purposes for which data may be internet that, at the moment of processed, including using information installation, end-users are informed about about a user's browsing habits to build up the possibility to choose the privacy an anonymous profile which may settings among the various options and ask determine what type of advertising they them to make a choice. Information are shown. Web browsers, application or provided should not dissuade end-users other software, are encouraged to provide from selecting higher privacy settings and easy ways for end-users to change the should include relevant information about privacy settings at any time during use and the risks associated to allowing third party to allow the user to make exceptions for or cookies to be stored in the computer, to whitelist certain websites or to specify including the compilation of long-term for which websites is always or never records of individuals' browsing histories allowed. and the use of such records to send targeted advertising. Web browsers are encouraged to provide easy ways for end- users to change the privacy settings at any time during use and to allow the user to make exceptions for or to whitelist certain websites or to specify for which websites (third) party cookies are always or never allowed.
Or. en
Amendment 262 Sophia in 't Veld
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) For web browsers to be able to (24) For web browsers to be able to obtain end-users’ consent as defined under obtain end-users' consent as defined under Regulation (EU) 2016/679, for example, to Regulation (EU) 2016/679, for example, to the storage of third party tracking cookies, the storage or reading of tracking cookies they should, among others, require a clear for commercial purposes or for direct affirmative action from the end-user of marketing for non-commercial purposes, terminal equipment to signify his or her they should, among others, require a clear freely given, specific informed, and affirmative action from the end-user of unambiguous agreement to the storage and terminal equipment to signify his or her access of such cookies in and from the freely given, specific informed, and terminal equipment. Such action may be unambiguous agreement to the storage and considered to be affirmative, for example, access of such cookies in and from the if end-users are required to actively select terminal equipment. Such action may be ‘accept third party cookies’ to confirm considered to be affirmative, for example, their agreement and are given the if end-users are required to actively select necessary information to make the choice. 'accept tracking cookies for commercial To this end, it is necessary to require purposes or for direct marketing for non- providers of software enabling access to commercial purposes' to confirm their internet that, at the moment of installation, agreement and are given the necessary end-users are informed about the information to make the choice. To this possibility to choose the privacy settings end, it is necessary to require providers of among the various options and ask them software enabling access to internet that, to make a choice. Information provided before the first use, end-users are informed should not dissuade end-users from about the privacy by default settings and selecting higher privacy settings and the possibility to change the privacy should include relevant information about settings to other options. the risks associated to allowing third party Information provided should not dissuade cookies to be stored in the computer, end-users from maintaining high privacy including the compilation of long-term settings and should include relevant records of individuals' browsing histories information about the risks associated to and the use of such records to send targeted allowing the different types of cookies or advertising. Web browsers are encouraged other tracking mechanisms, to be stored to provide easy ways for end-users to in, or read from, the app or device, change the privacy settings at any time including the compilation of long-term during use and to allow the user to make records of individuals' browsing histories, exceptions for or to whitelist certain the use of location data, the use of websites or to specify for which websites personal data by third parties and the use (third) party cookies are always or never of such records to send targeted allowed. advertising. Web browsers should provide easy ways for end-users to change the privacy settings at any time during use and to allow the user to make exceptions for or to whitelist certain websites or to specify for which websites certain categories of cookies are always or never allowed.
Or. en
Amendment 263 Anna Maria Corazza Bildt
Proposal for a regulation Recital 24
Text proposed by the Commission Amendment
(24) For web browsers to be able to (24) For software enabling publicly obtain end-users’ consent as defined under available communication services and Regulation (EU) 2016/679, for example, to permitting the retrieval and presentation the storage of third party tracking cookies, of information on the internet to be able they should, among others, require a clear to obtain consumers' consent as defined affirmative action from the end-user of under Regulation (EU) 2016/679, for terminal equipment to signify his or her example, to the storage of third party freely given, specific informed, and tracking cookies, they should, among unambiguous agreement to the storage and others, require a clear affirmative action access of such cookies in and from the from the consumer using of terminal terminal equipment. Such action may be equipment to signify his or her freely considered to be affirmative, for example, given, specific informed, and unambiguous if end-users are required to actively select agreement to the storage and access of such ‘accept third party cookies’ to confirm cookies in and from the terminal their agreement and are given the equipment. Such action may be considered necessary information to make the choice. to be affirmative, for example, To this end, it is necessary to require if consumers are required to actively select providers of software enabling access to ‘accept third party cookies’ to confirm internet that, at the moment of installation, their agreement and are given the end-users are informed about the necessary information to make the choice. possibility to choose the privacy settings To this end, it is necessary to require among the various options and ask them to providers of software enabling access to make a choice. Information provided internet in the context of publicly should not dissuade end-users from available electronic communications selecting higher privacy settings and services that, at the moment of should include relevant information about installation, consumers are informed about the risks associated to allowing third party the possibility to choose the privacy cookies to be stored in the computer, settings among the various options and ask including the compilation of long-term them to make a choice. Information records of individuals' browsing histories provided should not dissuade consumers and the use of such records to send from selecting higher privacy settings. targeted advertising. Web browsers are Such obligations do not arise where the encouraged to provide easy ways for end- software already seeks to prevent third users to change the privacy settings at any parties from storing information on the time during use and to allow the user to terminal equipment of end-user or make exceptions for or to whitelist certain processing information already stored on websites or to specify for which websites that equipment. Web browsers are (third) party cookies are always or never encouraged to provide easy ways for allowed. consumers to change the privacy settings at any time during use.
Or. en
Amendment 264 Michał Boni, Frank Engel, Tomáš Zdechovský, Viviane Reding, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 25
Text proposed by the Commission Amendment
(25) Accessing electronic (25) Accessing electronic communications networks requires the communications networks requires the regular emission of certain data packets in regular emission of certain data packets in order to discover or maintain a connection order to discover or maintain a connection with the network or other devices on the with the network or other devices on the network. Furthermore, devices must have a network. Furthermore, devices must have a unique address assigned in order to be unique address assigned in order to be identifiable on that network. Wireless and identifiable on that network. Wireless and cellular telephone standards similarly cellular telephone standards similarly involve the emission of active signals involve the emission of active signals containing unique identifiers such as a containing unique identifiers such as a MAC address, the IMEI (International MAC address, the IMEI (International Mobile Station Equipment Identity), the Mobile Station Equipment Identity), the IMSI etc. A single wireless base station IMSI etc. A single wireless base station (i.e. a transmitter and receiver), such as a (i.e. a transmitter and receiver), such as a wireless access point, has a specific range wireless access point, has a specific range within which such information may be within which such information may be captured. Service providers have emerged captured. Service providers have emerged who offer tracking services based on the who offer tracking services based on the scanning of equipment related information scanning of equipment related information with diverse functionalities, including with diverse functionalities, including people counting, providing data on the people counting, providing data on the number of people waiting in line, number of people waiting in line, ascertaining the number of people in a ascertaining the number of people in a specific area, etc. This information may be specific area, etc. This information may be used for more intrusive purposes, such as used for more intrusive purposes, such as to send commercial messages to end-users, to send commercial messages to end-users, for example when they enter stores, with for example when they enter stores, with personalized offers. While some of these personalized offers. While some of these functionalities do not entail high privacy functionalities do not entail high privacy risks, others do, for example, those risks, others do, for example, those involving the tracking of individuals over involving the tracking of individuals over time, including repeated visits to specified time, including repeated visits to specified locations. Providers engaged in such locations. Providers engaged in such practices should display prominent notices practices should ask for the end-user´s located on the edge of the area of coverage consent or should carry out data informing end-users prior to entering the protection impact assessment and in this defined area that the technology is in case the data collected is or is rendered operation within a given perimeter, the pseudonymous or anonymous. Where a purpose of the tracking, the person data protection impact assessment responsible for it and the existence of any indicates that the processing would result measure the end-user of the terminal in a high risk in the absence of measures equipment can take to minimize or stop the taken by the controller to mitigate the collection. Additional information should risk, prior consultation with the be provided where personal data are supervisory authority, as prescribed in collected pursuant to Article 13 of Article 36 of Regulation (EU) 2016/679, Regulation (EU) 2016/679. shall be carried out. Providers should display prominent notices located on the edge of the area of coverage informing end-users prior to entering the defined area that the technology is in operation within a given perimeter, the purpose of the tracking, the person responsible for it and the existence of any measure the end-user of the terminal equipment can take to minimize or stop the collection. Additional information should be provided where personal data are collected pursuant to Article 13 of Regulation (EU) 2016/679.
Or. en
Amendment 265 Cornelia Ernst
Proposal for a regulation Recital 25
Text proposed by the Commission Amendment
(25) Accessing electronic (25) Accessing electronic communications networks requires the communications networks requires the regular emission of certain data packets in regular emission of certain data packets in order to discover or maintain a connection order to discover or maintain a connection with the network or other devices on the with the network or other devices on the network. Furthermore, devices must have a network. Furthermore, devices must have a unique address assigned in order to be unique address assigned in order to be identifiable on that network. Wireless and identifiable on that network. Wireless and cellular telephone standards similarly cellular telephone standards similarly involve the emission of active signals involve the emission of active signals containing unique identifiers such as a containing unique identifiers such as a MAC address, the IMEI (International MAC address, the IMEI (International Mobile Station Equipment Identity), the Mobile Station Equipment Identity), the IMSI etc. A single wireless base station IMSI etc. A single wireless base station (i.e. a transmitter and receiver), such as a (i.e. a transmitter and receiver), such as a wireless access point, has a specific range wireless access point, has a specific range within which such information may be within which such information may be captured. Service providers have emerged captured. Service providers have emerged who offer tracking services based on the who offer tracking services based on the scanning of equipment related information scanning of equipment related information with diverse functionalities, including with diverse functionalities, including people counting, providing data on the people counting, providing data on the number of people waiting in line, number of people waiting in line, ascertaining the number of people in a ascertaining the number of people in a specific area, etc. This information may be specific area, etc. This information may be used for more intrusive purposes, such as used for more intrusive purposes, such as to send commercial messages to end-users, to send commercial messages to users, for for example when they enter stores, with example when they enter stores, with personalized offers. While some of these personalized offers. While some of these functionalities do not entail high privacy functionalities do not entail high privacy risks, others do, for example, those risks, others do, for example, those involving the tracking of individuals over involving the tracking of individuals over time, including repeated visits to specified time, including repeated visits to specified locations. Providers engaged in such locations. Providers engaged in such practices should display prominent notices practices should only be permitted to located on the edge of the area of process such electronic communications coverage informing end-users prior to metadata based on the consent of the entering the defined area that the users concerned. technology is in operation within a given perimeter, the purpose of the tracking, the person responsible for it and the existence of any measure the end-user of the terminal equipment can take to minimize or stop the collection. Additional information should be provided where personal data are collected pursuant to Article 13 of Regulation (EU) 2016/679.
Or. en
Amendment 266 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 25
Text proposed by the Commission Amendment
(25) Accessing electronic (25) Accessing electronic communications networks requires the communications networks requires the regular emission of certain data packets in regular emission of certain data packets in order to discover or maintain a connection order to discover or maintain a connection with the network or other devices on the with the network or other devices on the network. Furthermore, devices must have a network. Furthermore, devices must have a unique address assigned in order to be unique address assigned in order to be identifiable on that network. Wireless and identifiable on that network. Wireless and cellular telephone standards similarly cellular telephone standards similarly involve the emission of active signals involve the emission of active signals containing unique identifiers such as a containing unique identifiers such as a MAC address, the IMEI (International MAC address, the IMEI (International Mobile Station Equipment Identity), the Mobile Station Equipment Identity), the IMSI etc. A single wireless base station IMSI etc. A single wireless base station (i.e. a transmitter and receiver), such as a (i.e. a transmitter and receiver), such as a wireless access point, has a specific range wireless access point, has a specific range within which such information may be within which such electronic captured. Service providers have emerged communications metadata may be who offer tracking services based on the captured. Service providers have emerged scanning of equipment related information who offer tracking services based on the with diverse functionalities, including scanning of equipment related information people counting, providing data on the with diverse functionalities, including number of people waiting in line, people counting, providing data on the ascertaining the number of people in a number of people waiting in line, specific area, etc. This information may be ascertaining the number of people in a used for more intrusive purposes, such as specific area, etc. This information may be to send commercial messages to end-users, used for more intrusive purposes, such as for example when they enter stores, with to send commercial messages to users, for personalized offers. While some of these example when they enter stores, with functionalities do not entail high privacy personalized offers. While some of these risks, others do, for example, those functionalities do not entail high privacy involving the tracking of individuals over risks, others do, for example, those time, including repeated visits to specified involving the tracking of individuals over locations. Providers engaged in such time, including repeated visits to specified practices should display prominent notices locations. Providers engaged in such located on the edge of the area of practices should only be permitted to coverage informing end-users prior to process such electronic communications entering the defined area that the metadata based on the consent of the technology is in operation within a given users concerned. perimeter, the purpose of the tracking, the person responsible for it and the existence of any measure the end-user of the terminal equipment can take to minimize or stop the collection. Additional information should be provided where personal data are collected pursuant to Article 13 of Regulation (EU) 2016/679.
Or. en
Amendment 267 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 25
Text proposed by the Commission Amendment
(25) Accessing electronic (25) Accessing electronic communications networks requires the communications networks requires the regular emission of certain data packets in regular emission of certain data packets in order to discover or maintain a connection order to discover or maintain a connection with the network or other devices on the with the network or other devices on the network. Furthermore, devices must have a network. Furthermore, devices must have a unique address assigned in order to be unique address assigned in order to be identifiable on that network. Wireless and identifiable on that network. Wireless and cellular telephone standards similarly cellular telephone standards similarly involve the emission of active signals involve the emission of active signals containing unique identifiers such as a containing unique identifiers such as a MAC address, the IMEI (International MAC address, the IMEI (International Mobile Station Equipment Identity), the Mobile Station Equipment Identity), the IMSI etc. A single wireless base station IMSI etc. A single wireless base station (i.e. a transmitter and receiver), such as a (i.e. a transmitter and receiver), such as a wireless access point, has a specific range wireless access point, has a specific range within which such information may be within which such electronic captured. Service providers have emerged communications metadata may be who offer tracking services based on the captured. Service providers have emerged scanning of equipment related information who offer tracking services based on the with diverse functionalities, including scanning of equipment related information people counting, providing data on the with diverse functionalities, including number of people waiting in line, people counting, providing data on the ascertaining the number of people in a number of people waiting in line, specific area, etc. This information may be ascertaining the number of people in a used for more intrusive purposes, such as specific area, etc. This information may be to send commercial messages to end-users, used for more intrusive purposes, such as for example when they enter stores, with to send commercial messages to users, for personalized offers. While some of these example when they enter stores, with functionalities do not entail high privacy personalized offers. While some of these risks, others do, for example, those functionalities do not entail high privacy involving the tracking of individuals over risks, others do, for example, those time, including repeated visits to specified involving the tracking of individuals over locations. Providers engaged in such time, including repeated visits to specified practices should display prominent notices locations. Providers engaged in such located on the edge of the area of practices should only be permitted to coverage informing end-users prior to process such electronic communications entering the defined area that the metadata based on the consent of the technology is in operation within a given users concerned. perimeter, the purpose of the tracking, the person responsible for it and the existence of any measure the end-user of the terminal equipment can take to minimize or stop the collection. Additional information should be provided where personal data are collected pursuant to Article 13 of Regulation (EU) 2016/679.
Or. en
Amendment 268 Anna Maria Corazza Bildt
Proposal for a regulation Recital 25
Text proposed by the Commission Amendment
(25) Accessing electronic (25) Accessing electronic communications networks requires the communications networks requires the regular emission of certain data packets in regular emission of certain data packets in order to discover or maintain a connection order to discover or maintain a connection with the network or other devices on the with the network or other devices on the network. Furthermore, devices must have a network. Furthermore, devices must have a unique address assigned in order to be unique address assigned in order to be identifiable on that network. Wireless and identifiable on that network. Wireless and cellular telephone standards similarly cellular telephone standards similarly involve the emission of active signals involve the emission of active signals containing unique identifiers such as a containing unique identifiers such as a MAC address, the IMEI (International MAC address, the IMEI (International Mobile Station Equipment Identity), the Mobile Station Equipment Identity), the IMSI etc. A single wireless base station IMSI etc. A single wireless base station (i.e. a transmitter and receiver), such as a (i.e. a transmitter and receiver), such as a wireless access point, has a specific range wireless access point, has a specific range within which such information may be within which such information may be captured. Service providers have emerged captured. Service providers have emerged who offer tracking services based on the who offer tracking services based on the scanning of equipment related information scanning of equipment related information with diverse functionalities, including with diverse functionalities, including people counting, providing data on the people counting, providing data on the number of people waiting in line, number of people waiting in line, ascertaining the number of people in a ascertaining the number of people in a specific area, etc. This information may be specific area, etc. This information may be used for more intrusive purposes, such as used for more intrusive purposes, such as to send commercial messages to end-users, to send commercial messages to end-users, for example when they enter stores, with for example when they enter stores, with personalized offers. While some of these personalized offers. Information emitted functionalities do not entail high privacy by terminal equipment should be risks, others do, for example, those considered a separate category from involving the tracking of individuals over metadata and information from the time, including repeated visits to specified consumer's terminal equipment itself. locations. Providers engaged in such Nevertheless, collection of such practices should display prominent notices information should be subject to specific located on the edge of the area of coverage transparency measures and safeguards. informing end-users prior to entering the Entities deploying such solutions should defined area that the technology is in display or make available prominent operation within a given perimeter, the notices located on the edge of the area of purpose of the tracking, the person coverage informing end-users prior to responsible for it and the existence of any entering the defined area that the measure the end-user of the terminal technology is in operation within a given equipment can take to minimize or stop the perimeter, the purpose of the tracking, the collection. Additional information should person responsible for it and the existence be provided where personal data are of any measure the end-user of the terminal collected pursuant to Article 13 of equipment can take to minimize or stop the Regulation (EU) 2016/679. collection. Additional information should be provided where personal data are collected pursuant to Article 13 of Regulation (EU) 2016/679 and the processing of such personal data will also be subject to the Regulation.
Or. en
Amendment 269 Sophia in 't Veld
Proposal for a regulation Recital 25
Text proposed by the Commission Amendment
(25) Accessing electronic (25) Accessing electronic communications networks requires the communications networks requires the regular emission of certain data packets in regular emission of certain data packets in order to discover or maintain a connection order to discover or maintain a connection with the network or other devices on the with the network or other devices on the network. Furthermore, devices must have a network. Furthermore, devices must have a unique address assigned in order to be unique address assigned in order to be identifiable on that network. Wireless and identifiable on that network. Wireless and cellular telephone standards similarly cellular telephone standards similarly involve the emission of active signals involve the emission of active signals containing unique identifiers such as a containing unique identifiers such as a MAC address, the IMEI (International MAC address, the IMEI (International Mobile Station Equipment Identity), the Mobile Station Equipment Identity), the IMSI etc. A single wireless base station IMSI etc. A single wireless base station (i.e. a transmitter and receiver), such as a (i.e. a transmitter and receiver), such as a wireless access point, has a specific range wireless access point, has a specific range within which such information may be within which such information may be captured. Service providers have emerged captured. Service providers have emerged who offer tracking services based on the who offer tracking services based on the scanning of equipment related information scanning of equipment related information with diverse functionalities, including with diverse functionalities, including people counting, providing data on the people counting, providing data on the number of people waiting in line, number of people waiting in line, ascertaining the number of people in a ascertaining the number of people in a specific area, etc. This information may be specific area, etc. This information is used for more intrusive purposes, such as sometimes being used for more intrusive to send commercial messages to end-users, purposes, such as to send commercial for example when they enter stores, with messages to end-users, for example when personalized offers. While some of these they enter stores, with personalized offers. functionalities do not entail high privacy While some of these functionalities do not risks, others do, for example, those entail high privacy risks, others do, for involving the tracking of individuals over example, those involving the tracking of time, including repeated visits to specified individuals over time, including repeated locations. Providers engaged in such visits to specified locations. Providers practices should display prominent notices engaged in statistical counting should located on the edge of the area of coverage display prominent notices located on the informing end-users prior to entering the edge of the area of coverage informing defined area that the technology is in end-users prior to entering the defined area operation within a given perimeter, the that the technology is in operation within a purpose of the tracking, the person given perimeter, the purpose of the responsible for it and the existence of any tracking, the person responsible for it and measure the end-user of the terminal the existence of any measure the end-user equipment can take to minimize or stop the of the terminal equipment can take to collection. Additional information should minimize or stop the collection. Consent is be provided where personal data are needed for any other type of data collected pursuant to Article 13 of collection using the scanning of Regulation (EU) 2016/679. equipment, after informing the end-user pursuant to Article 13 of Regulation (EU) 2016/679.
Or. en
Amendment 270 Sophia in 't Veld, Kaja Kallas
Proposal for a regulation Recital 26
Text proposed by the Commission Amendment
(26) When the processing of electronic (26) When the processing of electronic communications data by providers of communications data by providers of electronic communications services falls electronic communications services falls within its scope, this Regulation should within its scope, this Regulation should provide for the possibility for the Union or provide for the possibility for the Union or Member States under specific conditions to Member States under specific conditions to restrict by law certain obligations and restrict by law certain obligations and rights when such a restriction constitutes a rights when such a restriction constitutes a necessary and proportionate measure in a necessary and proportionate measure in a democratic society to safeguard specific democratic society to safeguard national public interests, including national security, defence, public security, and the security, defence, public security and the prevention, investigation, detection and prevention, investigation, detection or prosecution of criminal offences or of prosecution of criminal offences or the unauthorised use of the electronic execution of criminal penalties, including communications system. Therefore, this the safeguarding against and the Regulation should not affect the ability of prevention of threats to public security Member States to carry out lawful and other important objectives of general interception of electronic communications public interest of the Union or of a or take other measures, if necessary and Member State, in particular an important proportionate to safeguard the public economic or financial interest of the interests mentioned above, in accordance Union or of a Member State, or a with the Charter of Fundamental Rights of monitoring, inspection or regulatory the European Union and the European function connected to the exercise of Convention for the Protection of Human official authority for such interests. Rights and Fundamental Freedoms, as Therefore, this Regulation should not interpreted by the Court of Justice of the affect the ability of Member States to carry European Union and of the European Court out lawful interception of electronic of Human Rights. Providers of electronic communications or take other measures, if communications services should provide necessary and proportionate to safeguard for appropriate procedures to facilitate the public interests mentioned above, in legitimate requests of competent accordance with the Charter of authorities, where relevant also taking into Fundamental Rights of the European Union account the role of the representative and the European Convention for the designated pursuant to Article 3(3). Protection of Human Rights and Fundamental Freedoms, as interpreted by the Court of Justice of the European Union and of the European Court of Human Rights. Providers of electronic communications services should provide for appropriate procedures to facilitate legitimate requests of competent authorities, where relevant also taking into account the role of the representative designated pursuant to Article 3(3).
Or. en
Amendment 271 Cornelia Ernst
Proposal for a regulation Recital 26
Text proposed by the Commission Amendment
(26) When the processing of electronic (26) When the processing of electronic communications data by providers of communications data by providers of electronic communications services falls electronic communications services falls within its scope, this Regulation should within its scope, this Regulation should provide for the possibility for the Union or provide for the possibility for the Union or Member States under specific conditions to Member States under specific conditions to restrict by law certain obligations and temporarily restrict by law certain rights when such a restriction constitutes a obligations and rights when such a necessary and proportionate measure in a restriction constitutes a necessary and democratic society to safeguard specific proportionate measure in a democratic public interests, including national society to safeguard specific public security, defence, public security and the interests, including national security, prevention, investigation, detection or defence, public security and the prevention, prosecution of criminal offences or the investigation, detection or prosecution of execution of criminal penalties, including criminal offences or the execution of the safeguarding against and the criminal penalties. Therefore, this prevention of threats to public security Regulation should not prohibit Member and other important objectives of general States from carrying out lawful public interest of the Union or of a interception of electronic communications Member State, in particular an important or take other measures, if necessary and economic or financial interest of the proportionate to safeguard the public Union or of a Member State, or a interests mentioned above, in accordance monitoring, inspection or regulatory with the Charter of Fundamental Rights of function connected to the exercise of the European Union and the European official authority for such interests. Convention for the Protection of Human Therefore, this Regulation should not Rights and Fundamental Freedoms, as affect the ability of Member States to carry interpreted by the Court of Justice of the out lawful interception of electronic European Union and of the European Court communications or take other measures, if of Human Rights. Providers of electronic necessary and proportionate to safeguard communications services should not be the public interests mentioned above, in obliged by Union or Member States accordance with the Charter of competent authorities to weaken any Fundamental Rights of the European Union measures that ensure the integrity and and the European Convention for the confidentiality of electronic Protection of Human Rights and communications. Fundamental Freedoms, as interpreted by the Court of Justice of the European Union and of the European Court of Human Rights. Providers of electronic communications services should provide for appropriate procedures to facilitate legitimate requests of competent authorities, where relevant also taking into account the role of the representative designated pursuant to Article 3(3). Or. en
Amendment 272 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 26
Text proposed by the Commission Amendment
(26) When the processing of electronic (26) When the processing of electronic communications data by providers of communications data by providers of electronic communications services falls electronic communications services falls within its scope, this Regulation should within its scope, this Regulation should provide for the possibility for the Union or provide for the possibility for the Union or Member States under specific conditions to Member States under specific conditions to restrict by law certain obligations and temporarily restrict by law certain rights when such a restriction constitutes a obligations and rights when such a necessary and proportionate measure in a restriction is targeted at persons suspected democratic society to safeguard specific of having committed a criminal offence public interests, including national and constitutes a necessary and security, defence, public security and the proportionate measure in a democratic prevention, investigation, detection or society to safeguard specific public prosecution of criminal offences or the interests, including national security, execution of criminal penalties, including defence, and the prevention, investigation, the safeguarding against and the detection or prosecution of criminal prevention of threats to public security offences or the execution of criminal and other important objectives of general penalties. Therefore, this Regulation public interest of the Union or of a should not affect the ability of Member Member State, in particular an important States to carry out lawful interception of economic or financial interest of the electronic communications or take other Union or of a Member State, or a measures, if necessary and proportionate to monitoring, inspection or regulatory safeguard the public interests mentioned function connected to the exercise of above, in accordance with the Charter of official authority for such interests. Fundamental Rights of the European Union Therefore, this Regulation should not and the European Convention for the affect the ability of Member States to carry Protection of Human Rights and out lawful interception of electronic Fundamental Freedoms, as interpreted by communications or take other measures, if the Court of Justice of the European Union necessary and proportionate to safeguard and of the European Court of Human the public interests mentioned above, in Rights. Providers of electronic accordance with the Charter of communications services should not be Fundamental Rights of the European Union obliged by Union or Member States and the European Convention for the competent authorities to weaken any Protection of Human Rights and measures that ensure the integrity and Fundamental Freedoms, as interpreted by confidentiality of electronic the Court of Justice of the European Union communications. and of the European Court of Human Rights. Providers of electronic communications services should provide for appropriate procedures to facilitate legitimate requests of competent authorities, where relevant also taking into account the role of the representative designated pursuant to Article 3(3).
Or. en
Amendment 273 Michał Boni, Frank Engel, Tomáš Zdechovský, Viviane Reding, Carlos Coelho, Pál Csáky
Proposal for a regulation Recital 26
Text proposed by the Commission Amendment
(26) When the processing of electronic (26) When the processing of electronic communications data by providers of communications data by providers of electronic communications services falls electronic communications services falls within its scope, this Regulation should within its scope, this Regulation should provide for the possibility for the Union or provide for the possibility for the Union or Member States under specific conditions to Member States under specific conditions to restrict by law certain obligations and restrict by law certain obligations and rights when such a restriction constitutes a rights when such a restriction constitutes a necessary and proportionate measure in a necessary and proportionate measure in a democratic society to safeguard specific democratic society to safeguard specific public interests, including national public interests, including national security, defence, public security and the security, defence, public security and the prevention, investigation, detection or prevention, investigation, detection or prosecution of criminal offences or the prosecution of criminal offences or the execution of criminal penalties, including execution of criminal penalties, including the safeguarding against and the prevention the safeguarding against and the prevention of threats to public security and other of threats to public security, or a important objectives of general public monitoring, inspection or regulatory interest of the Union or of a Member function connected to the exercise of State, in particular an important official authority for such interests. economic or financial interest of the Therefore, this Regulation should not Union or of a Member State, or a affect the ability of Member States to carry monitoring, inspection or regulatory out lawful interception of electronic function connected to the exercise of communications or take other measures, if official authority for such interests. necessary and proportionate to safeguard Therefore, this Regulation should not the public interests mentioned above, in affect the ability of Member States to carry accordance with the Charter of out lawful interception of electronic Fundamental Rights of the European Union communications or take other measures, if and the European Convention for the necessary and proportionate to safeguard Protection of Human Rights and the public interests mentioned above, in Fundamental Freedoms, as interpreted by accordance with the Charter of the Court of Justice of the European Union Fundamental Rights of the European Union and of the European Court of Human and the European Convention for the Rights. Providers of electronic Protection of Human Rights and communications services should provide Fundamental Freedoms, as interpreted by for appropriate procedures to facilitate the Court of Justice of the European Union legitimate requests of competent and of the European Court of Human authorities, where relevant also taking into Rights. Providers of electronic account the role of the representative communications services should provide designated pursuant to Article 3(3). for appropriate procedures to facilitate legitimate requests of competent authorities, where relevant also taking into account the role of the representative designated pursuant to Article 3(3).
Or. en
Amendment 274 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 26
Text proposed by the Commission Amendment
(26) When the processing of electronic (26) When the processing of electronic communications data by providers of communications data by providers of electronic communications services falls electronic communications services falls within its scope, this Regulation should within its scope, this Regulation should provide for the possibility for the Union or provide for the possibility for the Union or Member States under specific conditions to Member States under specific conditions to restrict by law certain obligations and restrict by law certain obligations and rights when such a restriction constitutes a rights when such a restriction constitutes a necessary and proportionate measure in a necessary and proportionate measure in a democratic society to safeguard specific democratic society to safeguard specific public interests, including national public interests, including national security, defence, public security and the security, defence, public security and the prevention, investigation, detection or prevention, investigation, detection or prosecution of criminal offences or the prosecution of criminal offences or the execution of criminal penalties, including execution of criminal penalties, including the safeguarding against and the prevention the safeguarding against and the prevention of threats to public security and other of threats to public security and other important objectives of general public important objectives of general public interest of the Union or of a Member State, interest of the Union or of a Member State, in particular an important economic or in particular an important economic or financial interest of the Union or of a financial interest of the Union or of a Member State, or a monitoring, inspection Member State, or a monitoring, inspection or regulatory function connected to the or regulatory function connected to the exercise of official authority for such exercise of official authority for such interests. Therefore, this Regulation should interests. Therefore, this Regulation should not affect the ability of Member States to not affect the ability of Member States to carry out lawful interception of electronic carry out lawful interception of electronic communications or take other measures, if communications or take other measures, if necessary and proportionate to safeguard necessary and proportionate to safeguard the public interests mentioned above, in the public interests mentioned above, for accordance with the Charter of instance, when someone is suspected of a Fundamental Rights of the European Union criminal offence or when there are strong and the European Convention for the reasons to believe a minor has been Protection of Human Rights and missing, in accordance with the Charter of Fundamental Freedoms, as interpreted by Fundamental Rights of the European Union the Court of Justice of the European Union and the European Convention for the and of the European Court of Human Protection of Human Rights and Rights. Providers of electronic Fundamental Freedoms, as interpreted by communications services should provide the Court of Justice of the European Union for appropriate procedures to facilitate and of the European Court of Human legitimate requests of competent Rights. Providers of electronic authorities, where relevant also taking into communications services should provide account the role of the representative for appropriate procedures to facilitate designated pursuant to Article 3(3). legitimate requests of competent authorities, where relevant also taking into account the role of the representative designated pursuant to Article 3(3).
Or. en
Amendment 275 Daniel Dalton, John Procter
Proposal for a regulation Recital 26
Text proposed by the Commission Amendment
(26) When the processing of electronic (26) When the processing of electronic communications data by providers of communications data by providers of electronic communications services falls electronic communications services falls within its scope, this Regulation should within its scope, this Regulation should provide for the possibility for the Union or provide for the possibility for the Union or Member States under specific conditions to Member States under specific conditions to restrict by law certain obligations and restrict by law certain obligations and rights when such a restriction constitutes a rights when such a restriction constitutes a necessary and proportionate measure in a necessary and proportionate measure in a democratic society to safeguard specific democratic society to safeguard specific public interests, including national public interests, including national security, defence, public security and the security, defence, public security and the prevention, investigation, detection or prevention, investigation, detection or prosecution of criminal offences or the prosecution of criminal offences or the execution of criminal penalties, including execution of criminal penalties, including the safeguarding against and the prevention the safeguarding against and the prevention of threats to public security and other of threats to public security and other important objectives of general public important objectives of general public interest of the Union or of a Member State, interest of the Union or of a Member State, in particular an important economic or in particular an important economic or financial interest of the Union or of a financial interest of the Union or of a Member State, or a monitoring, inspection Member State, or a monitoring, inspection or regulatory function connected to the or regulatory function connected to the exercise of official authority for such exercise of official authority for such interests. Therefore, this Regulation should interests. Therefore, this Regulation should not affect the ability of Member States to not affect the ability of Member States to carry out lawful interception of electronic carry out lawful interception of electronic communications or take other measures, if communications or take other measures, if necessary and proportionate to safeguard necessary and proportionate to safeguard the public interests mentioned above, in the public interests mentioned above, in accordance with the Charter of accordance with the Charter of Fundamental Rights of the European Union Fundamental Rights of the European Union and the European Convention for the and the European Convention for the Protection of Human Rights and Protection of Human Rights and Fundamental Freedoms, as interpreted by Fundamental Freedoms, as interpreted by the Court of Justice of the European Union the Court of Justice of the European Union and of the European Court of Human and of the European Court of Human Rights. Providers of electronic Rights. Providers of electronic communications services should provide communications services should provide for appropriate procedures to facilitate for appropriate procedures to facilitate legitimate requests of competent legitimate requests of competent authorities, where relevant also taking into authorities, where relevant also taking into account the role of the representative account the role of the representative designated pursuant to Article 3(3). designated pursuant to Article 27 of regulation (EU) 2016/679.
Or. en
Amendment 276 Sophia in 't Veld, Angelika Mlinar
Proposal for a regulation Recital 26 a (new)
Text proposed by the Commission Amendment
(26 a) In order to safeguard the security and integrity of networks and services, the use of end-to-end encryption should be promoted and, where necessary, be mandatory in accordance with the principles of security and privacy by design. Member States should not impose any obligation on encryption providers, on providers of electronic communications services or on any other organisations (at any level of the supply chain) that would result in the weakening of the security of their networks and services, such as the creation or facilitation of "backdoors".
Or. en
Amendment 277 Cornelia Ernst
Proposal for a regulation Recital 26 a (new)
Text proposed by the Commission Amendment
(26 a) In its judgment C-293/12 the Court of Justice held that the bulk collection of communications data, in particular when done without any differentiation, limitation or exception, constitutes a wide- ranging and particularly serious interference with the rights enshrined in Articles 7 and 8 of the Charter, without such an interference being precisely circumscribed to ensure that it is actually limited to what is strictly necessary.
Or. en
Amendment 278 Sophia in 't Veld
Proposal for a regulation Recital 28
Text proposed by the Commission Amendment
(28) There is justification for (28) End-users' rights to privacy with overriding the elimination of calling line regard to calling line identification may be identification presentation in specific restricted only where this is necessary to cases. End-users' rights to privacy with trace nuisance calls and with regard to regard to calling line identification should calling line identification and location data be restricted where this is necessary to where this is necessary to allow emergency trace nuisance calls and with regard to calling line identification and location data services, such as eCall, to carry out their where this is necessary to allow emergency tasks as effectively as possible. services, such as eCall, to carry out their tasks as effectively as possible.
Or. en
Amendment 279 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 28
Text proposed by the Commission Amendment
(28) There is justification for overriding (28) There is justification for overriding the elimination of calling line identification the elimination of calling line identification presentation in specific cases. End-users' presentation in specific cases. Subscribers' rights to privacy with regard to calling line rights to privacy with regard to calling line identification should be restricted where identification should be restricted where this is necessary to trace nuisance calls and this is necessary to trace nuisance calls and with regard to calling line identification with regard to calling line identification and location data where this is necessary to and location data where this is necessary to allow emergency services, such as eCall, to allow emergency services, such as eCall, to carry out their tasks as effectively as carry out their tasks as effectively as possible. possible.
Or. en
Amendment 280 Anna Maria Corazza Bildt
Proposal for a regulation Recital 29
Text proposed by the Commission Amendment
(29) Technology exists that enables (29) Technology exists that enables providers of electronic communications providers of certain publicly available services to limit the reception of unwanted electronic communications services to limit calls by end-users in different ways, the reception of unwanted calls including blocking silent calls and other by consumers in different ways, including fraudulent and nuisance calls. Providers of blocking silent calls and other fraudulent publicly available number-based and nuisance calls. Where technically interpersonal communications services feasible and economically viable, should deploy this technology and protect providers of publicly available voice end-users against nuisance calls and free communications services should deploy of charge. Providers should ensure that this technology and protect consumers end-users are aware of the existence of against nuisance calls and free of charge. such functionalities, for instance, by Providers should ensure that consumers publicising the fact on their webpage. are aware of the existence of such functionalities, for instance, by publicising the fact on their webpage.
Or. en
Amendment 281 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 29
Text proposed by the Commission Amendment
(29) Technology exists that enables (29) Technology exists that enables providers of electronic communications providers of electronic communications services to limit the reception of unwanted services to limit the reception of unwanted calls by end-users in different ways, calls by subscribers in different ways, including blocking silent calls and other including blocking silent calls and other fraudulent and nuisance calls. Providers of fraudulent and nuisance calls or marketing publicly available number-based calls with a specific code or prefix. interpersonal communications services Providers of publicly available number- should deploy this technology and protect based interpersonal communications end-users against nuisance calls and free services should deploy this technology and of charge. Providers should ensure that protect subscribers against nuisance calls end-users are aware of the existence of and free of charge. Providers should ensure such functionalities, for instance, by that subscribers are aware of the existence publicising the fact on their webpage. of such functionalities, for instance, by publicising the fact on their webpage.
Or. en
Amendment 282 Sophia in 't Veld
Proposal for a regulation Recital 30
Text proposed by the Commission Amendment
(30) Publicly available directories of (30) Publicly available directories of end-users of electronic communications end-users of electronic communications services are widely distributed. Publicly services are widely distributed. Publicly available directories means any directory available directories means any directory or service containing end-users information or service containing end-users information such as phone numbers (including mobile such as phone numbers (including mobile phone numbers), email address contact phone numbers), email address contact details and includes inquiry services. The details and includes inquiry services. The right to privacy and to protection of the right to privacy and to protection of the personal data of a natural person requires personal data of a natural person requires that end-users that are natural persons are that end-users that are natural persons are asked for consent before their personal data asked for consent before their personal data are included in a directory. The legitimate are included in a directory. To allow for a interest of legal entities requires that end- transition in cases where end-users' users that are legal entities have the right to information has been included in such a object to the data related to them being directory without consent, where included in a directory. acquiring consent would lay an unreasonable burden on the directory or the originating service provider, consent should only be required for new subscribers from the moment of application of this Regulation. The legitimate interest of legal entities requires that end-users that are legal entities have the right to object to the data related to them being included in a directory.
Or. en
Amendment 283 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 30
Text proposed by the Commission Amendment
(30) Publicly available directories of (30) Publicly available directories of end-users of electronic communications end-users of electronic communications services are widely distributed. Publicly services are widely distributed. Publicly available directories means any directory available directories means any directory or service containing end-users information or service containing end-users information such as phone numbers (including mobile such as phone numbers (including mobile phone numbers), email address contact phone numbers), email address contact details and includes inquiry services. The details and includes inquiry services. The right to privacy and to protection of the right to privacy and to protection of the personal data of a natural person requires personal data of a natural person acting out that end-users that are natural persons are of their business capacity requires that asked for consent before their personal end-users that are natural persons are data are included in a directory. The provided, upon request, with transparent legitimate interest of legal entities requires information about the data being included that end-users that are legal entities have in the directory and the means to verify, correct, update, supplement and delete the right to object to the data related to data relating to them free of charge. The them being included in a directory. legitimate interest of legal entities requires that end-users that are legal entities have the right to object to the data related to them being included in a directory.
Or. en
Amendment 284 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 30
Text proposed by the Commission Amendment
(30) Publicly available directories of (30) Publicly available directories of end-users of electronic communications end-users of electronic communications services are widely distributed. Publicly services are widely distributed. Publicly available directories means any directory available directories means any directory or service containing end-users information or service containing end-users information such as phone numbers (including mobile such as phone numbers (including mobile phone numbers), email address contact phone numbers), email address contact details and includes inquiry services. The details and includes inquiry services. The right to privacy and to protection of the right to privacy and to protection of the personal data of a natural person requires personal data of a natural person requires that end-users that are natural persons are that end-users that are natural persons are asked for consent before their personal data asked for consent before their personal data are included in a directory. The legitimate are included in a directory. The legitimate interest of legal entities requires that end- interest of legal entities requires that end- users that are legal entities have the right to users that are legal entities have the right to object to the data related to them being object to the data related to them being included in a directory. included in a directory. The consent should be collected by the electronic communications service provider at the moment of signing the contract for such service.
Or. en
Amendment 285 Marju Lauristin
Proposal for a regulation Recital 30
Text proposed by the Commission Amendment
(30) Publicly available directories of (30) Publicly available directories of end-users of electronic communications end-users of electronic communications services are widely distributed. Publicly services are widely distributed. Publicly available directories means any directory available directories means any directory or service containing end-users information or service containing end-users information such as phone numbers (including mobile such as phone numbers (including mobile phone numbers), email address contact phone numbers), email address contact details and includes inquiry services. The details and includes inquiry services. The right to privacy and to protection of the right to privacy and to protection of the personal data of a natural person requires personal data of a natural person requires that end-users that are natural persons are that users are asked for consent before asked for consent before their personal data their personal data are included in a are included in a directory. The legitimate directory. The legitimate interest of legal interest of legal entities requires that end- entities requires that end-users have the users that are legal entities have the right right to object to the data related to them to object to the data related to them being being included in a directory. Natural included in a directory. persons who act with commercial intent, such as freelancers, small traders or self- employed persons, should be equated to legal persons.
Or. en
Amendment 286 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Recital 30
Text proposed by the Commission Amendment
(30) Publicly available directories of (30) Publicly available directories of end-users of electronic communications end-users of electronic communications services are widely distributed. Publicly services are widely distributed. Publicly available directories means any directory available directories means any directory or service containing end-users information or service containing end-users information such as phone numbers (including mobile such as phone numbers (including mobile phone numbers), email address contact phone numbers), email address contact details and includes inquiry services. The details and includes inquiry services. The right to privacy and to protection of the right to privacy and to protection of the personal data of a natural person requires personal data of a natural person requires that end-users that are natural persons are that end-users that are natural persons have asked for consent before their personal the possibilty of objecting to their personal data are included in a directory. The data being included in a directory. The legitimate interest of legal entities requires legitimate interest of legal entities requires that end-users that are legal entities have that end-users that are legal entities have the right to object to the data related to the right to object to the data related to them being included in a directory. them being included in a directory.
Or. en
Justification
The publicly available directories are now based on a functional opt-out system. This proposal would create a opt-in system, where the providors are forced to gain consent from all end-users, creating an unnecessary burden for the providors. Securing the end-user's right to object should be sufficient.
Amendment 287 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 30
Text proposed by the Commission Amendment
(30) Publicly available directories of (30) Publicly available directories of end-users of electronic communications subscribers of electronic communications services are widely distributed. Publicly services are widely distributed. Publicly available directories means any directory available directories means any directory or service containing end-users or service containing subscribers information such as phone numbers information such as phone numbers (including mobile phone numbers), email (including mobile phone numbers), email address contact details and includes inquiry address contact details and includes inquiry services. The right to privacy and to services. The right to privacy and to protection of the personal data of a natural protection of the personal data of a natural person requires that end-users that are person requires that subscribers that are natural persons are asked for consent natural persons are asked for consent before their personal data are included in a before their personal data are included in a directory. The legitimate interest of legal directory. The legitimate interest of legal entities requires that end-users that are entities requires that subscribers that are legal entities have the right to object to the legal entities have the right to object to the data related to them being included in a data related to them being included in a directory. directory.
Or. en
Amendment 288 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 31
Text proposed by the Commission Amendment
(31) If end-users that are natural persons (31) If end-users that are natural persons give their consent to their data being do not object to the inclusion of their data included in such directories, they should from providers of number-based be able to determine on a consent basis interpersonal communication services and which categories of personal data are electronic communication providers in included in the directory (for example public directories, they should be able to name, email address, home address, user determine which categories of personal name, phone number). In addition, data are included in the directory (for providers of publicly available directories example name, email address, home should inform the end-users of the address, user name, phone number). In purposes of the directory and of the search addition, providers of publicly available functions of the directory before including directories should inform the end-users of them in that directory. End-users should the purposes of the directory and of the be able to determine by consent on the search functions of the directory. basis of which categories of personal data their contact details can be searched. The categories of personal data included in the directory and the categories of personal data on the basis of which the end-user's contact details can be searched should not necessarily be the same.
Or. en
Amendment 289 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Recital 31
Text proposed by the Commission Amendment
(31) If end-users that are natural persons (31) If end-users that are natural persons give their consent to their data being do not object to their data being included included in such directories, they should be in such directories, they should be able to able to determine on a consent basis which make an objection on basis which categories of personal data are included in categories of personal data are included in the directory (for example name, email the directory (for example name, email address, home address, user name, phone address, home address, user name, phone number). In addition, providers of publicly number). In addition, providers of publicly available directories should inform the available directories should provide end-users of the purposes of the directory accessible information to the end-users of and of the search functions of the directory the purposes of the directory and of the before including them in that directory. search functions of the directory before End-users should be able to determine by including them in that directory. End-users consent on the basis of which categories of should be able to object on the basis of personal data their contact details can be which categories of personal data their searched. The categories of personal data contact details can be searched. The included in the directory and the categories categories of personal data included in the of personal data on the basis of which the directory and the categories of personal end-user's contact details can be searched data on the basis of which the end-user's should not necessarily be the same. contact details can be searched should not necessarily be the same.
Or. en
Justification
The publicly available directories are now based on a functional opt-out system. This proposal would create a opt-in system, where the providors are forced to gain consent from all end-users, creating an unnecessary burden for the providors. Securing the end-user's right to object should be sufficient.
Amendment 290 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 31
Text proposed by the Commission Amendment
(31) If end-users that are natural persons (31) If end-users that are natural persons give their consent to their data being give their consent to their data being included in such directories, they should be included in such directories, they should be able to determine on a consent basis which able to determine on a consent basis which categories of personal data are included in categories of personal data are included in the directory (for example name, email the directory (for example name, email address, home address, user name, phone address, home address, user name, phone number). In addition, providers of publicly number). In addition, upon giving their available directories should inform the consent the end-users should be informed end-users of the purposes of the directory of the purposes of the directory and of the and of the search functions of the directory search functions of the directory before before including them in that directory. including them in that directory. End-users End-users should be able to determine by should be able to determine by consent on consent on the basis of which categories of the basis of which categories of personal personal data their contact details can be data their contact details can be searched. searched. The categories of personal data The categories of personal data included in included in the directory and the categories the directory and the categories of personal of personal data on the basis of which the data on the basis of which the end-user's end-user's contact details can be searched contact details can be searched should not should not necessarily be the same. necessarily be the same. The providers of publicly available directories shall provide information about the search options, as well as if new options and functions of the directories are available in the publicly available directories.
Or. en
Amendment 291 Sophia in 't Veld
Proposal for a regulation Recital 31
Text proposed by the Commission Amendment
(31) If end-users that are natural persons (31) If end-users that are natural persons give their consent to their data being give their consent to their data being included in such directories, they should be included in such directories, they should be able to determine on a consent basis which able to determine on a consent basis which categories of personal data are included in specific directory may include their the directory (for example name, email information, the categories of personal address, home address, user name, phone data to be included in each of the number). In addition, providers of publicly respective directories (for example name, available directories should inform the end- email address, home address, user name, users of the purposes of the directory and phone number). In addition, providers of of the search functions of the directory publicly available directories should before including them in that directory. inform the end-users of the purposes of the End-users should be able to determine by directory and of the search functions of the consent on the basis of which categories of directory before including them in that personal data their contact details can be directory. End-users should be able to searched. The categories of personal data determine by consent on the basis of which included in the directory and the categories categories of personal data their contact of personal data on the basis of which the details can be searched. The categories of end-user's contact details can be searched personal data included in the directory and should not necessarily be the same. the categories of personal data on the basis of which the end-user's contact details can be searched should not necessarily be the same.
Or. en
Amendment 292 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 31
Text proposed by the Commission Amendment (31) If end-users that are natural persons (31) If subscribers that are natural give their consent to their data being persons give their consent to their data included in such directories, they should be being included in such directories, they able to determine on a consent basis which should be able to determine on a consent categories of personal data are included in basis which categories of personal data are the directory (for example name, email included in the directory (for example address, home address, user name, phone name, email address, home address, user number). In addition, providers of publicly name, phone number). In addition, available directories should inform the providers of publicly available directories end-users of the purposes of the directory or the providers of electronic and of the search functions of the directory communications services should inform before including them in that directory. the subscribers of the purposes of the End-users should be able to determine by directory and of the search functions of the consent on the basis of which categories of directory before including them in that personal data their contact details can be directory. Subscribers should be able to searched. The categories of personal data determine by consent on the basis of which included in the directory and the categories categories of personal data their contact of personal data on the basis of which the details can be searched. The categories of end-user's contact details can be searched personal data included in the directory and should not necessarily be the same. the categories of personal data on the basis of which the subscriber's contact details can be searched should not necessarily be the same.
Or. en
Amendment 293 Marju Lauristin
Proposal for a regulation Recital 31
Text proposed by the Commission Amendment
(31) If end-users that are natural (31) If users give their consent to their persons give their consent to their data data being included in such directories, being included in such directories, they they should be able to determine on a should be able to determine on a consent consent basis which categories of personal basis which categories of personal data are data are included in the directory (for included in the directory (for example example name, e-mail address, home name, email address, home address, user address, user name, phone number). In name, phone number). In addition, addition, providers of publicly available providers of publicly available directories directories or the electronic should inform the end-users of the communication service providers should purposes of the directory and of the search inform the end-users of the purposes of the functions of the directory before including directory and of the search functions of the them in that directory. End-users should be directory before including them in that able to determine by consent on the basis directory. Users should be able to of which categories of personal data their determine by consent on the basis of which contact details can be searched. The categories of personal data their contact categories of personal data included in the details can be searched. The categories of directory and the categories of personal personal data included in the directory and data on the basis of which the end-user's the categories of personal data on the basis contact details can be searched should not of which the user's contact details can be necessarily be the same. searched should not necessarily be the same.
Or. en
Amendment 294 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 32
Text proposed by the Commission Amendment
(32) In this Regulation, direct marketing (32) In this Regulation, direct marketing refers to any form of advertising by which refers to any form of advertising by which a natural or legal person sends direct a natural or legal person sends direct marketing communications directly to one marketing communications directly to one or more identified or identifiable end-users or more identified or identifiable end-users using electronic communications services. using electronic communications services. In addition to the offering of products and services for commercial purposes, this should also include messages sent by political parties that contact natural persons via electronic communications services in order to promote their parties. The same should apply to messages sent by other non-profit organisations to support the purposes of the organisation.
Or. en
Amendment 295 Axel Voss, Heinz K. Becker
Proposal for a regulation Recital 32
Text proposed by the Commission Amendment
(32) In this Regulation, direct marketing (32) In this Regulation, direct marketing refers to any form of advertising by which refers to any form of advertising by which a natural or legal person sends direct a natural or legal person sends direct marketing communications directly to one marketing communications directly to one or more identified or identifiable end-users or more identified or identifiable end-users using electronic communications services. using electronic communications services. In addition to the offering of products and In addition to the offering of products and services for commercial purposes, this services for commercial purposes, this should also include messages sent by should also include messages sent by political parties that contact natural persons political parties that contact natural persons via electronic communications services in via electronic communications services in order to promote their parties. The same order to promote their parties. The same should apply to messages sent by other should apply to messages sent by other non-profit organisations to support the non-profit organisations to support the purposes of the organisation. purposes of the organisation. It should not apply to the communication for scientific re-search purposes like market and opinion research.
Or. en
Amendment 296 Sophia in 't Veld
Proposal for a regulation Recital 32
Text proposed by the Commission Amendment
(32) In this Regulation, direct marketing (32) In this Regulation, direct marketing refers to any form of advertising by which refers to any form of advertising by which a natural or legal person sends direct a natural or legal person sends direct marketing communications directly to one marketing communications directly to one or more identified or identifiable end-users or more identified or identifiable end-users using electronic communications services. using electronic communications services. In addition to the offering of products and In addition to the offering of products and services for commercial purposes, this services for commercial purposes, this should also include messages sent by should also include messages sent by non- political parties that contact natural profit organisations to support the purposes persons via electronic communications of the organization, including messages services in order to promote their parties. supporting a political campaign. The same should apply to messages sent by other non-profit organisations to support the purposes of the organisation.
Or. en
Amendment 297 Maria Grapini
Proposal for a regulation Recital 32
Text proposed by the Commission Amendment
(32) În prezentul regulament, (32) În prezentul regulament, marketingul direct se referă la orice formă marketingul direct se referă la orice formă de publicitate prin care o persoană fizică de publicitate prin care o persoană fizică sau juridică trimite comunicații în scopuri sau juridică trimite comunicații în scopuri de marketing direct către unul sau mai de marketing direct către unul sau mai mulți utilizatori finali identificați sau mulți utilizatori finali identificați sau identificabili care utilizează servicii de identificabili care utilizează servicii de comunicații electronice. În plus față de comunicații electronice. În plus față de oferta de produse și servicii în scopuri oferta de produse și servicii în scopuri comerciale, această noțiune ar trebui să comerciale, această noțiune ar trebui să cuprindă și mesajele trimise de partidele cuprindă și mesajele trimise de partidele politice care contactează persoane fizice politice și persoane politice independente prin intermediul serviciilor de comunicații care contactează persoane fizice prin electronice cu scopul de a se promova. intermediul serviciilor de comunicații Același lucru ar trebui să se aplice în cazul electronice cu scopul de a se promova. mesajelor trimise de alte organizații Același lucru ar trebui să se aplice în cazul nonprofit în vederea îndeplinirii mesajelor trimise de alte organizații obiectivelor organizației. nonprofit în vederea îndeplinirii obiectivelor organizației.
Or. ro
Amendment 298 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 32
Text proposed by the Commission Amendment
(32) In this Regulation, direct marketing (32) In this Regulation, direct marketing refers to any form of advertising by which refers to any form of advertising by which a natural or legal person sends direct a natural or legal person sends or presents marketing communications directly to one direct marketing communications directly or more identified or identifiable end-users to one or more identified or identifiable using electronic communications services. subscribers using electronic In addition to the offering of products and communications services. In addition to the services for commercial purposes, this offering of products and services for should also include messages sent by commercial purposes, this should also political parties that contact natural persons include messages sent by political parties via electronic communications services in that contact natural persons via electronic order to promote their parties. The same communications services in order to should apply to messages sent by other promote their parties. The same should apply to messages sent by other non-profit non-profit organisations to support the organisations to support the purposes of the purposes of the organisation. organisation.
Or. en
Amendment 299 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 33
Text proposed by the Commission Amendment
(33) Safeguards should be provided to (33) Safeguards should be provided to protect end-users against unsolicited protect end-users against unsolicited communications for direct marketing communications for direct marketing purposes, which intrude into the private life purposes, which intrude into the private life of end-users. The degree of privacy of end-users. The degree of privacy intrusion and nuisance is considered intrusion and nuisance is considered relatively similar independently of the wide relatively similar independently of the wide range of technologies and channels used to range of technologies and channels used to conduct these electronic communications, conduct these electronic communications, whether using automated calling and whether using automated calling and communication systems, instant messaging communication systems, instant messaging applications, emails, SMS, MMS, applications, emails, SMS, MMS, Bluetooth, etc. It is therefore justified to Bluetooth, etc. It is therefore justified to require that consent of the end-user is require that consent of the end-user is obtained before commercial electronic obtained before commercial electronic communications for direct marketing communications for direct marketing purposes are sent to end-users in order to purposes are sent to end-users in order to effectively protect individuals against the effectively protect individuals against the intrusion into their private life as well as intrusion into their private life as well as the legitimate interest of legal persons. the legitimate interest of legal persons. Legal certainty and the need to ensure that Legal certainty and the need to ensure that the rules protecting against unsolicited the rules protecting against unsolicited electronic communications remain future- electronic communications remain future- proof justify the need to define a single set proof justify the need to define a single set of rules that do not vary according to the of rules that do not vary according to the technology used to convey these technology used to convey these unsolicited communications, while at the unsolicited communications, while at the same time guaranteeing an equivalent level same time guaranteeing an equivalent level of protection for all citizens throughout the of protection for all citizens throughout the Union. However, it is reasonable to allow Union. However, it is reasonable to allow the use of e-mail contact details within the the use of e-mail contact details within the context of an existing customer context of an existing customer relationship for the offering of similar relationship for the offering of products or products or services. Such possibility services. Such possibility should only should only apply to the same company apply to the same company that has that has obtained the electronic contact obtained the electronic contact details in details in accordance with Regulation (EU) accordance with Regulation (EU) 2016/679. 2016/679. Direct marketing shall not include any form of advertising which is displayed within content presented to an end-user as part of an information society service.
Or. en
Amendment 300 Anna Maria Corazza Bildt
Proposal for a regulation Recital 33
Text proposed by the Commission Amendment
(33) Safeguards should be provided to (33) Safeguards should be provided to protect end-users against unsolicited protect end-users against unsolicited communications for direct marketing communications for direct marketing purposes, which intrude into the private life purposes, which intrude into the private life of end-users. The degree of privacy of end-users. The degree of privacy intrusion and nuisance is considered intrusion and nuisance is considered relatively similar independently of the wide relatively similar independently of the wide range of technologies and channels used to range of technologies and channels used to conduct these electronic communications, conduct these electronic communications, whether using automated calling and whether using automated calling and communication systems, instant messaging communication systems, instant messaging applications, emails, SMS, MMS, applications, emails, SMS, MMS, Bluetooth, etc. It is therefore justified to Bluetooth, etc. It is therefore justified to require that consent of the end-user is require that consent of the end-user is obtained before commercial electronic obtained before commercial electronic communications for direct marketing communications for direct marketing purposes are sent to end-users in order to purposes are sent to end-users in order to effectively protect individuals against the effectively protect individuals against the intrusion into their private life as well as intrusion into their private life. Legal the legitimate interest of legal persons. certainty and the need to ensure that the Legal certainty and the need to ensure that rules protecting against unsolicited the rules protecting against unsolicited electronic communications remain future- electronic communications remain future- proof justify the need to define a single set proof justify the need to define a single set of rules that do not vary according to the of rules that do not vary according to the technology used to convey these technology used to convey these unsolicited communications, while at the unsolicited communications, while at the same time guaranteeing an equivalent level same time guaranteeing an equivalent level of protection for all citizens throughout the of protection for all citizens throughout the Union. However, it is reasonable to allow Union. However, it is reasonable to allow the use of e-mail contact details within the the use of e-mail contact details within the context of an existing customer context of an existing customer relationship for the offering of similar relationship for the offering of similar products or services. Such possibility products or services. Such possibility should only apply to the same company should only apply to the same company that has obtained the electronic contact that has obtained the electronic contact details in accordance with Regulation (EU) details in accordance with Regulation (EU) 2016/679. 2016/679.
Or. en
Amendment 301 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 33
Text proposed by the Commission Amendment
(33) Safeguards should be provided to (33) Safeguards should be provided to protect end-users against unsolicited protect subscribers against unsolicited communications for direct marketing communications, including for direct purposes, which intrude into the private marketing purposes. The degree of privacy life of end-users. The degree of privacy intrusion and nuisance is considered intrusion and nuisance is considered relatively similar independently of the wide relatively similar independently of the wide range of technologies and channels used to range of technologies and channels used to conduct these electronic communications, conduct these electronic communications, whether using automated calling and whether using automated calling and communication systems, instant messaging communication systems, instant messaging applications, emails, SMS, MMS, applications, emails, SMS, MMS, Bluetooth, etc. It is therefore justified to Bluetooth, etc. It is therefore justified to require that consent of the subscriber is require that consent of the end-user is obtained before commercial electronic obtained before commercial electronic communications for direct marketing communications for direct marketing purposes are sent to subscribers in order to purposes are sent to end-users in order to effectively protect individuals against the effectively protect individuals against the intrusion into their private life as well as intrusion into their private life as well as the legitimate interest of subscribers that the legitimate interest of legal persons. are legal persons. Legal certainty and the Legal certainty and the need to ensure that need to ensure that the rules protecting the rules protecting against unsolicited against unsolicited electronic electronic communications remain future- communications remain future-proof proof justify the need to define a single set justify the need to define a single set of of rules that do not vary according to the rules that do not vary according to the technology used to convey these technology used to convey these unsolicited communications, while at the unsolicited communications, while at the same time guaranteeing an equivalent level same time guaranteeing an equivalent level of protection for all citizens throughout the of protection for all citizens throughout the Union. However, it is reasonable to allow Union. However, it is reasonable to allow the use of e-mail contact details within the the use of e-mail contact details within the context of an existing customer context of an existing customer relationship for the offering of similar relationship for the offering of similar products or services. Such possibility products or services. Such possibility should only apply to the same company should only apply to the same company that has obtained the electronic contact that has obtained the electronic contact details in accordance with Regulation (EU) details in accordance with Regulation (EU) 2016/679. 2016/679.
Or. en
Amendment 302 Cornelia Ernst
Proposal for a regulation Recital 33
Text proposed by the Commission Amendment
(33) Safeguards should be provided to (33) Safeguards should be provided to protect end-users against unsolicited protect end-users against unsolicited communications for direct marketing communications, including for direct purposes, which intrude into the private marketing purposes. The degree of privacy life of end-users. The degree of privacy intrusion and nuisance is considered intrusion and nuisance is considered relatively similar independently of the wide relatively similar independently of the wide range of technologies and channels used to range of technologies and channels used to conduct these electronic communications, conduct these electronic communications, whether using automated calling and whether using automated calling and communication systems, instant messaging communication systems, instant messaging applications, emails, SMS, MMS, applications, emails, SMS, MMS, Bluetooth, etc. It is therefore justified to Bluetooth, etc. It is therefore justified to require that consent of the end-user is require that consent of the end-user is obtained before commercial electronic obtained before commercial electronic communications for direct marketing communications for direct marketing purposes are sent to end-users in order to purposes are sent to end-users in order to effectively protect individuals against the effectively protect individuals against the intrusion into their private life as well as intrusion into their private life as well as the legitimate interest of legal persons. the legitimate interest of legal persons. Legal certainty and the need to ensure that Legal certainty and the need to ensure that the rules protecting against unsolicited the rules protecting against unsolicited electronic communications remain future- electronic communications remain future- proof justify the need to define a single set proof justify the need to define a single set of rules that do not vary according to the of rules that do not vary according to the technology used to convey these technology used to convey these unsolicited communications, while at the unsolicited communications, while at the same time guaranteeing an equivalent level same time guaranteeing an equivalent level of protection for all citizens throughout the of protection for all citizens throughout the Union. However, it is reasonable to allow Union. However, it is reasonable to allow the use of e-mail contact details within the the use of e-mail contact details within the context of an existing customer context of an existing customer relationship for the offering of similar relationship for the offering of similar products or services. Such possibility products or services. Such possibility should only apply to the same company should only apply to the same company that has obtained the electronic contact that has obtained the electronic contact details in accordance with Regulation (EU) details in accordance with Regulation (EU) 2016/679. 2016/679.
Or. en
Amendment 303 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 33
Text proposed by the Commission Amendment
(33) Safeguards should be provided to (33) Safeguards should be provided to protect end-users against unsolicited protect end-users against unsolicited communications for direct marketing communications for direct marketing purposes, which intrude into the private life purposes, which intrude into the private life of end-users. The degree of privacy of end-users. The degree of privacy intrusion and nuisance is considered intrusion and nuisance is considered relatively similar independently of the wide relatively similar independently of the wide range of technologies and channels used to range of technologies and channels used to conduct these electronic communications, conduct these electronic communications, whether using automated calling and whether using automated calling and communication systems, instant messaging communication systems, instant messaging applications, emails, SMS, MMS, applications, emails, SMS, MMS, Bluetooth, etc. It is therefore justified to Bluetooth, etc. It is therefore justified to require that consent of the end-user is require that consent of the end-user is obtained before commercial electronic obtained before commercial electronic communications for direct marketing communications for direct marketing purposes are sent to end-users in order to purposes are sent to end-users in order to effectively protect individuals against the effectively protect individuals against the intrusion into their private life as well as intrusion into their private life as well as the legitimate interest of legal persons. the legitimate interest of legal persons. Legal certainty and the need to ensure that Legal certainty and the need to ensure that the rules protecting against unsolicited the rules protecting against unsolicited electronic communications remain future- electronic communications remain future- proof justify the need to define a single set proof justify the need to define a single set of rules that do not vary according to the of rules that do not vary according to the technology used to convey these technology used to convey these unsolicited communications, while at the unsolicited communications, while at the same time guaranteeing an equivalent level same time guaranteeing an equivalent level of protection for all citizens throughout the of protection for all citizens throughout the Union. However, it is reasonable to allow Union. However, it is reasonable to allow the use of e-mail contact details within the the use of e-mail contact details within the context of an existing customer context of an existing customer relationship for the offering of similar relationship for the offering of products or products or services. Such possibility services. Such possibility should only should only apply to the same company apply to the same company that has that has obtained the electronic contact obtained the electronic contact details in details in accordance with Regulation (EU) accordance with Regulation (EU) 2016/679. 2016/679.
Or. en
Amendment 304 Anna Maria Corazza Bildt, Carlos Coelho, Damiano Zoffoli, Barbara Matera, Merja Kyllönen, Hilde Vautmans, Julie Ward, Caterina Chinnici
Proposal for a regulation Recital 33 a (new)
Text proposed by the Commission Amendment
(33 a) Regulation 2016/679 explicitly recognises the need to provide additional protection to children. This Regulation shall provide additional protection and safeguards when end-users are children, given that they may be less aware of the risks and consequences associated with the processing of their personal data. This Regulation should also grant special attention to the protection of children's privacy. When children are required to express their consent, the information provided to express the consent should be given in a clear and age-appropriate language. Profiling and behaviourally targeted advertising techniques for children should be prohibited.
Or. en
Justification
Children are vulnerable users and need additional protection against tracking and profiling. The ePrivacy Regulation should complement what the GDPR already provides in this regard.
Amendment 305 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 34
Text proposed by the Commission Amendment
(34) When end-users have provided (34) When end-users have provided their consent to receiving unsolicited their consent to receiving communications communications for direct marketing for direct marketing purposes, they should purposes, they should still be able to still be able to withdraw their consent at withdraw their consent at any time in an any time in an easy manner. To facilitate easy manner. To facilitate effective effective enforcement of Union rules on enforcement of Union rules on unsolicited unsolicited messages for direct marketing, messages for direct marketing, it is it is necessary to prohibit the masking of necessary to prohibit the masking of the the identity and the use of false identities, identity and the use of false identities, false false return addresses or numbers while return addresses or numbers while sending sending unsolicited commercial unsolicited commercial communications communications for direct marketing for direct marketing purposes. Unsolicited purposes. Unsolicited marketing marketing communications should communications should therefore be therefore be clearly recognizable as such clearly recognizable as such and should and should indicate the identity of the legal indicate the identity of the legal or the or the natural person transmitting the natural person transmitting the communication or on behalf of whom the communication or on behalf of whom the communication is transmitted and provide communication is transmitted and provide the necessary information for recipients to the necessary information for recipients to exercise their right to oppose to receiving exercise their right to oppose to receiving further written and/or oral marketing further written and/or oral marketing messages. messages.
Or. en
Amendment 306 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 34
Text proposed by the Commission Amendment
(34) When end-users have provided (34) When subscribers have provided their consent to receiving unsolicited their consent to receiving unsolicited communications for direct marketing communications for direct marketing purposes, they should still be able to purposes, they should still be able to withdraw their consent at any time in an withdraw their consent at any time in an easy manner. To facilitate effective easy manner. To facilitate effective enforcement of Union rules on unsolicited enforcement of Union rules on unsolicited messages for direct marketing, it is messages for direct marketing, it is necessary to prohibit the masking of the necessary to prohibit the masking of the identity and the use of false identities, false identity and the use of false identities, false return addresses or numbers while sending return addresses or numbers while sending unsolicited commercial communications unsolicited commercial communications for direct marketing purposes. Unsolicited for direct marketing purposes. Unsolicited marketing communications should marketing communications should therefore be clearly recognizable as such therefore be clearly recognizable as such and should indicate the identity of the legal and should indicate the identity of the legal or the natural person transmitting the or the natural person transmitting the communication or on behalf of whom the communication or on behalf of whom the communication is transmitted and provide communication is transmitted and provide the necessary information for recipients to the necessary information for recipients to exercise their right to oppose to receiving exercise their right to oppose to receiving further written and/or oral marketing further written and/or oral marketing messages. messages.
Or. en
Amendment 307 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 35
Text proposed by the Commission Amendment
(35) In order to allow easy withdrawal (35) In order to allow easy withdrawal of consent, legal or natural persons of consent, legal or natural persons conducting direct marketing conducting direct marketing communications by email should present a communications by email should present a link, or a valid electronic mail address, link, or a valid electronic mail address, which can be easily used by end-users to which can be easily used by end-users to withdraw their consent. Legal or natural withdraw their consent. Legal or natural persons conducting direct marketing persons conducting direct marketing communications through voice-to-voice communications through voice-to-voice calls and through calls by automating calls and through calls by automating calling and communication systems should calling and communication systems should display their identity line on which the display their identity line on which the company can be called or present a company can be called. specific code identifying the fact that the call is a marketing call.
Or. en
Amendment 308 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 35
Text proposed by the Commission Amendment
(35) In order to allow easy withdrawal (35) In order to allow easy withdrawal of consent, legal or natural persons of consent, legal or natural persons conducting direct marketing conducting direct marketing communications by email should present a communications by email should present a link, or a valid electronic mail address, link, or a valid electronic mail address, which can be easily used by end-users to which can be easily used by end-users to withdraw their consent. Legal or natural withdraw their consent. Legal or natural persons conducting direct marketing persons conducting direct marketing communications through voice-to-voice communications through voice-to-voice calls and through calls by automating calls and through calls by automating calling and communication systems should calling and communication systems should display their identity line on which the display their identity line on which the company can be called or present a company can be called. specific code identifying the fact that the call is a marketing call.
Or. en
Amendment 309 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 35
Text proposed by the Commission Amendment
(35) In order to allow easy withdrawal (35) In order to allow easy withdrawal of consent, legal or natural persons of consent, legal or natural persons conducting direct marketing conducting direct marketing communications by email should present a communications by email should present a link, or a valid electronic mail address, link, or a valid electronic mail address, which can be easily used by end-users to which can be easily used by subscribers to withdraw their consent. Legal or natural withdraw their consent. Legal or natural persons conducting direct marketing persons conducting direct marketing communications through voice-to-voice communications through voice-to-voice calls and through calls by automating calls and through calls by automating calling and communication systems should calling and communication systems should display their identity line on which the display their identity line on which the company can be called or present a specific company can be called and present a code identifying the fact that the call is a specific code identifying the fact that the marketing call. call is a marketing call.
Or. en
Amendment 310 Anna Maria Corazza Bildt
Proposal for a regulation Recital 35
Text proposed by the Commission Amendment
(35) In order to allow easy withdrawal (35) In order to allow easy withdrawal of consent, legal or natural persons of consent, legal or natural persons conducting direct marketing conducting direct marketing communications by email should present a communications by email should present a link, or a valid electronic mail address, link, or a valid electronic mail address, which can be easily used by end-users to which can be easily used by consumers to withdraw their consent. Legal or natural withdraw their consent. Natural persons persons conducting direct marketing conducting direct marketing communications through voice-to-voice communications through voice-to-voice calls and through calls by automating calls and through calls by automating calling and communication systems should calling and communication systems should display their identity line on which the display their identity line on which the company can be called or present a specific company can be called or present a specific code identifying the fact that the call is a code identifying the fact that the call is a marketing call. marketing call.
Or. en
Amendment 311 Cornelia Ernst
Proposal for a regulation Recital 36
Text proposed by the Commission Amendment
(36) Voice-to-voice direct marketing deleted calls that do not involve the use of automated calling and communication systems, given that they are more costly for the sender and impose no financial costs on end-users. Member States should therefore be able to establish and or maintain national systems only allowing such calls to end-users who have not objected.
Or. en
Amendment 312 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Recital 36
Text proposed by the Commission Amendment
(36) Voice-to-voice direct marketing deleted calls that do not involve the use of automated calling and communication systems, given that they are more costly for the sender and impose no financial costs on end-users. Member States should therefore be able to establish and or maintain national systems only allowing such calls to end-users who have not objected.
Or. en
Justification
This should not be left to Member States, in order to avoid fragmentation of the Digital Single Market.
Amendment 313 Sophia in 't Veld
Proposal for a regulation Recital 36
Text proposed by the Commission Amendment
(36) Voice-to-voice direct marketing (36) Voice-to-voice direct marketing calls that do not involve the use of calls that do not involve the use of automated calling and communication automated calling and communication systems, given that they are more costly systems should be allowed only if the end- for the sender and impose no financial user has not objected. To this end, costs on end-users. Member States should Member States should ensure that an therefore be able to establish and or effective Do Not Call register is in place. maintain national systems only allowing The service providers enabling marketing such calls to end-users who have not calls should offer new subscribers the objected. choice between accepting marketing calls with the designated prefix and having such calls automatically blocked by the service provider.
Or. en
Amendment 314 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 37
Text proposed by the Commission Amendment
(37) Service providers who offer (37) Service providers who offer electronic communications services should electronic communications services shall inform end- users of measures they can comply with the security obligations take to protect the security of their prescribed in Article 32 of Regulation communications for instance by using (EU) 2016/679. specific types of software or encryption technologies. The requirement to inform end-users of particular security risks does not discharge a service provider from the obligation to take, at its own costs, appropriate and immediate measures to remedy any new, unforeseen security risks and restore the normal security level of the service. The provision of information about security risks to the subscriber should be free of charge. Security is appraised in the light of Article 32 of Regulation (EU) 2016/679.
Or. en
Amendment 315 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Recital 37
Text proposed by the Commission Amendment
(37) Service providers who offer (37) Service providers who offer electronic communications services electronic communication services shall should inform end- users of measures comply with security obligations as they can take to protect the security of prescribed in Article 32 of Regulation their communications for instance by (EU) 2016/679 and Article 40 of using specific types of software or [European Electronic Communications encryption technologies. The requirement Code]. to inform end-users of particular security risks does not discharge a service provider from the obligation to take, at its own costs, appropriate and immediate measures to remedy any new, unforeseen security risks and restore the normal security level of the service. The provision of information about security risks to the subscriber should be free of charge. Security is appraised in the light of Article 32 of Regulation (EU) 2016/679.
Or. en
Amendment 316 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 37
Text proposed by the Commission Amendment
(37) Service providers who offer (37) Service providers who offer electronic communications services should electronic communications services should inform end- users of measures they can process electronic communications data take to protect the security of their in such a way as to prevent unauthorised communications for instance by using processing, including access, disclosure specific types of software or encryption or alteration. They should ensure that technologies. The requirement to inform such unauthorised access, disclosure or end-users of particular security risks does alteration can be detected, and also not discharge a service provider from the ensure that electronic communications obligation to take, at its own costs, data are protected by using state-of the art appropriate and immediate measures to software and encryption technologies. remedy any new, unforeseen security risks Service providers should also inform and restore the normal security level of the subscribers of measures they can take to service. The provision of information about protect their anonymity and the security of security risks to the subscriber should be their communications for instance by using free of charge. Security is appraised in the specific types of software or encryption light of Article 32 of Regulation (EU) technologies. The requirement to inform 2016/679. subscribers of particular security risks does not discharge a service provider from the obligation to take, at its own costs, appropriate and immediate measures to remedy any new, unforeseen security risks and restore the normal security level of the service. The provision of information about security risks to the subscriber should be free of charge. Security is appraised in the light of Article 32 of Regulation (EU) 2016/679. Or. en
Justification
Based on LIBE AM 36 Rapporteur
Amendment 317 Cornelia Ernst
Proposal for a regulation Recital 37
Text proposed by the Commission Amendment
(37) Service providers who offer (37) Service providers who offer electronic communications services should electronic communications services should inform end- users of measures they can process electronic communications data take to protect the security of their in such a way as to prevent unauthorised communications for instance by using processing, including access, disclosure specific types of software or encryption or alteration. They should ensure that technologies. The requirement to inform such unauthorised access, disclosure or end-users of particular security risks does alteration can be detected, and also not discharge a service provider from the ensure that electronic communications obligation to take, at its own costs, data are protected by using state of the appropriate and immediate measures to art technologies. Service providers should remedy any new, unforeseen security risks also inform end-users of measures they and restore the normal security level of the can take to protect the security of their service. The provision of information about communications for instance by using security risks to the subscriber should be specific types of software or encryption free of charge. Security is appraised in the technologies. The requirement to light of Article 32 of Regulation (EU) inform end-users of particular security 2016/679. risks does not discharge a service provider from the obligation to take, at its own costs, appropriate and immediate measures to remedy any new, unforeseen security risks and restore the normal security level of the service. The provision of information about security risks to the subscriber should be free of charge. Security is appraised in the light of Article 32 of Regulation (EU) 2016/679.
Or. en
Amendment 318 Brice Hortefeux, Rachida Dati
Proposal for a regulation Recital 37
Text proposed by the Commission Amendment
(37) Service providers who offer (37) Service providers who offer electronic communications services should electronic communications services should inform end- users of measures they can inform end- users of measures they can take to protect the security of their take to protect the security of their communications for instance by using communications for instance by using specific types of software or encryption specific types of software or encryption technologies. The requirement to inform technologies. Security is appraised in the end-users of particular security risks does light of Article 32 of Regulation (EU) not discharge a service provider from the 2016/679. obligation to take, at its own costs, appropriate and immediate measures to remedy any new, unforeseen security risks and restore the normal security level of the service. The provision of information about security risks to the subscriber should be free of charge. Security is appraised in the light of Article 32 of Regulation (EU) 2016/679.
Or. en
Amendment 319 Maria Grapini
Proposal for a regulation Recital 37
Text proposed by the Commission Amendment
(37) Furnizorii de servicii care oferă (37) Furnizorii de servicii care oferă servicii de comunicații electronice ar trebui servicii de comunicații electronice ar trebui să îi informeze pe utilizatorii finali cu să preîntâmpine distrugerea, blocarea, privire la măsurile pe care le pot lua pentru copierea şi raspândirea datelor și să îi protejarea securității comunicațiilor lor, de informeze pe utilizatorii finali cu privire la exemplu prin utilizarea unor tipuri măsurile pe care le pot lua pentru specifice de software sau a unor tehnologii protejarea securității comunicațiilor lor, de de criptare. Cerința de a informa utilizatorii exemplu prin utilizarea unor tipuri finali despre un anumit risc legat de specifice de software sau a unor tehnologii securitatea comunicațiilor nu îl scutește pe de criptare. Cerința de a informa utilizatorii furnizorul serviciilor de obligația de a lua, finali despre un anumit risc legat de pe cheltuială proprie, măsurile necesare securitatea comunicațiilor nu îl scutește pe imediate pentru a combate orice risc nou și furnizorul serviciilor de obligația de a lua, neprevăzut și de a restabili nivelul normal pe cheltuială proprie, măsurile necesare de securitate al serviciilor. Informarea imediate pentru a combate orice risc nou și abonaților cu privire la riscurile legate de neprevăzut și de a restabili nivelul normal securitatea comunicațiilor ar trebui să fie de securitate al serviciilor. Informarea gratuită. Securitatea este evaluată în abonaților cu privire la riscurile legate de conformitate cu articolul 32 din securitatea comunicațiilor ar trebui să fie Regulamentul (UE) 2016/679. gratuită. Securitatea este evaluată în conformitate cu articolul 32 din Regulamentul (UE) 2016/679.
Or. ro
Amendment 320 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 38
Text proposed by the Commission Amendment
(38) To ensure full consistency with (38) The enforcement of the provisions Regulation (EU) 2016/679, the of this Regulation should be entrusted to enforcement of the provisions of this the same authorities responsible for the Regulation should be entrusted to the same enforcement of the provisions Regulation authorities responsible for the enforcement (EU) 2016/679, and this Regulation relies of the provisions Regulation (EU) on the consistency mechanism of 2016/679 and this Regulation relies on the Regulation (EU) 2016/679. Member States consistency mechanism of Regulation (EU) should be able to have more than one 2016/679. Member States should be able to supervisory authority, to reflect their have more than one supervisory authority, constitutional, organisational and to reflect their constitutional, administrative structure. The supervisory organisational and administrative structure. authorities should also be responsible for The supervisory authorities should also be monitoring the application of this responsible for monitoring the application Regulation regarding electronic of this Regulation regarding electronic communications data for legal entities. communications data for legal entities. Such additional tasks should not jeopardise Such additional tasks should not jeopardise the ability of the supervisory authority to the ability of the supervisory authority to perform its tasks regarding the protection perform its tasks regarding the protection of personal data under Regulation (EU) of personal data under Regulation (EU) 2016/679 and this Regulation. Each 2016/679 and this Regulation. Each supervisory authority should be provided supervisory authority should be provided with the additional financial and human with the additional financial and human resources, premises and infrastructure resources, premises and infrastructure necessary for the effective performance of necessary for the effective performance of the tasks under this Regulation. the tasks under this Regulation.
Or. en Justification
The GDPR and the ePrivacy Regulation are similar and closely related, but also different.
Amendment 321 Cornelia Ernst
Proposal for a regulation Recital 41
Text proposed by the Commission Amendment
(41) In order to fulfil the objectives of (41) The power to adopt acts in this Regulation, namely to protect the accordance with Article 290 of the Treaty fundamental rights and freedoms of should be delegated to the Commission to natural persons and in particular their supplement this Regulation. It is of right to the protection of personal data particular importance that the Commission and to ensure the free movement of carries out appropriate consultations and personal data within the Union, the power that those consultations be conducted in to adopt acts in accordance with Article accordance with the principles laid down in 290 of the Treaty should be delegated to the Interinstitutional Agreement on Better the Commission to supplement this Law-Making of 13 April 201625 . In Regulation. In particular, delegated acts particular, to ensure equal participation in should be adopted in respect of the the preparation of delegated acts, the information to be presented, including by European Parliament and the Council means of standardised icons in order to receive all documents at the same time as give an easily visible and intelligible Member States' experts, and their experts overview of the collection of information systematically have access to meetings of emitted by terminal equipment, its Commission expert groups dealing with the purpose, the person responsible for it and preparation of delegated acts. Furthermore, of any measure the end-user of the in order to ensure uniform conditions for terminal equipment can take to minimise the implementation of this Regulation, the collection. Delegated acts are also implementing powers should be conferred necessary to specify a code to identify on the Commission when provided for by direct marketing calls including those this Regulation. Those powers should be made through automated calling and exercised in accordance with Regulation communication systems. It is of particular (EU) No 182/2011. importance that the Commission carries out appropriate consultations and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement on Better Law-Making of 13 April 201625 . In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States' experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts. Furthermore, in order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission when provided for by this Regulation. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. ______25 Interinstitutional Agreement between the 25 Interinstitutional Agreement between the European Parliament, the Council of the European Parliament, the Council of the European Union and the European European Union and the European Commission on Better Law-Making of 13 Commission on Better Law-Making of 13 April 2016 (OJ L 123, 12.5.2016, p. 1–14). April 2016 (OJ L 123, 12.5.2016, p. 1–14).
Or. en
Amendment 322 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Recital 41
Text proposed by the Commission Amendment
(41) In order to fulfil the objectives of (41) In order to fulfil the objectives of this Regulation, namely to protect the this Regulation, namely to protect the fundamental rights and freedoms of natural fundamental rights and freedoms of natural persons and in particular their right to the persons and in particular their right to the protection of personal data and to ensure protection of personal data and to ensure the free movement of personal data within the free movement of personal data within the Union, the power to adopt acts in the Union, the power to adopt acts in accordance with Article 290 of the Treaty accordance with Article 290 of the Treaty should be delegated to the Commission to should be delegated to the Commission to supplement this Regulation. In particular, supplement this Regulation. It is of delegated acts should be adopted in particular importance that the Commission respect of the information to be presented, carries out appropriate consultations and including by means of standardised icons that those consultations be conducted in in order to give an easily visible and accordance with the principles laid down in intelligible overview of the collection of the Interinstitutional Agreement on Better information emitted by terminal Law-Making of 13 April 201625. In equipment, its purpose, the person particular, to ensure equal participation in responsible for it and of any measure the the preparation of delegated acts, the end-user of the terminal equipment can European Parliament and the Council take to minimise the collection. Delegated receive all documents at the same time as acts are also necessary to specify a code to Member States' experts, and their experts identify direct marketing calls including systematically have access to meetings of those made through automated calling Commission expert groups dealing with the and communication systems. It is of preparation of delegated acts. Furthermore, particular importance that the Commission in order to ensure uniform conditions for carries out appropriate consultations and the implementation of this Regulation, that those consultations be conducted in implementing powers should be conferred accordance with the principles laid down in on the Commission when provided for by the Interinstitutional Agreement on Better this Regulation. Those powers should be Law-Making of 13 April 201625 . In exercised in accordance with Regulation particular, to ensure equal participation in (EU) No 182/2011. the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States' experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts. Furthermore, in order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission when provided for by this Regulation. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. ______25 Interinstitutional Agreement between the 25 Interinstitutional Agreement between the European Parliament, the Council of the European Parliament, the Council of the European Union and the European European Union and the European Commission on Better Law-Making of 13 Commission on Better Law-Making of 13 April 2016 (OJ L 123, 12.5.2016, p. 1–14). April 2016 (OJ L 123, 12.5.2016, p. 1–14).
Or. en
Amendment 323 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Recital 41
Text proposed by the Commission Amendment
(41) In order to fulfil the objectives of (41) Implementing powers should be this Regulation, namely to protect the conferred on the Commission to specify a fundamental rights and freedoms of code to identify direct marketing calls natural persons and in particular their including those made through automated right to the protection of personal data calling and communication systems. and to ensure the free movement of Furthermore, implementing powers personal data within the Union, the power should be conferred on the Commission to adopt acts in accordance with Article with regard to the establishment of 290 of the Treaty should be delegated to procedures and the circumstances where the Commission to supplement this providers of publicly available number- Regulation. In particular, delegated acts based interpersonal communication should be adopted in respect of the services shall override the elimination of information to be presented, including by the presentation of the calling line means of standardised icons in order to identification on a temporary basis, where give an easily visible and intelligible users or subscribers request the tracing of overview of the collection of information malicious or nuisance calls. Those powers emitted by terminal equipment, its should be exercised in accordance with purpose, the person responsible for it and Regulation (EU) No 182/2011. It is of of any measure the end-user of the particular importance that the Commission terminal equipment can take to minimise carries out appropriate consultations and the collection. Delegated acts are also that those consultations be conducted in necessary to specify a code to identify accordance with the principles laid down in direct marketing calls including those the Interinstitutional Agreement on Better made through automated calling and Law-Making of 13 April 2016. In communication systems. It is of particular particular, to ensure equal participation in importance that the Commission carries out the preparation of implementing measures, appropriate consultations and that those the European Parliament and the Council consultations be conducted in accordance receive all documents at the same time as with the principles laid down in the Member States' experts, and their experts Interinstitutional Agreement on Better systematically have access to meetings of Law-Making of 13 April 201625 . In Commission expert groups dealing with the particular, to ensure equal participation in preparation of delegated acts. the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States' experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts. Furthermore, in order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission when provided for by this Regulation. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. ______25 Interinstitutional Agreement between the European Parliament, the Council of the European Union and the European Commission on Better Law-Making of 13 April 2016 (OJ L 123, 12.5.2016, p. 1–14).
Or. en Justification
Editing mistake in the COM proposal - this is done by an implementing measure in Article 16(7).
Amendment 324 Heinz K. Becker
Proposal for a regulation Recital 42
Text proposed by the Commission Amendment
(42) Da das Ziel dieser Verordnung, (42) Da das Ziel dieser Verordnung, nämlich die Gewährleistung eines nämlich die Gewährleistung eines gleichwertigen Datenschutzniveaus für gleichwertigen Datenschutzniveaus für natürliche und juristische Personen und natürliche Personen und des freien des freien Verkehrs elektronischer Verkehrs elektronischer Kommunikationsdaten in der Union, von Kommunikationsdaten in der Union, von den Mitgliedstaaten nicht ausreichend den Mitgliedstaaten nicht ausreichend verwirklicht werden kann, sondern verwirklicht werden kann, sondern vielmehr wegen des Umfangs oder der vielmehr wegen des Umfangs oder der Wirkungen der Maßnahme auf Wirkungen der Maßnahme auf Unionsebene besser zu verwirklichen ist, Unionsebene besser zu verwirklichen ist, kann die Union im Einklang mit dem in kann die Union im Einklang mit dem in Artikel 5 des Vertrags über die Artikel 5 des Vertrags über die Europäische Union verankerten Europäische Union verankerten Subsidiaritätsprinzip tätig werden. Subsidiaritätsprinzip tätig werden. Entsprechend dem in demselben Artikel Entsprechend dem in demselben Artikel genannten Grundsatz der genannten Grundsatz der Verhältnismäßigkeit geht diese Verhältnismäßigkeit geht diese Verordnung nicht über das für die Verordnung nicht über das für die Verwirklichung dieses Ziels erforderliche Verwirklichung dieses Ziels erforderliche Maß hinaus. Maß hinaus.
Or. de
Amendment 325 Daniel Dalton, John Procter
Proposal for a regulation Article 1 – paragraph 1
Text proposed by the Commission Amendment
1. This Regulation lays down rules 1. This Regulation lays down rules regarding the protection of fundamental regarding the protection of fundamental rights and freedoms of natural and legal rights and freedoms of natural persons in persons in the provision and use of the provision and use of electronic electronic communications services, and in communications services, and in particular, particular, the rights to respect for private the rights to respect for private life and life and communications and the protection communications and the protection of of natural persons with regard to the natural persons with regard to the processing of personal data. processing of personal data.
Or. en
Amendment 326 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi, Anna Maria Corazza Bildt
Proposal for a regulation Article 1 – paragraph 2
Text proposed by the Commission Amendment
2. This Regulation ensures free 2. This Regulation ensures, in movement of electronic communications accordance with Regulation (EU) No data and electronic communications 2016/679, free movement of electronic services within the Union, which shall be communications data and electronic neither restricted nor prohibited for reasons communications services within the Union, related to the respect for the private life which shall be neither restricted nor and communications of natural and legal prohibited for reasons related to the respect persons and the protection of natural for the private life and communications of persons with regard to the processing of natural persons and the protection of personal data. natural persons with regard to the processing of personal data.
Or. en
Justification
The deletion is necessary in order to synchronise this regulation with Regulation (EU) No 2016/679, which the legislature wishes to do. Regulation (EU) No 2016/679 applies only to ‘natural persons’, so the extension of the scope proposed here would turn this regulation into lex specialis. Moreover, it has also not been clearly established who is to give consent on behalf of legal persons.
Amendment 327 Daniel Dalton, John Procter
Proposal for a regulation Article 1 – paragraph 2
Text proposed by the Commission Amendment
2. This Regulation ensures free 2. This Regulation ensures, in movement of electronic communications accordance with Regulation (EU) No data and electronic communications 2016/679, free movement of electronic services within the Union, which shall be communications data and electronic neither restricted nor prohibited for reasons communications services within the Union, related to the respect for the private life which shall be neither restricted nor and communications of natural and legal prohibited for reasons related to the respect persons and the protection of natural for the private life and communications of persons with regard to the processing of natural and the protection of natural personal data. persons with regard to the processing of personal data.
Or. en
Amendment 328 Anna Maria Corazza Bildt
Proposal for a regulation Article 1 – paragraph 2
Text proposed by the Commission Amendment
2. This Regulation ensures free 2. This Regulation ensures free movement of electronic communications movement of electronic communications data and electronic communications data and electronic communications services within the Union, which shall be services within the Union, which shall be neither restricted nor prohibited for reasons neither restricted nor prohibited for reasons related to the respect for the private life related to the respect for the private life and communications of natural and legal and communications of natural persons and persons and the protection of natural the protection of natural persons with persons with regard to the processing of regard to the processing of personal data. personal data.
Or. en
Amendment 329 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 1 – paragraph 3
Text proposed by the Commission Amendment
3. The provisions of this Regulation deleted particularise and complement Regulation (EU) 2016/679 by laying down specific rules for the purposes mentioned in paragraphs 1 and 2.
Or. en
Justification
Article 1(3) stipulates that this regulation particularises and complements Regulation (EU) No 2016/679 by laying down specific rules. This turns this regulation into ‘lex specialis’ in relation to the GDPR. This regulation should not be used to correct Regulation (EU) No 2016/679.
Amendment 330 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 1 – paragraph 3
Text proposed by the Commission Amendment
3. The provisions of this Regulation deleted particularise and complement Regulation (EU) 2016/679 by laying down specific rules for the purposes mentioned in paragraphs 1 and 2.
Or. en
Amendment 331 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 1 – paragraph 3
Text proposed by the Commission Amendment
3. The provisions of this Regulation 3. The provisions of this Regulation particularise and complement Regulation complement Regulation (EU) 2016/679 by (EU) 2016/679 by laying down specific laying down specific rules for the purposes rules for the purposes mentioned in mentioned in paragraphs 1 and 2. paragraphs 1 and 2.
Or. en
European Parliament 2014-2019
Committee on Civil Liberties, Justice and Home Affairs
2017/0003(COD)
14.7.2017
AMENDMENTS 332 - 705
Draft report Marju Lauristin (PE606.011v01-00)
Respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)
Proposal for a regulation (COM(2017)0010 – C8-0009/2017 – 2017/0003(COD)) AM_Com_LegReport Amendment 332 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 2 – paragraph 1
Text proposed by the Commission Amendment
1. This Regulation applies to the 1. This Regulation applies to: processing of electronic communications data carried out in connection with the provision and the use of electronic communications services and to information related to the terminal equipment of end-users.
Or. en
Justification
Moved substantial elements here from Art. 3(1), as they is not about the territorial scope.
Amendment 333 Monica Macovei, Tomáš Zdechovský, Barbara Spinelli
Proposal for a regulation Article 2 – paragraph 1
Text proposed by the Commission Amendment
1. This Regulation applies to the 1. This Regulation applies to the processing of electronic communications processing of electronic communications data carried out in connection with the data carried out in connection with the provision and the use of electronic provision and the use of electronic communications services and to communications services and to information related to the terminal information related to the terminal equipment of end-users. equipment of end-users regardless of whether a payment is required by the user.
Or. en
Amendment 334 Daniel Dalton, John Procter
Proposal for a regulation Article 2 – paragraph 1
Text proposed by the Commission Amendment
1. This Regulation applies to the 1. This Regulation applies to the processing of electronic communications processing of electronic communications data carried out in connection with the data carried out in connection with the provision and the use of electronic provision and the use of electronic communications services and to communications services. information related to the terminal equipment of end-users.
Or. en
Amendment 335 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 2 – paragraph 1
Text proposed by the Commission Amendment
1. This Regulation applies to the 1. This Regulation applies to the processing of electronic communications processing of electronic communications data carried out in connection with the data carried out in connection with the provision and the use of electronic provision and the use of electronic communications services and to communications services. information related to the terminal equipment of end-users.
Or. en
Justification
Article 1(3) stipulates that this regulation particularises and complements Regulation (EU) No 2016/679 by laying down specific rules. This turns this regulation into ‘lex specialis’ in relation to the GDPR. This regulation should not be used to correct Regulation (EU) No 2016/679.
Amendment 336 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 2 – paragraph 1 – point a (new)
Text proposed by the Commission Amendment
(a) the processing of electronic communications data carried out in connection with the provision and the use of electronic communications services, irrespective of whether a payment is required;
Or. en
Amendment 337 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 2 – paragraph 1 – point b (new)
Text proposed by the Commission Amendment
(b) the processing of information related to or processed by the terminal equipment of end-users;
Or. en
Amendment 338 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 2 – paragraph 1 – point c (new)
Text proposed by the Commission Amendment
(c) the placing on the market of hardware and software permitting electronic communications by users and subscribers, including the retrieval and presentation of information on the Internet;
Or. en
Amendment 339 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 2 – paragraph 1 – point d (new)
Text proposed by the Commission Amendment
(d) the provision of publicly available directories of subscribers of electronic communication;
Or. en
Amendment 340 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 2 – paragraph 1 – point e (new)
Text proposed by the Commission Amendment
(e) the sending of direct marketing commercial electronic communications to end-users.
Or. en
Amendment 341 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 2 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) electronic communications services (c) electronic communications services which are not publicly available; which are intended for closed groups or are not publicly available pursuant to Article 2 (2) (c) of Regulation (EU) No 2016/679;
Or. en
Amendment 342 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 2 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) electronic communications services (c) electronic communications services which are not publicly available; which are not publicly available pursuant to Article 2(2)(c) of Regulation (EU) No 2016/679;
Or. en
Justification
The household exemption introduced by Article 2(2)(c) of Regulation (EU) No 2016/679 should also apply to this regulation.
Amendment 343 Cornelia Ernst
Proposal for a regulation Article 2 – paragraph 3
Text proposed by the Commission Amendment
3. The processing of electronic 3. The processing of personal data by communications data by the Union the Union institutions, bodies, offices and institutions, bodies, offices and agencies is agencies is governed by Regulation (EU) governed by Regulation (EU) 00/0000 00/0000 [new Regulation replacing [new Regulation replacing Regulation Regulation 45/2001]. This Regulation 45/2001]. complements and particularizes Regulation (EU) 00/0000 [new Regulation replacing Regulation 45/2001with regard to the confidentiality of electronic communication services.
Or. en
Amendment 344 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 2 – paragraph 3
Text proposed by the Commission Amendment
3. The processing of electronic 3. The processing of electronic communications data by the Union communications data by the Union institutions, bodies, offices and agencies is institutions, bodies, offices and agencies governed by Regulation (EU) 00/0000 insofar as they are not publicly available [new Regulation replacing Regulation and not originating or having as 45/2001]. destination publicly available communications services, is governed by Regulation (EU) 00/0000 [new Regulation replacing Regulation 45/2001].
Or. en
Amendment 345 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. This Regulation applies to: 1. This Regulation applies to the activities referred to in Article 2 where the user or subscriber is in the Union, where the communications services, hardware, software, directories, or direct marketing commercial electronic communications are provided from the territory of the Union, or where the the processing of information related to or processed by the terminal equipment of users or subscribers takes place in the Union.
Or. en
Amendment 346 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) the provision of electronic deleted communications services to end-users in the Union, irrespective of whether a payment of the end-user is required;
Or. en
Amendment 347 Daniel Dalton, John Procter
Proposal for a regulation Article 3 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) the provision of electronic (a) the offering of electronic communications services to end-users in communications services to end-users in the Union, irrespective of whether a the Union, irrespective of whether a payment of the end-user is required; payment of the end-user is required;
Or. en
Amendment 348 Anna Maria Corazza Bildt
Proposal for a regulation Article 3 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) the provision of electronic (a) the offering of electronic communications services to end-users in communications services to end-users in the Union, irrespective of whether a the Union, irrespective of whether a payment of the end-user is required; payment of the end-user is required;
Or. en
Amendment 349 Cornelia Ernst
Proposal for a regulation Article 3 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) the provision of electronic (a) the provision of electronic communications services to end-users in communications services to end-users in the Union, irrespective of whether a the Union, irrespective of whether the payment of the end-user is required; provider is located inside the EU, and irrespective of whether a payment of the end-user is required;
Or. en
Amendment 350 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) the use of such services; deleted
Or. en
Amendment 351 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) the protection of information deleted related to the terminal equipment of end- users located in the Union.
Or. en
Amendment 352 Cornelia Ernst
Proposal for a regulation Article 3 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) the protection of information (c) the protection of information related to the terminal equipment of end- related to or processed by the terminal users located in the Union. equipment of end-users located in the Union.
Or. en
Amendment 353 Daniel Dalton, John Procter
Proposal for a regulation Article 3 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) the protection of information (c) the protection of information related to the terminal equipment of end- related to the terminal equipment of end- users located in the Union. users placed on the market in the Union.
Or. en
Amendment 354 Monica Macovei, Tomáš Zdechovský
Proposal for a regulation Article 3 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) the protection of information (c) the protection of information related to the terminal equipment of end- related to the terminal equipment of end- users located in the Union. users in the Union.
Or. en
Amendment 355 Sophia in 't Veld
Proposal for a regulation Article 3 – paragraph 2
Text proposed by the Commission Amendment
2. Where the provider of an electronic 2. Where the provider of an electronic communications service is not established communications service, publicly available in the Union it shall designate in writing a directory, software provider permitting representative in the Union. electronic communications, or person sending commercial direct marketing communications or collecting information related to or stored in end-users' terminal equipment, whenever their activities are targeted to users in the EU, is not established in the Union it shall designate in writing a representative in the Union.
Or. en
Amendment 356 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 2
Text proposed by the Commission Amendment
2. Where the provider of an electronic 2. Where the provider of an electronic communications service is not established communications service, of publicly in the Union it shall designate in writing a available directories, of hardware of representative in the Union. software permitting electronic communications, or the person sending direct marketing commercial communications, or the person processing information related to or processed by the terminal equipment of users or subscribers is not established in the Union, it shall designate in writing a representative in the Union.
Or. en
Amendment 357 Daniel Dalton, John Procter
Proposal for a regulation Article 3 – paragraph 2
Text proposed by the Commission Amendment
2. Where the provider of an electronic 2. Where the provider of an electronic communications service is not established communications service is not established in the Union it shall designate in writing a in the Union the party identified pursuant representative in the Union. to Article 27 of Regulation (EU) No 2016/679 shall act as its representative in the Union.
Or. en
Amendment 358 Axel Voss, Heinz K. Becker, Rachida Dati, Elissavet Vozemberg-Vrionidi, Anna Maria Corazza Bildt, Brice Hortefeux
Proposal for a regulation Article 3 – paragraph 2
Text proposed by the Commission Amendment
2. Where the provider of an electronic 2. Where the provider of an electronic communications service is not established communications service is not established in the Union it shall designate in writing a in the Union, Article 27 of Regulation representative in the Union. (EU) No 2016/679 shall apply.
Or. en
Justification
Article 27 of Regulation (EU) No 2016/679 stipulates how representatives of controllers or processors not established in the Union are to be treated. The more specific provisions in this proposal extend Article 27 of Regulation (EU) No 2016/679.
Amendment 359 Daniel Dalton, John Procter
Proposal for a regulation Article 3 – paragraph 3
Text proposed by the Commission Amendment
3. The representative shall be deleted established in one of the Member States where the end-users of such electronic communications services are located.
Or. en
Amendment 360 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 3
Text proposed by the Commission Amendment
3. The representative shall be 3. The representative shall be established in one of the Member States established in one of the Member States where the end-users of such electronic where the users or subscribers of such communications services are located. electronic communications services are located.
Or. en
Amendment 361 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 4
Text proposed by the Commission Amendment
4. The representative shall have the 4. The representative shall have the power to answer questions and provide power to answer questions and provide information in addition to or instead of the information in addition to or instead of the provider it represents, in particular, to provider it represents, in particular, to supervisory authorities, and end-users, on supervisory authorities, users, and all issues related to processing electronic subscribers, on all issues related to the communications data for the purposes of activities referred to in Article 2 for the ensuring compliance with this Regulation. purposes of ensuring compliance with this Regulation.
Or. en
Amendment 362 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 3 – paragraph 5
Text proposed by the Commission Amendment
5. The designation of a representative 5. The designation of a representative pursuant to paragraph 2 shall be without pursuant to paragraph 2 shall be without prejudice to legal actions, which could be prejudice to legal actions, which could be initiated against a natural or legal person initiated against a natural or legal person who processes electronic communications who undertake the activities referred to in data in connection with the provision of Article 2 from outside the Union. electronic communications services from outside the Union to end-users in the Union.
Or. en
Amendment 363 Monica Macovei, Tomáš Zdechovský
Proposal for a regulation Article 3 a (new)
Text proposed by the Commission Amendment
Article 3 a Applicable law in the online environment 1. To the extent that Regulation (EU) 2016/679 or this Regulation allows Member States to regulate the processing of personal data or electronic communications data, in their domestic laws, the relevant national law provisions shall apply to: (a) the processing of personal data or electronic communications data in the context of the activities of an establishment of a controller, processor or a provider of an electronic communications service or network established in the Member State in question; or (b) the processing of personal data or electronic communications data by a controller, processor or a provider of an electronic communications service or network not established in the Union , offering goods or services in that Member State or monitoring the behaviour of data subjects in that Member State; 2. The relevant national law provisions as set out in point 1 of this Article do not apply to the processing of personal data or electronic communications data in the context of the activities of an establishment of a controller, processor or a provider of an electronic communications service or network established in another Member State, who shall instead only be subject to the relevant national law provisions of that other Member State.
Or. en
Amendment 364 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) the definitions of ‘electronic (b) the definition of 'call' in point (21) communications network’, ‘electronic of Article 2 of [Directive establishing the communications service’, ‘interpersonal European Electronic Communications communications service’, ‘number-based Code]; interpersonal communications service’, ‘number-independent interpersonal communications service’, ‘end-user’ and ‘call’ in points (1), (4), (5), (6), (7), (14) and (21) respectively of Article 2 of [Directive establishing the European Electronic Communications Code];
Or. en
Amendment 365 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) the definitions of ‘electronic (b) the definition of 'call' in point (21) communications network’, ‘electronic of Article 2 of [Directive establishing the communications service’, ‘interpersonal European Electronic Communications communications service’, ‘number-based Code]; interpersonal communications service’, ‘number-independent interpersonal communications service’, ‘end-user’ and ‘call’ in points (1), (4), (5), (6), (7), (14) and (21) respectively of Article 2 of [Directive establishing the European Electronic Communications Code];
Or. en
Amendment 366 Daniel Dalton, John Procter
Proposal for a regulation Article 4 – paragraph 2
Text proposed by the Commission Amendment
2. For the purposes of point (b) of deleted paragraph 1, the definition of ‘interpersonal communications service’ shall include services which enable interpersonal and interactive communication merely as a minor ancillary feature that is intrinsically linked to another service.
Or. en
Amendment 367 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 4 – paragraph 2
Text proposed by the Commission Amendment
2. For the purposes of point (b) of deleted paragraph 1, the definition of ‘interpersonal communications service’ shall include services which enable interpersonal and interactive communication merely as a minor ancillary feature that is intrinsically linked to another service.
Or. en
Amendment 368 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 2
Text proposed by the Commission Amendment
2. For the purposes of point (b) of deleted paragraph 1, the definition of ‘interpersonal communications service’ shall include services which enable interpersonal and interactive communication merely as a minor ancillary feature that is intrinsically linked to another service.
Or. en
Amendment 369 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 2
Text proposed by the Commission Amendment
2. For the purposes of point (b) of deleted paragraph 1, the definition of ‘interpersonal communications service’ shall include services which enable interpersonal and interactive communication merely as a minor ancillary feature that is intrinsically linked to another service.
Or. en
Amendment 370 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point -a (new)
Text proposed by the Commission Amendment
(-a) 'electronic communications network' means a transmission system, whether or not based on a permanent infrastructure or centralised administration capacity, and, where applicable, switching or routing equipment and other resources, including network elements which are not active, which permit the conveyance of signals by wire, radio, optical or other electromagnetic means, including satellite networks, electricity cable systems, to the extent that they are used for the purpose of transmitting signals, networks used for radio and television broadcasting, and cable television networks, irrespective of the type of information conveyed;
Or. en
Amendment 371 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point -a a (new)
Text proposed by the Commission Amendment
(-a a) 'electronic communications service' means a service provided via electronic communications networks, whether for remuneration or not, which encompasses one or more of the following: an 'internet access service' as defined in Article 2(2) or Regulation (EU) 2015/2120; an interpersonal communications service; a service consisting wholly or mainly in the conveyance of the signals, such as a transmission service used for the provision of a machine-to-machine service and for broadcasting, but excludes information conveyed as part of a broadcasting service to the public over an electronic communications network or service except to the extent that the information can be related to the identifiable subscriber or user receiving the information;
Or. en
Amendment 372 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point -a b (new)
Text proposed by the Commission Amendment
(-a b) 'interpersonal communications service' means a service, whether provided for remuneration or not, that enables direct interpersonal and interactive exchange of information between a finite number of persons whereby the persons initiating or participating in the communication determine the recipient(s); it includes services enabling interpersonal and interactive communication merely as a minor ancillary feature that is intrinsically linked to another service;
Or. en
Amendment 373 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point -a c (new)
Text proposed by the Commission Amendment
(-a c) 'number-based interpersonal communications service' means an interpersonal communications service which connects to the public switched telephone network, either by means of assigned numbering resources, i.e. number or numbers in national or international telephone numbering plans, or by enabling communication with a number or numbers in national or international telephone numbering plans;
Or. en
Amendment 374 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point -a d (new)
Text proposed by the Commission Amendment
(-a d) 'number-independent interpersonal communications service' means an interpersonal communications service which does not connect with the public switched telephone network, either by means of assigned numbering resources, i.e. a number or numbers in national or international telephone numbering plans, or by enabling communication with a number or numbers in national or international telephone numbering plans;
Or. en
Amendment 375 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point -a e (new)
Text proposed by the Commission Amendment
(-a e) 'end-user' means a legal entity or a natural person using or requesting a publicly available electronic communications service;
Or. en
Amendment 376 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point -a f (new)
Text proposed by the Commission Amendment
(-a f) 'user' means any natural person using a publicly available electronic communications service, for private or business purposes, without necessarily having subscribed to this service;
Or. en
Amendment 377 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 3 – point a a (new)
Text proposed by the Commission Amendment
(a a) (-a) 'electronic communications network' means a transmission system, whether or not based on a permanent infrastructure or centralised administration capacity, and, where applicable, switching or routing equipment and other resources, including network elements which are not active, which permit the conveyance of signals by wire, radio, optical or other electromagnetic means, including satellite networks, electricity cable systems, to the extent that they are used for the purpose of transmitting signals, networks used for radio and television broadcasting, and cable television networks, irrespective of the type of information conveyed; (-aa) 'electronic communications service' means a service provided via electronic communications networks, whether for remuneration or not, which encompasses one or more of the following: an 'internet access service' as defined in Article 2(2) or Regulation (EU) 2015/2120; an interpersonal communications service; a service consisting wholly or mainly in the conveyance of the signals, such as a transmission service used for the provision of a machine-to-machine service and for broadcasting, but excludes information conveyed as part of a broadcasting service to the public over an electronic communications network or service except to the extent that the information can be related to the identifiable subscriber or user receiving the information; it includes services enabling interpersonal and interactive communication merely as a minor ancillary feature that is intrinsically linked to another service; it also includes services which are not publicly available, but provide access to a publicly available electronic communications network; (-ab) 'interpersonal communications service' means a service, whether provided for remuneration or not, that enables direct interpersonal and interactive exchange of information between a finite number of persons whereby the persons initiating or participating in the communication determine the recipient(s); (-ac) 'number-based interpersonal communications service' means an interpersonal communications service which connects to the public switched telephone network, either by means of assigned numbering resources, i.e. number or numbers in national or international telephone numbering plans, or by enabling communication with a number or numbers in national or international telephone numbering plans; (-ad) 'number-independent interpersonal communications service' means an interpersonal communications service which does not connect with the public switched telephone network, either by means of assigned numbering resources, i.e. a number or numbers in national or international telephone numbering plans, or by enabling communication with a number or numbers in national or international telephone numbering plans; (-ae) 'subscriber' means a legal entity or a natural person using or requesting a publicly available electronic communications service; (-af) 'user' means any natural person using a publicly available electronic communications service, for private or business purposes, without necessarily having subscribed to this service; (this should be before point (a))
Or. en
Amendment 378 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 3 – point b
Text proposed by the Commission Amendment
(b) ‘electronic communications (b) 'electronic communications content' content’ means the content exchanged by means the content transmitted, distributed means of electronic communications or exchanged by means of electronic services, such as text, voice, videos, communications services, such as text, images, and sound; voice, videos, images, and sound, including electronic communications metadata of other electronic communications services or protocols that are transmitted by using the respective service;
Or. en
Justification
See explanatory recital (14a) on the separation and encapsulation of protocol layers.
Amendment 379 Daniel Dalton, John Procter
Proposal for a regulation Article 4 – paragraph 3 – point b
Text proposed by the Commission Amendment
(b) ‘electronic communications (b) 'electronic communications content' content’ means the content exchanged by means the content transmitted by means of means of electronic communications publically available electronic services, such as text, voice, videos, communications services, such as text, images, and sound; voice, videos, images, and sound;
Or. en
Amendment 380 Anna Maria Corazza Bildt
Proposal for a regulation Article 4 – paragraph 3 – point b
Text proposed by the Commission Amendment (b) ‘electronic communications (b) ‘electronic communications content’ means the content exchanged by content’ means the content transmitted by means of electronic communications means of publicly available electronic services, such as text, voice, videos, communications services, such as text, images, and sound; voice, videos, images, and sound;
Or. en
Amendment 381 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 3 – point c
Text proposed by the Commission Amendment
(c) ‘electronic communications (c) 'electronic communications metadata’ means data processed in an metadata' means all data processed for the electronic communications network for purposes of transmitting, distributing or the purposes of transmitting, distributing or exchanging electronic communications exchanging electronic communications content; including data used to trace and content; including data used to trace and identify the source and destination of a identify the source and destination of a communication, electronic identifiers and communication, data on the location of the any other data broadcasted or emitted by device generated in the context of the terminal equipment, data on the providing electronic communications location of the terminal equipment services, and the date, time, duration and processed in the context of providing the type of communication; electronic communications services, and the date, time, duration and the type of communication; where metadata of other electronic communications services or protocols are transmitted, distributed or exchanged by using the respective service, they shall be considered electronic communications content for the respective service;
Or. en
Justification
With the clarification on "data broadcasted or emitted" in the definition of “metadata”, Article 8(2) can be deleted, as it is covered by Art.6(2).
Last sentence: See explanatory recital (14a) on the separation and encapsulation of protocol layers.
Amendment 382 Cornelia Ernst
Proposal for a regulation Article 4 – paragraph 3 – point c
Text proposed by the Commission Amendment
(c) ‘electronic communications (c) 'electronic communications metadata’ means data processed in an metadata' means all data processed for the electronic communications network for purposes of transmitting, distributing or the purposes of transmitting, distributing or exchanging electronic communications exchanging electronic communications content; including data used to trace and content; including data used to trace and identify the source and destination of a identify the source and destination of a communication, electronic identifiers and communication, data on the location of the any other data broadcasted or emitted by device generated in the context of the terminal equipment, data on the providing electronic communications location of the terminal equipment services, and the date, time, duration and processed in the context of providing the type of communication; electronic communications services, and the date, time, duration and the type of communication; where metadata of other electronic communications services or protocols are transmitted, distributed or exchanged by using the respective service, they shall be considered electronic communications content for the respective service;
Or. en
Amendment 383 Sophia in 't Veld
Proposal for a regulation Article 4 – paragraph 3 – point c
Text proposed by the Commission Amendment
(c) ‘electronic communications (c) ‘electronic communications metadata’ means data processed in an metadata’ means all data processed for the electronic communications network for purpose of transmitting, distributing or the purposes of transmitting, distributing exchanging electronic communications or exchanging electronic communications content; including data used to trace and content; including data used to trace and identify the source and destination of a identify the source and destination of a communication, data on the location of the communication, data on the location of the device generated in the context of device generated in the context of providing electronic communications providing electronic communications services, and the date, time, duration and services, and the date, time, duration and the type of communication; the type of communication;
Or. en
Amendment 384 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 3 – point d
Text proposed by the Commission Amendment
(d) ‘publicly available directory’ means (d) ‘publicly available directory’ means a directory of end-users of electronic a directory of subscribers of electronic communications services, whether in communications services, whether in printed or electronic form, which is printed or electronic form, which is published or made available to the public published or made available to the public or to a section of the public, including by or to a section of the public, including by means of a directory enquiry service; means of a directory enquiry service;
Or. en
Amendment 385 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 4 – paragraph 3 – point f
Text proposed by the Commission Amendment
(f) ‘direct marketing communications’ (f) 'direct marketing communications' means any form of advertising, whether means any form of communication for the written or oral, sent to one or more purpose of promoting products and identified or identifiable end-users of services, whether written or oral, sent electronic communications services, directly to an identified or identifiable end- including the use of automated calling and users of an interpersonal communications communication systems with or without service, including the use of automated human interaction, electronic mail, SMS, calling and communication systems with or etc.; without human interaction, electronic mail, SMS, etc. For the purposes of this regulation an interpersonal communications service shall also include a service that is not provided for remuneration;
Or. en
Amendment 386 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 3 – point f
Text proposed by the Commission Amendment
(f) ‘direct marketing communications’ (f) 'direct marketing communications' means any form of advertising, whether means any form of advertising, whether in written or oral, sent to one or more written, audio, video, oral or any other identified or identifiable end-users of format, sent, broadcast, served or electronic communications services, presented to one or more identified or including the use of automated calling and identifiable subscribers of electronic communication systems with or without communications services, including the use human interaction, electronic mail, SMS, of automated calling and communication etc.; systems with or without human interaction, electronic mail, SMS, fax, etc.;
Or. en
Amendment 387 Sophia in 't Veld
Proposal for a regulation Article 4 – paragraph 3 – point f
Text proposed by the Commission Amendment
(f) ‘direct marketing communications’ (f) ‘direct marketing communications’ means any form of advertising, whether means any form of advertising, whether written or oral, sent to one or more written or oral, sent, directed or presented identified or identifiable end-users of to one or more identified or identifiable electronic communications services, end-users of electronic communications including the use of automated calling and services, including the use of automated communication systems with or without calling and communication systems with or human interaction, electronic mail, SMS, without human interaction, electronic mail, etc.; SMS, fax machines, etc.;
Or. en
Amendment 388 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 3 – point g
Text proposed by the Commission Amendment
(g) ‘direct marketing voice-to-voice (g) 'direct marketing voice-to-voice calls’ means live calls, which do not entail calls' means live calls, which do not entail the use of automated calling systems and the use of automated calling systems and communication systems; communication systems, including calls made using automated calling and communication systems which connect the called person to an individual;
Or. en
Justification
Moved last part here from (h) in order to avoid a circular definition in (h).
Amendment 389 Peter Kouroumbashev, Filiz Hyusmenova
Proposal for a regulation Article 4 – paragraph 3 – point g
Text proposed by the Commission Amendment
(g) ‘direct marketing voice-to-voice (g) 'direct marketing voice-to-voice calls’ means live calls, which do not entail calls' means live calls, which do not entail the use of automated calling systems and the use of automated calling systems and communication systems; communication systems; this shall not include calls and text messages linked to Amber Alert;
Or. en
Amendment 390 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 4 – paragraph 3 – point h
Text proposed by the Commission Amendment
(h) ‘automated calling and (h) ‘automated calling and communication systems’ means systems communication systems’ means systems capable of automatically initiating calls to capable of automatically initiating calls to one or more recipients in accordance with one or more recipients in accordance with instructions set for that system, and instructions set for that system, and transmitting sounds which are not live transmitting sounds which are not live speech, including calls made using speech. automated calling and communication systems which connect the called person to an individual.
Or. en
Justification
Moved last part to (g). WP 29 points out that (h) as proposed contains a reference to the term “automated calling and communications systems” itself, which would lead to a circular definition.
Amendment 391 Cornelia Ernst
Proposal for a regulation Chapter 2 – title
Text proposed by the Commission Amendment
PROTECTION OF ELECTRONIC PROTECTION OF ELECTRONIC COMMUNICATIONS OF NATURAL COMMUNICATIONS OF NATURAL AND LEGAL PERSONS AND OF AND LEGAL PERSONS AND OF INFORMATION STORED IN THEIR INFORMATION PROCESSED BY AND TERMINAL EQUIPMENT RELATED TO THEIR TERMINAL EQUIPMENT
Or. en
Amendment 392 Sophia in 't Veld
Proposal for a regulation Chapter 2 – title
Text proposed by the Commission Amendment
PROTECTION OF ELECTRONIC PROTECTION OF ELECTRONIC COMMUNICATIONS OF NATURAL COMMUNICATIONS OF NATURAL AND LEGAL PERSONS AND OF AND LEGAL PERSONS AND OF INFORMATION STORED IN THEIR INFORMATION PROCESSED BY TERMINAL EQUIPMENT AND RELATED TO THEIR TERMINAL EQUIPMENT
Or. en
Amendment 393 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Chapter 2 – title
Text proposed by the Commission Amendment
PROTECTION OF ELECTRONIC PROTECTION OF ELECTRONIC COMMUNICATIONS OF NATURAL COMMUNICATIONS OF NATURAL AND LEGAL PERSONS AND OF AND LEGAL PERSONS AND OF INFORMATION STORED IN THEIR INFORMATION PROCESSED BY AND TERMINAL EQUIPMENT RELATED TO THEIR TERMINAL EQUIPMENT
Or. en
Amendment 394 Heinz K. Becker
Proposal for a regulation Chapter 2 – title
Text proposed by the Commission Amendment
SCHUTZ DER ELEKTRONISCHEN SCHUTZ DER ELEKTRONISCHEN KOMMUNIKATION NATÜRLICHER KOMMUNIKATION NATÜRLICHER UND JURISTISCHER PERSONEN UND PERSONEN UND DER IN IHREN DER IN IHREN ENDEINRICHTUNGEN ENDEINRICHTUNGEN GESPEICHERTEN INFORMATIONEN GESPEICHERTEN INFORMATIONEN
Or. de
Amendment 395 Axel Voss, Heinz K. Becker, Rachida Dati, Brice Hortefeux
Proposal for a regulation Article 5 – title
Text proposed by the Commission Amendment
Confidentiality of electronic Confidentiality of electronic communications data communications content
Or. en
Amendment 396 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 5 – title
Text proposed by the Commission Amendment
Confidentiality of electronic Confidentiality of electronic communications data communications
Or. en
Amendment 397 Anna Maria Corazza Bildt
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications data shall be confidential. Any interference with confidential. Any interference with electronic communications data, such as by electronic communications data during listening, tapping, storing, monitoring, conveyance, such as by unauthorised scanning or other kinds of interception, listening, tapping, storing, scanning or surveillance or processing of electronic other kinds of interception, or surveillance communications data, by persons other of electronic communications data, by than the end-users, shall be prohibited, persons other than the sender or intended except when permitted by this Regulation. recipients, shall be prohibited, except when permitted by Union or national legislation. The processing of electronic communications data following conveyance to the intended recipients or their service provider shall be subject to Regulation (EU) 2016/679.
Or. en
Amendment 398 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications data shall be confidential. Any interference with confidential. Any interference with electronic communications data, such as by electronic communications data, such as by listening, tapping, storing, monitoring, unauthorized listening, tapping, storing, scanning or other kinds of interception, monitoring, scanning or other kinds of surveillance or processing of electronic interception, or surveillance of electronic communications data, by persons other communications data, by persons other than the end-users, shall be prohibited, than the sender or intended recipients, except when permitted by this Regulation. shall be prohibited, except when permitted by this Regulation. The processing of electronic communications data following conveyance to the intended recipients or their service provider shall be subject to Regulation (EU) 2016/679.
Or. en
Amendment 399 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be 1. Electronic communications shall be confidential. Any interference with confidential. Any processing of electronic electronic communications data, such as by communications data, including any listening, tapping, storing, monitoring, interference with electronic scanning or other kinds of interception, communications data such as by listening, surveillance or processing of electronic tapping, storing, monitoring, scanning or communications data, by persons other other kinds of interception, surveillance of than the end-users, shall be prohibited, electronic communications data, by except when permitted by this Regulation. persons other than the users, shall be prohibited, except when permitted by this Regulation. This includes electronic communications data that is stored after the transmission has been completed.
Or. en
Justification
First part clarifies that all processing of communications data is covered by this Regulation, not only processing that can be interpreted as “interference”. Last part as recommended by the EDPS, in order to make it future-proof for cloud-based services.
Amendment 400 Cornelia Ernst
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications shall be confidential. Any interference with confidential. Any processing of electronic electronic communications data, such as by communications data, including any listening, tapping, storing, monitoring, interference with electronic scanning or other kinds of interception, communications data such as by listening, surveillance or processing of electronic tapping, storing, monitoring, scanning or communications data, by persons other other kinds of interception, surveillance of than the end-users, shall be prohibited, electronic communications data, by except when permitted by this Regulation. persons other than the users, shall be prohibited, except when permitted by this Regulation. This includes electronic communications data that is stored after the transmission has been completed.
Or. en
Amendment 401 Monica Macovei, Marian-Jean Marinescu, Barbara Spinelli
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications data shall be confidential. Any interference with confidential. Any interference with electronic communications data, such as by electronic communications data regardless listening, tapping, storing, monitoring, of whether this data is in transit or stored, scanning or other kinds of interception, such as by listening, tapping, storing, surveillance or processing of electronic monitoring, scanning or other kinds of communications data, by persons other interception, surveillance or any processing than the end-users, shall be prohibited, of electronic communications data, by except when permitted by this Regulation. persons other than the end-users, shall be prohibited, except when permitted by this Regulation. Or. en
Amendment 402 Axel Voss, Heinz K. Becker, Rachida Dati, Elissavet Vozemberg-Vrionidi, Brice Hortefeux
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications data shall be confidential. Any interference with confidential. Any interference with electronic communications data, such as by electronic communications data during listening, tapping, storing, monitoring, conveyance, such as by listening, tapping, scanning or other kinds of interception, storing, monitoring, scanning or other surveillance or processing of electronic kinds of interception, surveillance or communications data, by persons other processing of electronic communications than the end-users, shall be prohibited, content, by persons other than the end- except when permitted by this Regulation. users, shall be prohibited, except when permitted by this Regulation.
Or. en
Justification
It is justifiable for electronic communication content to be protected against interference by third parties, with special requirements for the processing of content pursuant to Article 6(3) of the proposal. This does not apply to the processing of electronic communication metadata to which the principle of confidentiality is not relevant. Personal metadata may reveal personal information, but their processing is governed by Regulation (EU) No 2016/679.
Amendment 403 Emilian Pavel
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications data shall be confidential. Any interference with confidential. Any interference with electronic communications data, such as by electronic communications data, such as by listening, tapping, storing, monitoring, unauthorised listening, tapping, storing, scanning or other kinds of interception, monitoring, scanning or other kinds of surveillance or processing of electronic interception, or surveillance, by persons communications data, by persons other other than the end-users, shall be than the end-users, shall be prohibited, prohibited, except when permitted by this except when permitted by this Regulation. Regulation.
Or. en
Amendment 404 Daniel Dalton, John Procter
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications data shall be confidential. Any interference with confidential. Any interference with electronic communications data, such as by electronic communications data during listening, tapping, storing, monitoring, transmission, such as by listening, tapping, scanning or other kinds of interception, storing, monitoring, scanning or other surveillance or processing of electronic kinds of interception or surveillance, by communications data, by persons other persons other than the end-users, shall be than the end-users, shall be prohibited, prohibited, except when permitted by this except when permitted by this Regulation. Regulation.
Or. en
Amendment 405 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky
Proposal for a regulation Article 5 – paragraph 1
Text proposed by the Commission Amendment
Electronic communications data shall be Electronic communications data shall be confidential. Any interference with confidential. Any interference with electronic communications data, such as by electronic communications data, such as by listening, tapping, storing, monitoring, listening, tapping, storing, monitoring, scanning or other kinds of interception, scanning or other kinds of interception or surveillance or processing of electronic surveillance of electronic communications communications data, by persons other data, by persons other than the end-users, than the end-users, shall be prohibited, shall be prohibited, except when permitted except when permitted by this Regulation. by this Regulation.
Or. en
Amendment 406 Monica Macovei, Tomáš Zdechovský, Barbara Spinelli
Proposal for a regulation Article 5 – paragraph 1 – subparagraph 1 (new)
Text proposed by the Commission Amendment
Neither providers of electronic communication services, nor any third parties, shall process electronic communications data collected on the basis of consent or any other legal ground under this Regulation on any other legal basis not specifically provided for in this Regulation
Or. en
Amendment 407 Axel Voss, Heinz K. Becker, Rachida Dati, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 5 – paragraph 1 a (new)
Text proposed by the Commission Amendment
For the implementation of the previous paragraph, providers of electronic communications networks and services shall take technical and organisational measures as defined in Article 32 of Regulation (EU) 2016/679. Additionally, to protect the integrity of terminal equipment and the safety, security and privacy of users, providers or electronic communications networks and services shall take appropriate measures based on the risk and on the state of the art reasonably to prevent the distribution through their networks or services of malicious software is referred to in Article 7 Sub-Paragraph (a) of Directive 2013/40/EU.
Or. en
Amendment 408 Anna Maria Corazza Bildt
Proposal for a regulation Article 5 – paragraph 1 a (new)
Text proposed by the Commission Amendment
The prohibition of interception is not intended to prohibit access to electronic communications data by an electronic communications service provider or electronic communications network operator for purposes of conveying communications or for legitimate purposes related to the operation and protection of such services and networks consistent with obligations under Regulation (EU) 2016/679, Directive (EU) 2016/1148 and Regulation (EU) 2015/2120.
Or. en
Amendment 409 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 5 – paragraph 1 a (new)
Text proposed by the Commission Amendment
2. Confidentiality of electronic communications shall also apply to data related to or processed by terminal equipment and to machine-to-machine communication.
Or. en
Justification
Communications providers should also protect communications related to automated supply chains and any other M2M communication. This protects confidential business information.
Amendment 410 Sophia in 't Veld
Proposal for a regulation Article 5 – paragraph 1 a (new)
Text proposed by the Commission Amendment
Confidentiality of electronic communications shall also apply to data related to or processed by terminal equipment and to machine-to-machine communication.
Or. en
Amendment 411 Monica Macovei, Tomáš Zdechovský, Barbara Spinelli
Proposal for a regulation Article 6 – title
Text proposed by the Commission Amendment
Permitted processing of electronic Lawful processing of electronic communications data communications data
Or. en
Amendment 412 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. Providers of electronic 1. Providers of public electronic communications networks and services communications networks and publicly may process electronic communications available electronic communications data if: services may process electronic communications data if:
Or. en
Amendment 413 Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
(1) Betreiber elektronischer (1) Elektronische Kommunikationsnetze und -dienste dürfen Kommunikationsdaten dürfen verarbeitet elektronische Kommunikationsdaten werden, wenn verarbeiten, wenn
Or. de
Amendment 414 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Elissavet Vozemberg-Vrionidi, Pál Csáky
Proposal for a regulation Article 6 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. Providers of electronic 1. Providers of electronic communications networks and services communications networks and services may process electronic communications may process electronic communications data if: data if it is necessary to achieve the transmission of the communication, for the duration necessary for that purpose.
Or. en
Amendment 415 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. Providers of electronic 1. Notwithstanding Article 6 of communications networks and services Regulation (EU) 2016/679, providers of may process electronic communications electronic communications networks and data if: services may process electronic communications data only if:
Or. en (See also the clarification in Recital 15.)
Amendment 416 Cornelia Ernst
Proposal for a regulation Article 6 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. Providers of electronic 1. Providers of electronic communications networks and services communications networks and services may process electronic communications may process electronic communications data if: data only if:
Or. en
Amendment 417 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. Providers of electronic 1. Providers of electronic communications networks and services communications networks and services may process electronic communications may process electronic communications data if: data only if:
Or. en
Amendment 418 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary to achieve the deleted transmission of the communication, for the duration necessary for that purpose; or
Or. en
Amendment 419 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Elissavet Vozemberg-Vrionidi, Pál Csáky
Proposal for a regulation Article 6 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary to achieve the deleted transmission of the communication, for the duration necessary for that purpose; or
Or. en
Amendment 420 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary to achieve the (a) it is necessary to achieve the transmission of the communication, for the transmission of the communication, for the duration necessary for that purpose; or duration necessary for that purpose; or it is necessary for providing an electronic communications service requested by the consumer.
Or. en
Amendment 421 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 6 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary to achieve the (a) it is technically strictly necessary to transmission of the communication, for the achieve the transmission of the duration necessary for that purpose; or communication, for the duration necessary for that purpose; Or. en
Amendment 422 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 6 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary to achieve the (a) it is strictly necessary to achieve the transmission of the communication, for the transmission of the communication, for the duration necessary for that purpose; or duration necessary for that purpose only; or
Or. en
Amendment 423 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary to achieve the (a) it is strictly necessary to achieve the transmission of the communication, for the transmission of the communication, for the duration necessary for that purpose; or duration necessary for that purpose; or
Or. en
Amendment 424 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 1 – point a a (new)
Text proposed by the Commission Amendment
(a a) the data is anonymous or made anonymous before any other processing; or
Or. en
Amendment 425 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or deleted restore the security of electronic communications networks and services, or detect technical faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose.
Or. en
Amendment 426 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is technically strictly necessary to the security of electronic communications maintain or restore the availability, networks and services, or detect technical integrity and confidentiality of the faults and/or errors in the transmission of respective electronic communications electronic communications, for the network or service, or to detect technical duration necessary for that purpose. faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose; or
Or. en
Amendment 427 Cornelia Ernst
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment (b) it is necessary to maintain or restore (b) it is technically strictly necessary to the security of electronic communications maintain or restore the availability, networks and services, or detect technical integrity and confidentiality of the faults and/or errors in the transmission of respective electronic communications electronic communications, for the network or service, or to detect technical duration necessary for that purpose. faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose; or
Or. en
Amendment 428 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is strictly necessary to maintain the security of electronic communications or restore the security of electronic networks and services, or detect technical communications networks and services, or faults and/or errors in the transmission of detect technical faults and/or errors in the electronic communications, for the transmission of electronic communications, duration necessary for that purpose. for the duration necessary for that purpose only and only to the extent that the purpose concerned could not be fulfilled by processing information that is made anonymous;
Or. en
Amendment 429 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is strictly necessary to maintain the security of electronic communications or restore the security of electronic networks and services, or detect technical communications networks and services, or faults and/or errors in the transmission of detect technical faults and/or errors in the electronic communications, for the transmission of electronic communications, duration necessary for that purpose. for the duration necessary for that purpose. Or. en
Amendment 430 Peter Kouroumbashev, Maria Grapini
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or (b) it is necessary to maintain, restore restore the security of electronic and protect the security, constancy, communications networks and services, or confidentiality, availability and detect technical faults and/or errors in the authenticity of electronic communications transmission of electronic communications, networks and services, or detect technical for the duration necessary for that purpose. faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose; providers of electronic communications networks and services are encouraged to ensure through proportionate means the impediment of distribution of malicious software in line with Article 7(a) of Directive 2013/40/EU.
Or. en
Amendment 431 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is necessary to maintain or restore the security of electronic communications the security or availability of electronic networks and services, or detect technical communications networks and services, or faults and/or errors in the transmission of detect technical faults and/or errors in the electronic communications, for the transmission of electronic communications duration necessary for that purpose. or the security of or availability for third parties connected to the network, for the duration necessary for that purpose.
Or. en
Amendment 432 Emilian Pavel
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is necessary to maintain or restore the security of electronic communications the security or availability of electronic networks and services, or detect technical communications networks and services, as faults and/or errors in the transmission of well as the security of third parties electronic communications, for the connected to the networks, or detect duration necessary for that purpose. technical faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose.
Or. en
Amendment 433 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is necessary to maintain or restore the security of electronic communications the security of electronic communications networks and services, or detect technical networks and services, and users of these faults and/or errors in the transmission of networks and services, or detect technical electronic communications, for the faults and/or errors in the transmission of duration necessary for that purpose. electronic communications, or to stop fraudulent or abusive use of the service;
Or. en
Amendment 434 Daniel Dalton, John Procter
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is necessary to maintain or restore the security of electronic communications the security or availability of electronic networks and services, or detect technical communications networks and services, or faults and/or errors in the transmission of detect technical faults and/or errors in the electronic communications, for the transmission of electronic communications, duration necessary for that purpose. for the duration necessary for that purpose.
Or. en
Amendment 435 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) it is necessary to maintain or restore (b) it is necessary to maintain or restore the security of electronic communications the security or availability of electronic networks and services, or detect technical communications networks and services, or faults and/or errors in the transmission of detect technical faults and/or errors in the electronic communications, for the transmission of electronic communications, duration necessary for that purpose. for the duration necessary for that purpose.
Or. en
Amendment 436 Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 1 – point b
Text proposed by the Commission Amendment b) dies zur Aufrechterhaltung oder b) dies zur Aufrechterhaltung oder Wiederherstellung der Sicherheit Wiederherstellung der Sicherheit oder elektronischer Kommunikationsnetze und - Verfügbarkeit elektronischer dienste oder zur Erkennung von Kommunikationsnetze und -dienste oder technischen Defekten und Fehlern bei der zur Erkennung von technischen Defekten Übermittlung der elektronischen und Fehlern bei der Übermittlung der Kommunikation nötig ist, für die dazu elektronischen Kommunikation nötig ist, erforderliche Dauer. für die dazu erforderliche Dauer.
Or. de
Amendment 437 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) the user concerned has given his or her consent to the processing of his or her electronic communications data, provided that it is technically strictly necessary for the provision of a service explicitly requested by a user for his or her purely individual usage, solely for the provision of the explicitly requested service and only for the duration necessary for that purpose and without the consent of all users, only where such processing produces effects solely in relation to the user who requested the service and does not adversely affect the fundamental rights of other users.
Or. en
Amendment 438 Cornelia Ernst
Proposal for a regulation Article 6 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) the user concerned has given his or her consent to the processing of his or her electronic communications data, provided that it is technically strictly necessary for the provision of a service explicitly requested by a user for his or her purely individual usage, solely for the provision of the explicitly requested service and only for the duration necessary for that purpose and without the consent of all users, only where such processing produces effects solely in relation to the user who requested the service and does not adversely affect the fundamental rights of other users.
Or. en
Amendment 439 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 6 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) it is necessary for compliance with a legal obligation to which the provider of electronic communication networks or services is subject, including but not limited to where it is necessary in order to comply with a legal obligation arising out of Article 11 of this Regulation;
Or. en
Amendment 440 Monica Macovei
Proposal for a regulation Article 6 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) Where processing of electronic communications data in accordance with point(b) of Article 6 (1) is likely to result in a high risk to the rights and freedoms of natural persons, Articles 35 and 36 of Regulation (EU) 2016/679 shall apply.
Or. en
Amendment 441 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) it is necessary for the purpose of the legitimate interests of the provider except where such interests are overridden by the interests or fundamental rights and freedoms of the consumers concerned;
Or. en
Amendment 442 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 6 – paragraph 1 – point b b (new)
Text proposed by the Commission Amendment
(b b) it is necessary for the provision of emergency services; or
Or. en
Amendment 443 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. Providers of electronic communications networks and services, users and any third party who can demonstrate a legitimate interest may process electronic communications data to the extent strictly necessary and proportionate for the purpose of ensuring network and information security, notably in order to: (a) protect the confidentiality, integrity, availability, authenticity of electronic communications or of terminal equipment; (b) protect the privacy and safety of users or of third parties; (c) maintain or restore the confidentiality, integrity, availability, authenticity of electronic communications networks and services; (d) detect technical faults and/or errors in the transmission of electronic communications.
Or. en
Amendment 444 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. Providers of electronic communication networks and services and third parties may process electronic communication data to the extent strictly necessary for the purpose of ensuring security of network and information if it is necessary to protect, maintain or restore the confidentiality, integrity, availability, authenticity of electronic communications, protect the privacy and safety of end-users or of third parties or detect technical faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose.
Or. en
Amendment 445 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. Before processing electronic communications data, the provider shall carry out a data protection impact assessment pursuant to Article 35 of Regulation (EU) 2016/679, and if necessary a prior consultation with the supervisory authority pursuant to Article 36 of Regulation (EU) 2016/679.
Or. en
Amendment 446 Cornelia Ernst
Proposal for a regulation Article 6 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. Before processing electronic communications data, the provider shall carry out a data protection impact assessment pursuant to Article 35 of Regulation (EU) 2016/679, and if necessary a prior consultation with the supervisory authority pursuant to Article 36 of Regulation (EU) 2016/679.
Or. en
Amendment 447 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 2
Text proposed by the Commission Amendment
2. Providers of electronic deleted communications services may process electronic communications metadata if: (a) it is necessary to meet mandatory quality of service requirements pursuant to [Directive establishing the European Electronic Communications Code] or Regulation (EU) 2015/212028 for the duration necessary for that purpose; or (b) it is necessary for billing, calculating interconnection payments, detecting or stopping fraudulent, or abusive use of, or subscription to, electronic communications services; or (c) the end-user concerned has given his or her consent to the processing of his or her communications metadata for one or more specified purposes, including for the provision of specific services to such end- users, provided that the purpose or purposes concerned could not be fulfilled by processing information that is made anonymous. ______28 Regulation (EU) 2015/2120 of the European Parliament and of the Council of 25 November 2015 laying down measures concerning open internet access and amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services and Regulation (EU) No 531/2012 on roaming on public mobile communications networks within the Union (OJ L 310, 26.11.2015, p. 1– 18).
Or. en
Justification
Under Regulation (EU) No 2016/679, metadata are defined as personal data which explicitly do not fall into the special category of personal data referred to in Article 9 of Regulation (EU) No 2016/679. No comparable need for protection was therefore recognised in Regulation (EU) No 2016/679 for metadata, nor should provision for it be reintroduced by means of sector-specific legislation.
Amendment 448 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 2 – introductory part
Text proposed by the Commission Amendment
2. Providers of electronic 2. Providers of electronic communications services may process communications networks and services electronic communications metadata if: may process electronic communications metadata if:
Or. en
Amendment 449 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 2 – introductory part
Text proposed by the Commission Amendment
2. Providers of electronic 2. Providers of electronic communications services may process communications services may process electronic communications metadata if: electronic communications metadata only if:
Or. en
Amendment 450 Monica Macovei
Proposal for a regulation Article 6 – paragraph 2 – introductory part
Text proposed by the Commission Amendment
2. Providers of electronic 2. Providers of electronic communications services may process communications services may process electronic communications metadata if: electronic communications metadata only if:
Or. en
Amendment 451 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 2 – introductory part
Text proposed by the Commission Amendment 2. Providers of electronic 2. Providers of electronic communications services may process communications services may process electronic communications metadata if: electronic communications metadata only if:
Or. en
Amendment 452 Cornelia Ernst
Proposal for a regulation Article 6 – paragraph 2 – introductory part
Text proposed by the Commission Amendment
2. Providers of electronic 2. Providers of electronic communications services may process communications services may process electronic communications metadata if: electronic communications metadata only if:
Or. en
Amendment 453 Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 2 – introductory part
Text proposed by the Commission Amendment
(2) Betreiber elektronischer (2) Elektronische Kommunikationsdienste dürfen Kommunikationsmetadaten dürfen nur elektronische Kommunikationsmetadaten verarbeitet werden, wenn verarbeiten, wenn
Or. de
Amendment 454 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 2 – point a
Text proposed by the Commission Amendment (a) it is necessary to meet mandatory (a) for quality service purposes, quality of service requirements pursuant to including network management [Directive establishing the European and quality of service requirements Electronic Communications Code] or pursuant to [Directive establishing the Regulation (EU) 2015/212028 for the European Electronic Communications duration necessary for that purpose; or Code] or Regulation (EU) 2015/212028 for the duration necessary for that purpose; or ______28 Regulation (EU) 2015/2120 of the 28 Regulation (EU) 2015/2120 of the European Parliament and of the Council of European Parliament and of the Council of 25 November 2015 laying down measures 25 November 2015 laying down measures concerning open internet access and concerning open internet access and amending Directive 2002/22/EC on amending Directive 2002/22/EC on universal service and users’ rights relating universal service and users’ rights relating to electronic communications networks and to electronic communications networks and services and Regulation (EU) No 531/2012 services and Regulation (EU) No 531/2012 on roaming on public mobile on roaming on public mobile communications networks within the communications networks within the Union (OJ L 310, 26.11.2015, p. 1–18). Union (OJ L 310, 26.11.2015, p. 1–18).
Or. en
Amendment 455 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 6 – paragraph 2 – point a
Text proposed by the Commission Amendment
(a) it is necessary to meet mandatory (a) it is technically strictly necessary to quality of service requirements pursuant to meet mandatory quality of service [Directive establishing the European requirements pursuant to [Directive Electronic Communications Code] or establishing the European Electronic Regulation (EU) 2015/212028 for the Communications Code] or Regulation duration necessary for that purpose; or (EU) 2015/212028 for the duration necessary for that purpose; or ______28 Regulation (EU) 2015/2120 of the 28 Regulation (EU) 2015/2120 of the European Parliament and of the Council of European Parliament and of the Council of 25 November 2015 laying down measures 25 November 2015 laying down measures concerning open internet access and concerning open internet access and amending Directive 2002/22/EC on amending Directive 2002/22/EC on universal service and users’ rights relating universal service and users’ rights relating to electronic communications networks and to electronic communications networks and services and Regulation (EU) No 531/2012 services and Regulation (EU) No 531/2012 on roaming on public mobile on roaming on public mobile communications networks within the communications networks within the Union (OJ L 310, 26.11.2015, p. 1–18). Union (OJ L 310, 26.11.2015, p. 1–18).
Or. en
Amendment 456 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 2 – point a
Text proposed by the Commission Amendment
(a) it is necessary to meet mandatory (a) it is strictly necessary to meet quality of service requirements pursuant to mandatory quality of service requirements [Directive establishing the European pursuant to [Directive establishing the Electronic Communications Code] or European Electronic Communications Regulation (EU) 2015/212028 for the Code] or Regulation (EU) 2015/212028 for duration necessary for that purpose; or the duration necessary for that purpose; or ______28 Regulation (EU) 2015/2120 of the 28 Regulation (EU) 2015/2120 of the European Parliament and of the Council of European Parliament and of the Council of 25 November 2015 laying down measures 25 November 2015 laying down measures concerning open internet access and concerning open internet access and amending Directive 2002/22/EC on amending Directive 2002/22/EC on universal service and users’ rights relating universal service and users’ rights relating to electronic communications networks and to electronic communications networks and services and Regulation (EU) No 531/2012 services and Regulation (EU) No 531/2012 on roaming on public mobile on roaming on public mobile communications networks within the communications networks within the Union (OJ L 310, 26.11.2015, p. 1–18). Union (OJ L 310, 26.11.2015, p. 1–18).
Or. en
Amendment 457 Peter Kouroumbashev, Filiz Hyusmenova
Proposal for a regulation Article 6 – paragraph 2 – point a a (new)
Text proposed by the Commission Amendment
(a a) even in the denial or absence of consent of an end-user for the processing of metadata in order to locate an individual in cases of calls to emergency services exclusively for Amber Alert and the European emergency phone number (112).
Or. en
Amendment 458 Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 2 – point b
Text proposed by the Commission Amendment b) dies zur Rechnungstellung, zur b) dies zur Rechnungstellung, zur Berechnung von Berechnung von Zusammenschaltungszahlungen, zur Zusammenschaltungszahlungen, zur Erkennung oder Beendigung betrügerischer Erkennung oder Beendigung betrügerischer oder missbräuchlicher Nutzungen oder missbräuchlicher Nutzungen elektronischer Kommunikationsdienste elektronischer Kommunikationsdienste, oder der diesbezüglichen Verträge nötig zur Planung und Optimierung des ist, oder Netzwerks oder der diesbezüglichen Verträge nötig ist, oder
Or. de
Amendment 459 Monica Macovei
Proposal for a regulation Article 6 – paragraph 2 – point b
Text proposed by the Commission Amendment
(b) it is necessary for billing, (b) it is strictly necessary for billing, calculating interconnection payments, calculating interconnection payments, detecting or stopping fraudulent, or abusive detecting or stopping fraudulent, unlawful use of, or subscription to, electronic or abusive use of, or subscription to, communications services; or electronic communications services; or
Or. en
Amendment 460 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 2 – point b
Text proposed by the Commission Amendment
(b) it is necessary for billing, (b) it is strictly necessary for billing, calculating interconnection payments, calculating interconnection payments, detecting or stopping fraudulent, or detecting or stopping fraudulent, abusive use of, or subscription to, or unlawful use of, or subscription to, electronic communications services; or electronic communications services; or
Or. en
Amendment 461 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 6 – paragraph 2 – point b
Text proposed by the Commission Amendment
(b) it is necessary for billing, (b) it is strictly necessary for billing, calculating interconnection payments, calculating interconnection payments, detecting or stopping fraudulent, or detecting or stopping fraudulent use of, or abusive use of, or subscription to, subscription to, electronic communications electronic communications services; or services; or
Or. en
Amendment 462 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 6 – paragraph 2 – point b
Text proposed by the Commission Amendment
(b) it is necessary for billing, (b) it is necessary for billing, calculating interconnection payments, interconnection payments, detecting or detecting or stopping fraudulent, or abusive stopping fraudulent, or abusive use of, or use of, or subscription to, electronic subscription to, electronic communications communications services; or services; or
Or. en
Amendment 463 Emilian Pavel
Proposal for a regulation Article 6 – paragraph 2 – point b
Text proposed by the Commission Amendment
(b) it is necessary for billing, (b) it is necessary for billing, calculating interconnection payments, interconnection payments, detecting or detecting or stopping fraudulent, or abusive stopping fraudulent, or abusive use of, or use of, or subscription to, electronic subscription to, electronic communications communications services; or services; or
Or. en
Amendment 464 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) the end-user concerned has given (c) after receiving all relevant his or her consent to the processing of his information about the intended or her communications metadata for one or processing in a clear and easily more specified purposes, including for the understandable language, provided provision of specific services to such end- separately from the terms and conditions users, provided that the purpose or of the provider, the end-user concerned has purposes concerned could not be fulfilled given his or her consent to the processing by processing information that is made of his or her communications metadata for anonymous. one or more specified purposes, including for the provision of specific services to all end-users, or which are provided in order to deliver a specific functionality to the end-user concerned, provided that the purpose or purposes concerned could not be fulfilled by processing information that is made anonymous. Consent may be provided to the provider of the communication service or to the provider of the specific service, but if it is provided to the latter, the latter must be able to prove to the provider of the communication service that such consent has been given.
Or. en
Amendment 465 Cornelia Ernst
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) the end-user concerned has given (c) the user or users concerned have his or her consent to the processing of his given their specific consent to the or her communications metadata for one processing of their communications or more specified purposes, including for metadata by the respective electronic the provision of specific services to such communications service for one or more end-users, provided that the purpose or specified purposes, including for the purposes concerned could not be fulfilled provision of specific services to such users, by processing information that is made provided that the purpose or purposes anonymous. concerned could not be fulfilled by processing data that is made anonymous, and the consent has not been a condition to access or use a service.
Or. en
Amendment 466 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) the end-user concerned has given (c) the user or users concerned have his or her consent to the processing of his given their specific consent to the or her communications metadata for one processing of their communications or more specified purposes, including for metadata by the respective electronic the provision of specific services to such communications service for one or more end-users, provided that the purpose or specified purposes, including for the purposes concerned could not be fulfilled provision of specific services to such users, by processing information that is made provided that the purpose or purposes anonymous. concerned could not be fulfilled by processing data that is made anonymous, and the consent has not been a condition to access or use a service.
Or. en
Amendment 467 Emilian Pavel
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) the end-user concerned has given (c) the end-user concerned has given his or her consent to the processing of his his or her consent to the processing of his or her communications metadata for one or or her communications metadata for one or more specified purposes, including for the more specified purposes, including for the provision of specific services to such end- provision of specific services to such end- users, provided that the purpose or users; purposes concerned could not be fulfilled by processing information that is made anonymous.
Or. en
Amendment 468 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) the end-user concerned has given (c) the end-user concerned has given his or her consent to the processing of his his or her consent to the processing of his or her communications metadata for one or or her communications metadata for one or more specified purposes, including for the more specified purposes, including for the provision of specific services to such end- provision of specific services to such end- users, provided that the purpose or users; or purposes concerned could not be fulfilled by processing information that is made anonymous.
Or. en
Amendment 469 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) the end-user concerned has given (c) the end-user concerned has given his or her consent to the processing of his his or her consent to the processing of his or her communications metadata for one or or her communications metadata for one or more specified purposes, including for the more specified purposes, including for the provision of specific services to such end- provision of specific services to such end- users, provided that the purpose or users, or purposes concerned could not be fulfilled by processing information that is made anonymous.
Or. en
Amendment 470 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment
(c) the end-user concerned has given (c) the end-user or end-users his or her consent to the processing of his concerned have given his or her consent to or her communications metadata for one or the processing of his or her more specified purposes, including for the communications metadata for one or more provision of specific services to such end- specified purposes, including for the users, provided that the purpose or provision of specific services to such end- purposes concerned could not be fulfilled users, provided that the purpose or by processing information that is made purposes concerned could not be fulfilled anonymous. by processing information that is made anonymous.
Or. en
Amendment 471 Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 2 – point c
Text proposed by the Commission Amendment c) der betreffende Endnutzer seine c) ein Rechtmäßigkeitsgrund nach Einwilligung zur Verarbeitung seiner Artikel 6 der Verordnung (EU) 2016/679 Kommunikationsmetadaten für einen des Europäischen Parlaments und des oder mehrere bestimmte Zwecke gegeben Rates vom 27. April 2016 zum Schutz hat, so auch für die Bereitstellung natürlicher Personen bei der bestimmter Dienste für diese Endnutzer, Verarbeitung personenbezogener Daten, sofern die betreffenden Zwecke durch zum freien Datenverkehr und zur eine Verarbeitung anonymisierter Aufhebung der Richtlinie 95/46/EG Informationen nicht erreicht werden (Datenschutz-Grundverordnung) zur können. Anwendung kommt.
Or. de
Amendment 472 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 2 – point c a (new)
Text proposed by the Commission Amendment
(c a) the processing of these data for another specified purpose is compatible with the purpose for which the data were initially collected and is subject to specific safeguards, especially pseudonymisation, as set forth in Article 6(4) of Regulation (EU) 2016/679; or
Or. en
Amendment 473 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 6 – paragraph 2 – point c a (new)
Text proposed by the Commission Amendment
(c a) the processing of electronic communications metadata for one or more specified purposes is compatible with the purposes for which the data were initially collected, as set forth under point (4) of Article 6 of Regulation (EU) 2016/679.
Or. en
Amendment 474 Emilian Pavel
Proposal for a regulation Article 6 – paragraph 2 – point c a (new)
Text proposed by the Commission Amendment
(c a) the further processing of electronic communications metadata is compatible with the purposes for which the data were initially collected, as set forth under point (4) of Art. 6 of Regulation (EU)2016/679.
Or. en
Amendment 475 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 6 – paragraph 2 – point c a (new)
Text proposed by the Commission Amendment
(c a) processing is allowed pursuant to Articles 6(1) or 6(4) of Regulation (EU) 2016/679.
Or. en
Amendment 476 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 2 – point c b (new)
Text proposed by the Commission Amendment
(c b) it is necessary, in accordance with Article 6(1)(f) of Regulation (EU) 2016/679, for the purposes of the legitimate interests pursued by the service provider or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Or. en
Amendment 477 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. For the purpose of point (cb) of paragraph 2, data protection impact assessment shall be carried out as prescribed in Article 35 of Regulation (EU) 2016/679.
Or. en
Amendment 478 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. Article 6 of Regulation (EU) No 2016/679 shall apply.
Or. en
Justification
Article 6 of Regulation (EU) No 2016/679 already regulates the lawfulness of processing, and should therefore apply here.
Amendment 479 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. Art.6 of Regulation (EU) 2016/679 shall apply;
Or. en
Amendment 480 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 3 – introductory part
Text proposed by the Commission Amendment
3. Providers of the electronic 3. Providers of the electronic communications services may process communications services may process electronic communications content only: electronic communications content in accordance with Art. 6 of Regulation (EU) 2016/679 and to the extent the processing of all end-user electronic communications content for one or more specified purposes cannot be fulfilled by processing information that is made anonymous;
Or. en
Amendment 481 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 3 – introductory part
Text proposed by the Commission Amendment
3. Providers of the electronic 3. Without prejudice to points (1) and communications services may process (1a) of Article 6, providers of the electronic communications content only: electronic communications services may process electronic communications content only:
Or. en
Amendment 482 Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 3 – introductory part
Text proposed by the Commission Amendment
(3) Betreiber elektronischer (3) Elektronische Kommunikationsdienste dürfen Kommunikationsinhalte dürfen nur elektronische Kommunikationsinhalte verarbeitet werden wenn: nur verarbeiten:
Or. de
Amendment 483 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 3 – introductory part
Text proposed by the Commission Amendment
3. Providers of the electronic 3. Providers of electronic communications services may process communications services may process electronic communications content only: electronic communications content only if:
Or. en
Amendment 484 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) for the sole purpose of the deleted provision of a specific service to an end- user, if the end-user or end-users concerned have given their consent to the processing of his or her electronic communications content and the provision of that service cannot be fulfilled without the processing of such content; or
Or. en
Amendment 485 Cornelia Ernst
Proposal for a regulation Article 6 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) for the sole purpose of the (a) the user concerned has given his provision of a specific service to an end- or her consent to the processing of his or user, if the end-user or end-users her electronic communications content concerned have given their consent to the for the sole purpose of the provision of a processing of his or her electronic specific service explicitly requested by the communications content and the provision user, for the duration necessary for that of that service cannot be fulfilled without purpose, , provided that the provision of the processing of such content; or that specific service cannot be fulfilled without the processing of such content by the provider, and the consent has not been a condition to access or use a service; or
Or. en
Amendment 486 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) for the sole purpose of the (a) the user concerned has given his provision of a specific service to an end- or her consent to the processing of his or user, if the end-user or end-users her electronic communications content concerned have given their consent to the for the sole purpose of the provision of a processing of his or her electronic specific service explicitly requested by the communications content and the provision user, for the duration necessary for that of that service cannot be fulfilled without purpose, , provided that the provision of the processing of such content; or that specific service cannot be fulfilled without the processing of such content by the provider, and the consent has not been a condition to access or use a service; or Or. en
Amendment 487 Daniel Dalton, John Procter
Proposal for a regulation Article 6 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) for the sole purpose of the (a) for the sole purpose of the provision of a specific service to an end- provision of a specific service to an end- user, if the end-user or end-users user, if the service provider's end-user concerned have given their consent to the concerned has given their consent to the processing of his or her electronic processing of his or her electronic communications content and the provision communications content and the provision of that service cannot be fulfilled without of that service cannot be fulfilled without the processing of such content; or the processing of such content; or
Or. en
Amendment 488 Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 3 – point a
Text proposed by the Commission Amendment a) zum alleinigen Zweck der a) zum alleinigen Zweck der Bereitstellung eines bestimmten Dienstes Bereitstellung eines bestimmten Dienstes für einen Endnutzer, wenn der bzw. die für einen Endnutzer, wenn der bzw. die betreffenden Endnutzer ihre Einwilligung betreffenden Endnutzer ihre Einwilligung zur Verarbeitung ihrer elektronischen zur Verarbeitung ihrer elektronischen Kommunikationsinhalte gegeben haben Kommunikationsinhalte gegeben haben und die Dienstleistung ohne Verarbeitung oder die Dienstleistung ohne Verarbeitung dieser Inhalte nicht erbracht werden kann, dieser Inhalte nicht erbracht werden kann, oder oder
Or. de
Amendment 489 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 6 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) for the sole purpose of the (a) for the sole purpose of the provision of a specific service to an end- provision of a specific service to an end- user, if the end-user or end-users user, if the end-user concerned has given concerned have given their consent to the his or her consent to the processing of his processing of his or her electronic or her electronic communications content communications content and the provision and the provision of that service cannot be of that service cannot be fulfilled without fulfilled without the processing of such the processing of such content; or content; or
Or. en
Amendment 490 Anna Maria Corazza Bildt
Proposal for a regulation Article 6 – paragraph 3 – point b
Text proposed by the Commission Amendment
(b) if all end-users concerned have (b) if service providers' end-users have given their consent to the processing of consented to the processing of their their electronic communications content electronic communications pursuant to for one or more specified purposes that Regulation (EU) 2016/679. cannot be fulfilled by processing information that is made anonymous, and the provider has consulted the supervisory authority. Points (2) and (3) of Article 36 of Regulation (EU) 2016/679 shall apply to the consultation of the supervisory authority.
Or. en
Amendment 491 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 6 – paragraph 3 – point b
Text proposed by the Commission Amendment (b) if all end-users concerned have (b) if the service provider's end-user given their consent to the processing of has consented to the processing of their their electronic communications content electronic communications content for one or more specified purposes that pursuant to Regulation (EU) 2016/679. cannot be fulfilled by processing information that is made anonymous, and the provider has consulted the supervisory authority. Points (2) and (3) of Article 36 of Regulation (EU) 2016/679 shall apply to the consultation of the supervisory authority.
Or. en
Amendment 492 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 6 – paragraph 3 – point b
Text proposed by the Commission Amendment
(b) if all end-users concerned have (b) all users concerned have given given their consent to the processing of their consent to the processing of their their electronic communications content electronic communications content for one for one or more specified purposes that or more specified purposes that cannot be cannot be fulfilled by processing fulfilled by processing information that is information that is made anonymous, and made anonymous, and the provider has the provider has consulted the supervisory consulted the supervisory authority. Points authority. Points (2) and (3) of Article 36 (2) and (3) of Article 36 of Regulation of Regulation (EU) 2016/679 shall apply to (EU) 2016/679 shall apply to the the consultation of the supervisory consultation of the supervisory authority. authority.
Or. en
Amendment 493 Sophia in 't Veld
Proposal for a regulation Article 6 – paragraph 3 – point b a (new)
Text proposed by the Commission Amendment
(b a) For the provision of a service explicitly requested by a user of an electronic communications service for their purely individual or individual work- related usage, the provider of the electronic communications service may process electronic communications data solely for the provision of the explicitly requested service and without the consent of all users only where such requested processing produces effects solely in relation to the user who requested the service and does not adversely affect the fundamental rights of another user or users. Such a specific consent by the user shall preclude the provider from processing these data for any other purpose.
Or. en
Justification
This is a household exemption for services such as search or keyword indexing, virtual assistants, text-to-speech engines and translation services.
Amendment 494 Anna Maria Corazza Bildt, Caterina Chinnici, Carlos Coelho, Damiano Zoffoli, Barbara Matera, Merja Kyllönen, Hilde Vautmans, Julie Ward
Proposal for a regulation Article 6 – paragraph 3 a (new)
Text proposed by the Commission Amendment
3 a. Electronic communications data that is generated in the context of an electronic communications service envisioned particularly for children or directly targeted at children shall not be used for profiling or behaviourally targeted advertising purposes.
Or. en
Amendment 495 Marju Lauristin
Proposal for a regulation Article 6 – paragraph 3 a (new)
Text proposed by the Commission Amendment
3 a. Without prejudice to paragraphs 1, 2 and 3, neither providers of the electronic communications services, nor any other party, shall process electronic communications data collected on the basis of this Regulation, for further processing.
Or. en
Amendment 496 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 3 a (new)
Text proposed by the Commission Amendment
3 a. In so far as providers of electronic communications services are processing and receiving communications content to and by the end-user, the provisions of this regulation shall not apply but regulation (EU) 2016/679.
Or. en
Amendment 497 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 6 – paragraph 3 b (new)
Text proposed by the Commission Amendment
3 b. (a) The service provider may collect and use the personal data of a recipient of a service only to the extent necessary to enable and invoice the use of services (data on usage). Data on usage are in particular characteristics to identify the recipient of the service, details of the beginning and end of the scope of the respective usage, and details of the services used by the recipient of the service. (b) The service provider may collate a recipient's usage data regarding the use of different services to the extent necessary for invoicing the recipient of the service. (c) For the purposes of advertising, market research or in order to design the services in a needs-based manner, the service provider may produce profiles of usage based on pseudonyms to the extent that the recipient of the service does not object to this. The service provider must refer the recipient of the service to his right of refusal. These profiles of usage must not be collated with data on the bearer of the pseudonym without his consent (opt-in).
Or. en
Amendment 498 Daniel Dalton, John Procter
Proposal for a regulation Article 7
Text proposed by the Commission Amendment
Article 7 deleted Storage and erasure of electronic communications data 1. Without prejudice to point (b) of Article 6(1) and points (a) and (b) of Article 6(3), the provider of the electronic communications service shall erase electronic communications content or make that data anonymous after receipt of electronic communication content by the intended recipient or recipients. Such data may be recorded or stored by the end- users or by a third party entrusted by them to record, store or otherwise process such data, in accordance with Regulation (EU) 2016/679. 2. Without prejudice to point (b) of Article 6(1) and points (a) and (c) of Article 6(2), the provider of the electronic communications service shall erase electronic communications metadata or make that data anonymous when it is no longer needed for the purpose of the transmission of a communication. 3. Where the processing of electronic communications metadata takes place for the purpose of billing in accordance with point (b) of Article 6(2), the relevant metadata may be kept until the end of the period during which a bill may lawfully be challenged or a payment may be pursued in accordance with national law.
Or. en
Amendment 499 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 7 – paragraph 1
Text proposed by the Commission Amendment
1. Without prejudice to point (b) of 1. Without prejudice to points (a) and Article 6(1) and points (a) and (b) of (b) of Article 6(3), the provider of the Article 6(3), the provider of the electronic electronic communications service shall communications service shall erase erase electronic communications content electronic communications content or after receipt by the intended recipient or make that data anonymous after receipt of recipients. Such data may be recorded or electronic communication content by the stored by the end-users or by a party, intended recipient or recipients. Such data which could be the provider of the may be recorded or stored by the end-users electronic communication service, or by a third party entrusted by them to specifically entrusted by the subscriber to record, store or otherwise process such record, store or otherwise process such data, in accordance with Regulation (EU) data. The subscriber may further process 2016/679. the data in accordance with Regulation (EU) 2016/679, if applicable.
Or. en Justification
WP 29 notes that the definition of "third parties" in the GDPR doesn’t include the controllers. Therefore this expression should be avoided in the context of this Regulation. See related amendments to Articles 10 and 14.
Amendment 500 Cornelia Ernst
Proposal for a regulation Article 7 – paragraph 1
Text proposed by the Commission Amendment
1. Without prejudice to point (b) of 1. Without prejudice to points (a) and Article 6(1) and points (a) and (b) of (b) of Article 6(3), the provider of the Article 6(3), the provider of the electronic electronic communications service shall communications service shall erase erase electronic communications content electronic communications content or after receipt by the intended recipient or make that data anonymous after receipt of recipients. Such data may be recorded or electronic communication content by the stored by the end-users or by a party, intended recipient or recipients. Such data which could be the provider of the may be recorded or stored by the end-users electronic communication service, or by a third party entrusted by them to specifically entrusted by the subscriber to record, store or otherwise process such record, store or otherwise process such data, in accordance with Regulation (EU) data. The subscriber may further process 2016/679. the data in accordance with Regulation (EU) 2016/679, if applicable.
Or. en
Amendment 501 Axel Voss, Heinz K. Becker, Rachida Dati, Brice Hortefeux
Proposal for a regulation Article 7 – paragraph 1
Text proposed by the Commission Amendment
1. Without prejudice to point (b) of 1. Without prejudice to point (b) of Article 6(1) and points (a) and (b) of Article 6(1) and points (a) and (b) of Article 6(3), the provider of the electronic Article 6(3), the provider of the electronic communications service shall erase communications service shall erase electronic communications content or electronic communications content or make that data anonymous after receipt of make that data anonymous when it is no electronic communication content by the longer necessary for the operation of such intended recipient or recipients. Such data services. Such data may be recorded or may be recorded or stored by the end-users stored by the end-users or by a third party or by a third party entrusted by them to entrusted by them to record, store or record, store or otherwise process such otherwise process such data, in accordance data, in accordance with Regulation (EU) with Regulation (EU) 2016/679. 2016/679.
Or. en
Amendment 502 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 7 – paragraph 1
Text proposed by the Commission Amendment
1. Without prejudice to point (b) of 1. Without prejudice to Article 6(1a) Article 6(1) and points (a) and (b) of and points (a) and (b) of Article 6(3), the Article 6(3), the provider of the electronic provider of the electronic communications communications service shall erase service shall erase electronic electronic communications content or communications content or make that data make that data anonymous after receipt of anonymous after receipt of electronic electronic communication content by the communication content by the intended intended recipient or recipients. Such data recipient or recipients. Such data may be may be recorded or stored by the end-users recorded or stored by the end-users or by a or by a third party entrusted by them to third party entrusted by them to record, record, store or otherwise process such store or otherwise process such data, in data, in accordance with Regulation (EU) accordance with Regulation (EU) 2016/679. 2016/679.
Or. en
Amendment 503 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 7 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to point (b) of 2. Without prejudice to point (b) of Article 6(1) and points (a) and (c) of Article 6(1), the provider of the electronic Article 6(2), the provider of the electronic communications service shall erase communications service shall erase electronic communications metadata or electronic communications metadata or make that data anonymous when it is no make that data anonymous when it is no longer needed for the purpose of the longer needed for the operation of such transmission of a communication. services.
Or. en
Justification
Due to the deletion of Article 6(2), the reference here must likewise be deleted in order to maintain coherence.
Amendment 504 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 7 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to point (b) of 2. Without prejudice to Article 6(2), Article 6(1) and points (a) and (c) of the provider of the electronic Article 6(2), the provider of the electronic communications service shall erase communications service shall erase electronic communications metadata or electronic communications metadata or make that data anonymous when it is no make that data anonymous when it is no longer needed for the purpose of the longer needed for the purpose of the transmission of a communication. transmission of a communication.
Or. en
Amendment 505 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 7 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to point (b) of 2. Without prejudice to Article 6(1a) Article 6(1) and points (a) and (c) of and points (a), (c), (ca) and (cb) of Article Article 6(2), the provider of the electronic 6(2), the provider of the electronic communications service shall erase communications service shall erase electronic communications metadata or electronic communications metadata or make that data anonymous when it is no make that data anonymous when it is no longer needed for the purpose of the longer needed for the purpose of the transmission of a communication. transmission of a communication. Or. en
Amendment 506 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 7 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to point (b) of 2. Without prejudice to point (b) and Article 6(1) and points (a) and (c) of (c) of Article 6(1) and point (c) of Article Article 6(2), the provider of the electronic 6(2), the provider of the electronic communications service shall erase communications service shall erase electronic communications metadata or electronic communications metadata or make that data anonymous when it is no make that data anonymous when it is no longer needed for the purpose of the longer needed for the purpose of the transmission of a communication. transmission of a communication.
Or. en
Justification
Quality of Service requirements can only specifically be met while the communication takes place. For more abstract and long-term QoS measurement, anonymised data is good enough.
Amendment 507 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 7 – paragraph 3
Text proposed by the Commission Amendment
3. Where the processing of electronic deleted communications metadata takes place for the purpose of billing in accordance with point (b) of Article 6(2), the relevant metadata may be kept until the end of the period during which a bill may lawfully be challenged or a payment may be pursued in accordance with national law.
Or. en Justification
Due to the deletion of Article 6(2), the reference here must likewise be deleted in order to maintain coherence.
Amendment 508 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 7 – paragraph 3
Text proposed by the Commission Amendment
3. Where the processing of electronic 3. Where the processing of electronic communications metadata takes place for communications metadata takes place for the purpose of billing in accordance with the purpose of billing in accordance with point (b) of Article 6(2), the relevant point (b) of Article 6(2), only the metadata metadata may be kept until the end of the that is strictly necessary for this purpose period during which a bill may lawfully be may be kept at the request of the challenged or a payment may be pursued in subscriber until the end of the period accordance with national law. during which a bill may lawfully be challenged or a payment may be pursued in accordance with national law.
Or. en
Justification
Based on recommendation from WP29. This is current practice in Germany.
Amendment 509 Sophia in 't Veld
Proposal for a regulation Article 7 – paragraph 3
Text proposed by the Commission Amendment
3. Where the processing of electronic 3. Where the processing of electronic communications metadata takes place for communications metadata takes place for the purpose of billing in accordance with the purpose of billing in accordance with point (b) of Article 6(2), the relevant point (b) of Article 6(2), the strictly metadata may be kept until the end of the necessary metadata may be kept until the period during which a bill may lawfully be end of the period during which a bill may challenged or a payment may be pursued in lawfully be challenged or a payment may accordance with national law. be pursued in accordance with national law. Or. en
Amendment 510 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – title
Text proposed by the Commission Amendment
Protection of information stored in and Protection of information transmitted to, related to end-users’ terminal equipment stored in and collected from terminal equipment
Or. en
Amendment 511 Sophia in 't Veld
Proposal for a regulation Article 8 – title
Text proposed by the Commission Amendment
Protection of information stored in and Protection of information stored in, related to end-users’ terminal equipment processed by and related to end-users’ terminal equipment
Or. en
Amendment 512 Cornelia Ernst
Proposal for a regulation Article 8 – title
Text proposed by the Commission Amendment
Protection of information stored in and Protection of information stored in, related related to end-users’ terminal equipment to, and processed by users' terminal equipment
Or. en
Amendment 513 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 8 – title
Text proposed by the Commission Amendment
Protection of information stored in and Protection of information stored in, related related to end-users’ terminal equipment to and processed by users' terminal equipment
Or. en
Amendment 514 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – title
Text proposed by the Commission Amendment
Protection of information stored in and Protection of personal data stored in and related to end-users’ terminal equipment related to end-users’ terminal equipment
Or. en
Amendment 515 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 8 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. The use of processing and storage 1. The use of input, output, capabilities of terminal equipment and the processing and storage capabilities of collection of information from end-users’ terminal equipment and the processing of terminal equipment, including about its information from users' terminal software and hardware, other than by the equipment, or making information end-user concerned shall be prohibited, available through the terminal equipment, except on the following grounds: including information about and processed by its software and hardware, other than by the user concerned shall be prohibited, except on the following grounds: Or. en
Justification
Terminal equipment nowadays has multiple input and output channels, such as microphones, cameras, Bluetooth sensors etc. This clarification also prevents online services from listening etc. in the user’s physical environment without him or her being aware and having consented.
Amendment 516 Cornelia Ernst
Proposal for a regulation Article 8 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. The use of processing and storage 1. The use of input, output, capabilities of terminal equipment and the processing and storage capabilities of collection of information from end-users’ terminal equipment and the processing of terminal equipment, including about its information from users' terminal software and hardware, other than by the equipment, or making information end-user concerned shall be prohibited, available through the terminal equipment, except on the following grounds: including information about and processed by its software and hardware, other than by the user concerned shall be prohibited, except on the following grounds:
Or. en
Amendment 517 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 8 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. The use of processing and storage 1. The use of processing and storage capabilities of terminal equipment and the capabilities of terminal equipment and the collection of information from end-users’ collection of information from end-users’ terminal equipment, including about its terminal equipment, including about its software and hardware, other than by the software and hardware, and any other end-user concerned shall be prohibited, electronic communications data except on the following grounds: identifying end-users, other than by the end-user concerned shall be prohibited, except on the following grounds: Or. en
Amendment 518 Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
(1) Jede vom betreffenden Endnutzer (1) Jede vom betreffenden Endnutzer nicht selbst vorgenommene Nutzung der nicht selbst vorgenommene Nutzung der Verarbeitungs- und Speicherfunktionen Verarbeitungs- und Speicherfunktionen von Endeinrichtungen und jede Erhebung von Endeinrichtungen und jede Erhebung von Informationen aus Endeinrichtungen von Informationen aus Endeinrichtungen der Endnutzer, auch über deren Software der Endnutzer, auch über deren Software und Hardware, ist untersagt, außer sie und Hardware, ist zulässig, wenn einer erfolgt aus folgenden Gründen: der folgenden Gründe zutrifft:
Or. de
Amendment 519 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. The use of processing and storage 1. Without prejudice to paragraph 2 capabilities of terminal equipment and the of this Article, the storage or collection collection of information from end-users’ of personal data from consumers' terminal terminal equipment, including about its equipment, including about its software software and hardware, other than by the and hardware, other than by the consumer end-user concerned shall be prohibited, concerned shall be prohibited, except on except on the following grounds: the following grounds:
Or. en
Amendment 520 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
1. The use of processing and storage 1. The use of processing and storage capabilities of terminal equipment and the capabilities of terminal equipment and the collection of information from end-users’ collection of information from terminal terminal equipment, including about its equipment, including about its software software and hardware, other than by the and hardware, other than by the end-user end-user concerned shall be prohibited, concerned shall be prohibited, except on except on the following grounds: the following grounds:
Or. en
Amendment 521 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 8 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary for the sole purpose (a) it is strictly technically necessary of carrying out the transmission of an for the sole purpose of carrying out the electronic communication over an transmission of an electronic electronic communications network; or communication over an electronic communications service; or
Or. en
Amendment 522 Sophia in 't Veld
Proposal for a regulation Article 8 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) it is necessary for the sole purpose (a) it is strictly necessary for the sole of carrying out the transmission of an purpose of carrying out the transmission of electronic communication over an an electronic communication over an electronic communications network; or electronic communications network; or
Or. en
Amendment 523 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 8 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) the end-user has given his or her (b) the user has given his or her consent; or consent for a specific purpose, and the consent has not been a condition to access or use a service or use a terminal equipment, for the duration strictly technically necessary for that purpose; or
Or. en
Amendment 524 Cornelia Ernst
Proposal for a regulation Article 8 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) the end-user has given his or her (b) the user has given his or her consent; or consent for a specific purpose, and the consent has not been a condition to access or use a service or use a terminal equipment, for the duration strictly technically necessary for that purpose; or
Or. en
Amendment 525 Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point b
Text proposed by the Commission Amendment b) der Endnutzer hat seine b) der Endnutzer hat seine Einwilligung gegeben oder Einwilligung gegeben oder es liegt ein sonstiger Rechtmäßigkeitsgrund im Sinne des Artikels 6 der VO (EU) 2016/679 vor oder
Or. de
Amendment 526 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) the end-user has given his or her (b) the use of their terminal equipment consent; or for one or more specific purposes is in accordance with Art. 6 of Regulation (EU) 2016/679; or
Or. en
Amendment 527 Peter Kouroumbashev, Filiz Hyusmenova
Proposal for a regulation Article 8 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) for emergency services acting on calls to the European emergency phone number (112) or Amber Alert
Or. en
Amendment 528 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 8 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) the information is or is rendered pseudonymous or anonymous; or
Or. en
Amendment 529 Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment c) sie ist für die Bereitstellung eines c) sie ist für die Bereitstellung eines vom Endnutzer gewünschten Dienstes der vom Endnutzer gewünschten Dienstes der Informationsgesellschaft nötig oder Informationsgesellschaft nötig, insbesondere für die Sicherstellung der Integrität, des Zugangs oder die Gewährleistung der Sicherheit des Dienstes der Informationsgesellschaft, zur Verbesserung des Angebots oder für Maßnahmen zum Schutz vor unberechtigter Nutzung des Dienstes gemäß den Nutzungsbedingungen über die Zurverfügungstellung der Dienste an den Endnutzer oder
Or. de
Amendment 530 Pál Csáky
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) it is necessary for providing an (c) it is necessary for providing an information society service requested by information society service requested by the end-user; or the end-user which shall include inter alia maintaining, operating and managing the integrity, access or security of the information society service, enhancing user experience or measures for preventing unauthorized access to or use of the information society service according to the terms of use for making available the service to the end-user; or
Or. en
Amendment 531 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) it is necessary for providing an (c) it is necessary for providing an information society service requested by information society service requested by the end-user; or the end-user which shall include inter alia maintaining, operating and managing the integrity, access or security of the information society service, enhancing user experience or measures for preventing unauthorised access to or use of the information society service according to the terms of use for making available the service to the end-user; or
Or. en
Amendment 532 Miltiadis Kyrkos
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) it is necessary for providing an (c) it is necessary for providing an information society service requested by information society service requested by the end-user; or the end-user which shall include inter alia maintaining, operating and managing the integrity, access or security of the information society service, enhancing user experience or measures for preventing unauthorized access to or use information society service according to the terms of use for making available the service to the end-user; or
Or. en
Amendment 533 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Louis Michel, Pavel Telička
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) it is necessary for providing an (c) it is necessary for providing an information society service requested by information society service requested by the end-user; or the end-user especially in order to secure the integrity, security and access of the information society service, to enhance user experience or for measures to protect against unauthorised use or access to the information society services in agreement with the terms of use for making available the service to the end-user; or
Or. en
Amendment 534 Axel Voss
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) it is necessary for providing an (c) it is necessary for providing an information society service requested by information society service requested by the end-user; or the end-user, particularly in order to preserve the integrity or security of the information society service or access to it, to improve what is offered or for measures to protect against unauthorised use of the service in accordance with the terms and conditions of use relating to the provision of services to the end-user; or
Or. en
Amendment 535 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment (c) it is necessary for providing an (c) it is strictly technically necessary information society service requested by for providing an information society the end-user; or service specifically requested by the user, for the duration necessary for that provision of the service, provided that the provision of that specific service cannot be fulfilled without the processing of such information by the provider; or
Or. en
Amendment 536 Daniel Dalton, John Procter
Proposal for a regulation Article 8 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) it is necessary for providing an (c) it is necessary for providing an information society service requested by information society service requested by the end-user; or the end-user; particularly to preserve or restore the security of the information society service and of the users, or to detect technical faults; or
Or. en
Amendment 537 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point c a (new)
Text proposed by the Commission Amendment
(c a) it is necessary for protecting the confidentiality, integrity, availability, authenticity of the terminal equipment or of the electronic communications network or service, or for protecting the privacy, security or safety of the user; or
Or. en
Amendment 538 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point c b (new)
Text proposed by the Commission Amendment
(c b) it is necessary for scientific research purposes, provided that the controller plans appropriate technical and organisational measures to safeguard the rights and freedoms of the user and the processed personal data will be anonymised as soon as possible according to the research purpose.
Or. en
Amendment 539 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience deleted measuring, provided that such measurement is carried out by the provider of the information society service requested by the end-user.
Or. en
Justification
Audience measuring should be based on consent and therefore is covered by (b). This is also the approach in the existing e-Privacy Directive 2002/58/EC and should therefore be maintained, in order to not lower the level of protection. Point (c) continues to allow for function cookies, whereas tracking cookies should remain under opt-in.
Amendment 540 Cornelia Ernst
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience deleted measuring, provided that such measurement is carried out by the provider of the information society service requested by the end-user.
Or. en
Amendment 541 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is necessary to obtain measuring, provided that such information about technical quality or measurement is carried out by the effectiveness of an information society provider of the information society service service that has been delivered, to requested by the end-user. understand and optimize web usage or about terminal equipment functionality, and it has no or little impact on the privacy of the end-user concerned; or
Or. en
Amendment 542 Marju Lauristin
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is technically necessary for measuring, provided that such web audience measuring of the measurement is carried out by the provider information society service requested by of the information society service the user, provided that such measurement requested by the end-user. is carried out by the provider, or on behalf of the provider, or by an independent web analytics organization acting in the public interest or for statistical or scientific purpose; and further provided that no personal data is made accessible to any other party and that such web audience measurement does not adversely affect the fundamental rights of the user;
Or. en
Amendment 543 Daniel Dalton, John Procter
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is necessary for audience measuring, provided that such measuring, provided that such measurement is carried out by the provider measurement is carried out by, or on of the information society service behalf of, the provider of the information requested by the end-user. society service requested by the end-user, including measurement of indicators for the use of information society services in order to calculate a payment due; or
Or. en
Amendment 544 Pál Csáky
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is necessary for audience measuring, provided that such measurement for an information society measurement is carried out by the provider service requested by the end-user, of the information society service including where such measurement takes requested by the end-user. place for the purposes of calculating royalties for collective rights management or other remuneration or payment systems, or
Or. en
Amendment 545 Miltiadis Kyrkos
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is necessary for audience measuring, provided that such measurement, for an information society measurement is carried out by the provider service requested by the end-user, of the information society service including where such measurement takes requested by the end-user. place for the purposes of calculating royalties for collective rights management or other remuneration or payment systems.
Or. en
Amendment 546 Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment d) sie ist für die Messung des d) sie ist für die Reichweitenmessung Webpublikums nötig, sofern der Betreiber des vom Endnutzer gewünschten Dienstes des vom Endnutzer gewünschten Dienstes der Informationsgesellschaft nötig, der Informationsgesellschaft diese einschließlich der Messungen, um Messung durchführt. Lizenzgebühren für eine kollektive Rechtewahrnehmung oder andere Vergütungs- oder Bezahlsysteme zu berechnen, oder
Or. de
Amendment 547 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment (d) if it is necessary for web audience (d) if it is necessary for audience measuring, provided that such measuring authorized by the provider of measurement is carried out by the the information society service requested provider of the information society service by the end-user, including measurement requested by the end-user. for the purposes of calculating remuneration or a payment due.
Or. en
Amendment 548 Axel Voss
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is necessary in order to measuring, provided that such measure the reach of an information measurement is carried out by the society service desired by the end-user, provider of the information society service including measurement of indicators for requested by the end-user. the use of information society services in order to calculate a payment due.
Or. en
Amendment 549 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) it is necessary for web audience measuring, provided that such measuring, provided that such measurement is carried out by the provider measurement is carried out by the provider of the information society service of the information society service requested by the end-user. requested by the end-user or another party acting on their behalf;.
Or. en
Amendment 550 Sophia in 't Veld
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is necessary for web audience measuring, provided that such measuring, provided that such measurement is carried out by the provider measurement is controlled by the provider of the information society service of the information society service requested by the end-user. requested by the end-user.
Or. en
Amendment 551 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Article 8 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) if it is necessary for web audience (d) if it is necessary for audience measuring, provided that such measurement, including measurement measurement is carried out by the provider with the purposes of determining of the information society service collective rights, remuneration or other requested by the end-user. payment systems or
Or. en
Justification
Securing the possibility for the providors of the information society service to maintain management of collective rights.
Amendment 552 Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
d a) es wird in hervorgehobener Weise ein deutlicher Hinweis angezeigt, der zumindest Auskunft gibt über die Modalitäten der Erhebung, ihren Zweck, die dafür verantwortliche Person und die anderen nach Artikel 13 der VO (EU) 2016/679 verlangten Informationen, soweit personenbezogene Daten erfasst werden, sowie darüber, was der Endnutzer der Endeinrichtung tun kann, um die Erhebung zu beenden oder auf ein Minimum zu beschränken. Voraussetzung für die Erhebung solcher Informationen ist die Anwendung geeigneter technischer und organisatorischer Maßnahmen, die die Erhebung und Verarbeitung auf die hierfür notwendigen Zwecke beschränken und ein dem Risiko angemessenes Schutzniveau nach Artikel 32 der VO (EU) 2016/679 gewährleisten, zum Bespiel durch Pseudonymisierung erhobener Informationen gemäß Artikel 4 Nummer 5 der VO (EU) 2016/679.
Or. de
Amendment 553 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) it is strictly technically necessary for a security update, provided that: (i) such updates are discreetly packaged and do not in any way change the functionality of the hardware or software or the privacy settings chosen by the user; (ii) the user is informed in advance each time such an update is being installed; and (iii) the user has the possibility to postpone or turn off the automatic installation of such updates;
Or. en
Amendment 554 Sophia in 't Veld
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) if it is necessary for a security update, provided that: (i) security updates are strictly necessary and do not in any way change the privacy settings chosen by the user; (ii) the user is informed in advance each time an update is being installed; and (iii) the user has the possibility to turn off the automatic installation of these updates;
Or. en
Amendment 555 Monica Macovei, Marian-Jean Marinescu, Barbara Spinelli
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) The end-user shall not be denied access to an information society service or electronic communications service (whether these services are remunerated or not) on grounds that the end-user does not provide consent under point (b) of Article 8(1) or point (b) of Article 8(2) for processing any data that is not strictly necessary for the provision of that service.
Or. en
Amendment 556 Anna Maria Corazza Bildt, Carlos Coelho, Damiano Zoffoli, Barbara Matera, Merja Kyllönen, Hilde Vautmans, Caterina Chinnici
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) Terminal equipment that is intended particularly for children’s use shall implement specific measures to prevent access to the equipment’s storage and processing capabilities for the purpose of profiling of its users or tracking their behaviour with commercial intent.
Or. en
Justification
Introducing specific limitations to protect children against profiling and online tracking
Amendment 557 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) it is necessary to protect privacy, security or safety of the end-user, or to protect confidentiality, integrity, availability, authenticity of the terminal equipment; or
Or. en
Amendment 558 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) it is necessary for scientific and statistical research purposes authorized by the provider of the information society service requested by the end-user; or
Or. en
Amendment 559 Daniel Dalton, John Procter
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) it occurs for the purpose of recording, for the undertaking as a whole, anonymous indicators concerning the use of information society services; or
Or. en
Amendment 560 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) it occurs for the purpose of recording, for the undertaking as a whole, anonymous indicators concerning the use of information society services; or
Or. en
Amendment 561 Pál Csáky
Proposal for a regulation Article 8 – paragraph 1 – point d a (new)
Text proposed by the Commission Amendment
(d a) under the conditions as set out in point (b) of paragraph 2 and paragraph 3. Or. en
Amendment 562 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 8 – paragraph 1 – point d b (new)
Text proposed by the Commission Amendment
(d b) in the context of employment relationships, it is strictly technically necessary for the execution of an employee's task, where: (i) the employer provides and/or is the subscriber of the terminal equipment; (ii) the employee is the user of the terminal equipment; and (iii) it is not further used for monitoring the employee.
Or. en
Amendment 563 Monica Macovei, Marian-Jean Marinescu, Barbara Spinelli
Proposal for a regulation Article 8 – paragraph 1 – point d b (new)
Text proposed by the Commission Amendment
(d b) The end-user shall not be denied any functionality of the terminal equipment on grounds that the end-user does not provide consent as set out in point (b) of Article 8(1) or point (b) of Article 8(2) for processing any data that is not strictly necessary for the functionality requested by the end-user.
Or. en
Amendment 564 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 8 – paragraph 1 – point d b (new)
Text proposed by the Commission Amendment
(d b) it is necessary for quality of service purposes, including network management and to meet mandatory quality of service requirements pursuant to [Directive establishing the European Electronic Communications Code] or Regulation (EU) 2015/21/2011 for the duration necessary for that purpose; or
Or. en
Amendment 565 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 8 – paragraph 1 – point d b (new)
Text proposed by the Commission Amendment
(d b) the processing of these data and information for another specified purpose is compatible with the purpose for which the data were initially collected and is subject to specific safeguards, especially pseudonymisation, as set forth in Article 6(4) of Regulation (EU) 2016/679; or
Or. en
Amendment 566 Daniel Dalton, John Procter
Proposal for a regulation Article 8 – paragraph 1 – point d b (new)
Text proposed by the Commission Amendment
(d b) in order to mark terminal equipment for advertising purposes, on condition that the person responsible has clearly informed the end-user of this at the beginning of the data processing and has provided an opportunity for objection that is easy to exercise.; or
Or. en
Amendment 567 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point d b (new)
Text proposed by the Commission Amendment
(d b) in order to mark terminal equipment for advertising purposes, on condition that the person responsible has clearly informed the end-user of this at the beginning of the data processing and has provided an opportunity for objection that is easy to exercise; or
Or. en
Amendment 568 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 8 – paragraph 1 – point d c (new)
Text proposed by the Commission Amendment
(d c) it is necessary, in accordance with Article 6(1)(f) of Regulation (EU) 2016/679 for the purposes of the legitimate interests pursued by the service provider or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Or. en
Amendment 569 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 8 – paragraph 1 – point d c (new)
Text proposed by the Commission Amendment
(d c) it is necessary for the purpose of the legitimate interests of the provider of the terminal equipment and its operating software, an electronic communications service or an information society service, except where such interests are overridden by the interests of fundamental rights and freedoms of the end-user.; or
Or. en
Amendment 570 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 1 – point d c (new)
Text proposed by the Commission Amendment
(d c) it occurs for purposes of the settlement of payments under contracts concerning the sale of products or services, provided that the contract pertaining thereto has been concluded on- line.
Or. en
Amendment 571 Daniel Dalton, John Procter
Proposal for a regulation Article 8 – paragraph 1 – point d c (new)
Text proposed by the Commission Amendment (d c) it is necessary to protect against unauthorised use of a service; or
Or. en
Amendment 572 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 8 – paragraph 1 – point d d (new)
Text proposed by the Commission Amendment
(d d) it is necessary to maintain or restore the security of electronic communications networks and services and their users, or detect technical faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose.
Or. en
Amendment 573 Daniel Dalton, John Procter
Proposal for a regulation Article 8 – paragraph 1 – point d d (new)
Text proposed by the Commission Amendment
(d d) it is necessary to meet mandatory quality of service requirements pursuant to [Directive establishing the European Electronic Communications Code].; or
Or. en
Amendment 574 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 8 – paragraph 1 – point d e (new)
Text proposed by the Commission Amendment
(d e) it is necessary for compliance with a legal obligation.
Or. en
Amendment 575 Sophia in 't Veld
Proposal for a regulation Article 8 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. No one shall be denied access to any information society services or to the functionality of interconnected equipment, regardless of the service concerned being remunerated or not: - on grounds that he or she has not given his or her consent under Article 8(1)(b) to the processing of personal data that is not necessary for the provision of those services; and/ or, - on grounds that he or she has installed software or applications to protect their information and terminal equipment. Processing of data for purposes of providing targeted advertisements cannot be considered as necessary for the performance of a service.
Or. en
Amendment 576 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 8 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. Wherever a clearly formulated declaration of consent is presented before use of a service or access to online content, and if absence of consent for processing prevents a provider from collecting remuneration through their usual means, the provider shall not be obliged to provide the full access to the service or content.
Or. en
Amendment 577 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. it is necessary for quality of service purposes, including network management and to meet mandatory quality of service requirements pursuant to [Directive establishing the European Electronic Communications Code] or Regulation (EU) 2015/212011 for the duration necessary for that purpose; or
Or. en
Amendment 578 Peter Kouroumbashev, Cătălin Sorin Ivan
Proposal for a regulation Article 8 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. It is necessary to safeguard the security and privacy of the end-user, as well as to guarantee the incorruptibility, accessibility, confidentiality, and authenticity of terminal equipment or the electronic communication network or services.
Or. en
Amendment 579 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Elissavet Vozemberg- Vrionidi
Proposal for a regulation Article 8 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. For the purpose of points (ba), (db) and (dc) of paragraph 1, data protection impact assessment shall be carried out as prescribed in Article 35 of Regulation (EU) 2016/679
Or. en
Amendment 580 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – paragraph 1 b (new)
Text proposed by the Commission Amendment
1 b. a clear and prominent notice is displayed to the public informing of, at least, the modalities of the collection, its purpose, the person responsible for it and the other information required under Article 13 of Regulation 2016/679/EU where personal data are collected, as well as any measure the end-user of the terminal equipment can take to stop or minimize the collection. The collection of such information shall be conditional on the application of appropriate technical and organization measures to ensure that the collection and processing of information is limited to what is necessary in relation to the purposes of processing and to ensure a level of security appropriate to the risks, as set out in Article 32 of Regulation 2016/679/EU, have been applied, which may inter alia include pseudonymisation of the information collected as set out in Art. 4 (5) of Regulation (EU) 2016/679. Or. en
Amendment 581 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Elissavet Vozemberg- Vrionidi
Proposal for a regulation Article 8 – paragraph 1 b (new)
Text proposed by the Commission Amendment
1 b. For the purpose of points (db) and (dc) of paragraph 1, in order to demonstrate the compliance with the Regulation, the adherence to the data protection certification mechanisms and of data protection seals and marks, as defined in Article 42 of Regulation (EU) 2016/679, especially on the Union level, shall be encouraged by the Member States, the supervisory authorities, the Board and the Commission.
Or. en
Amendment 582 Anna Maria Corazza Bildt
Proposal for a regulation Article 8 – paragraph 1 c (new)
Text proposed by the Commission Amendment
1 c. it is necessary to maintain or restore the security of electronic communications networks and services and their users, or detect technical faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose; or
Or. en
Amendment 583 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 8 – paragraph 2
Text proposed by the Commission Amendment
2. The collection of information deleted emitted by terminal equipment to enable it to connect to another device and, or to network equipment shall be prohibited, except if: (a) it is done exclusively in order to, for the time necessary for, and for the purpose of establishing a connection; or (b) a clear and prominent notice is displayed informing of, at least, the modalities of the collection, its purpose, the person responsible for it and the other information required under Article 13 of Regulation (EU) 2016/679 where personal data are collected, as well as any measure the end-user of the terminal equipment can take to stop or minimise the collection. The collection of such information shall be conditional on the application of appropriate technical and organisational measures to ensure a level of security appropriate to the risks, as set out in Article 32 of Regulation (EU) 2016/679, have been applied.
Or. en
Justification
See related amendment to Article 4: Since these data emissions are included in the definition of “metadata”, Article 8(2) can be deleted, as it is now covered by Article 6(2).
Amendment 584 Cornelia Ernst
Proposal for a regulation Article 8 – paragraph 2
Text proposed by the Commission Amendment 2. The collection of information deleted emitted by terminal equipment to enable it to connect to another device and, or to network equipment shall be prohibited, except if: (a) it is done exclusively in order to, for the time necessary for, and for the purpose of establishing a connection; or (b) a clear and prominent notice is displayed informing of, at least, the modalities of the collection, its purpose, the person responsible for it and the other information required under Article 13 of Regulation (EU) 2016/679 where personal data are collected, as well as any measure the end-user of the terminal equipment can take to stop or minimise the collection. The collection of such information shall be conditional on the application of appropriate technical and organisational measures to ensure a level of security appropriate to the risks, as set out in Article 32 of Regulation (EU) 2016/679, have been applied.
Or. en
Amendment 585 Monica Macovei
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point a
Text proposed by the Commission Amendment
(a) it is done exclusively in order to, (a) it is done exclusively in order to, for the time necessary for, and for the for the time necessary for, and for the purpose of establishing a connection; or purpose of establishing a connection; which all end-users have authorized; or
Or. en
Amendment 586 Michał Boni, Frank Engel, Tomáš Zdechovský, Viviane Reding, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point a a (new)
Text proposed by the Commission Amendment
(a a) the end-user has given his or her consent; or
Or. en
Amendment 587 Daniel Dalton, John Procter
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point a a (new)
Text proposed by the Commission Amendment
(a a) the end-user has given their consent; or
Or. en
Amendment 588 Monica Macovei
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point b
Text proposed by the Commission Amendment
(b) a clear and prominent notice is (b) all relevant information about the displayed informing of, at least, the intended processing is provided in clear modalities of the collection, its purpose, and easily understandable language, the person responsible for it and the other provided separately from the terms and information required under Article 13 of conditions of the provider, and if the end- Regulation (EU) 2016/679 where personal user concerned has given his or her data are collected, as well as any measure consent to the processing of the data for the end-user of the terminal equipment one or more specified purposes, including can take to stop or minimise the for the provision of specific services, collection. provided that the purpose or purposes concerned could not be fulfilled by processing information that is made anonymous; the collection of such information shall be conditional on the application of appropriate technical and organisational measures to ensure a level of security appropriate to the risks, as set out in Article 32 of Regulation (EU) 2016/679 and supplemented with a mandatory data protection impact assessment, have been applied.
Or. en
Amendment 589 Michał Boni, Frank Engel, Tomáš Zdechovský, Viviane Reding, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point b
Text proposed by the Commission Amendment
(b) a clear and prominent notice is (b) the information collected is or is displayed informing of, at least, the rendered pseudonymous or anonymous modalities of the collection, its purpose, and the data protection impact assessment the person responsible for it and the other and, if necessary, a prior consultation information required under Article 13 of with the supervisory authority were Regulation (EU) 2016/679 where personal carried out, as prescribed respectively in data are collected, as well as any measure Article 35 and 36 of Regulation (EU) the end-user of the terminal equipment can 2016/679, and a clear and prominent notice take to stop or minimise the collection. is displayed informing of, at least, the modalities of the collection, its purpose, the person responsible for it and the other information required under Article 13 of Regulation (EU) 2016/679 where personal data are collected, as well as any measure the end-user of the terminal equipment can take to stop or minimise the collection.
Or. en
Amendment 590 Sophia in 't Veld
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point b
Text proposed by the Commission Amendment (b) a clear and prominent notice is (b) the user has been informed displayed informing of, at least, the according to Article 13 of Regulation (EU) modalities of the collection, its purpose, 2016/679 and has given consent to the the person responsible for it and the other collection for a specific purpose. information required under Article 13 of Regulation (EU) 2016/679 where personal data are collected, as well as any measure the end-user of the terminal equipment can take to stop or minimise the collection.
Or. en
Amendment 591 Sophia in 't Veld
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) (a) the purpose of the data collection from the terminal equipment is restricted to mere statistical counting; and (b) the tracking is limited in time and space to the extent strictly necessary for this purpose; and (c) the data will be be deleted or anonymised immediately after the purpose is fulfilled; and (d) the users are informed and given effective opt-out possibilities.
Or. en
Amendment 592 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) it is necessary for protecting the confidentiality, integrity, availability, authenticity of the terminal equipment or of the electronic communications network or service, or for protecting the privacy, security or safety of the user.
Or. en
Amendment 593 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 2
Text proposed by the Commission Amendment
The collection of such information shall be The collection of such information shall be conditional on the application of conditional on the application of appropriate technical and organisational appropriate technical and organisational measures to ensure a level of security measures to ensure that the collection and appropriate to the risks, as set out in Article processing of information is limited to the 32 of Regulation (EU) 2016/679, have purposes of processing as required been applied. therefor and to ensure a level of security appropriate to the risks, as set out in Article 32 of Regulation (EU) 2016/679. Those measures may include pseudonymisation of the information collected as set out in Article 4 (5) of Regulation (EU) 2016/679.
Or. en
Amendment 594 Axel Voss
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 2
Text proposed by the Commission Amendment
The collection of such information shall be The collection of such information shall be conditional on the application of conditional on the application of appropriate technical and organisational appropriate technical and organisational measures to ensure a level of security measures to limit the collection and appropriate to the risks, as set out in Article processing of information to the purposes 32 of Regulation (EU) 2016/679, have required therefor and ensure a level of been applied. security appropriate to the risks, as set out in Article 32 of Regulation (EU) 2016/679, have been applied, for example by means of pseudonymisation of information collected pursuant to Article 4(5) of Regulation (EU) No 2016/679.
Or. en
Amendment 595 Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 2
Text proposed by the Commission Amendment
Voraussetzung für die Erhebung solcher Voraussetzung für die Erhebung solcher Informationen ist die Anwendung Informationen ist die Anwendung geeigneter technischer und geeigneter technischer und organisatorischer Maßnahmen, die ein dem organisatorischer Maßnahmen, die die Risiko angemessenes Schutzniveau nach Erhebung und Verarbeitung auf die Artikel 32 der Verordnung (EU) 2016/679 hierfür notwendigen Zwecke beschränken gewährleisten. und die ein dem Risiko angemessenes Schutzniveau nach Artikel 32 der Verordnung (EU)2016/679 gewährleisten, zum Bespiel durch Pseudonymisierung erhobener Informationen gemäß Artikel 4 Nummer 5 der Verordnung (EU) 2016/679.
Or. de
Amendment 596 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 8 – paragraph 2 – subparagraph 2
Text proposed by the Commission Amendment
The collection of such information shall be The collection of such information shall be conditional on the application of conditional on the application of appropriate technical and organisational appropriate technical and organisational measures to ensure a level of security measures to ensure a level of security appropriate to the risks, as set out in Article appropriate to the risks, as set out in Article 32 of Regulation (EU) 2016/679, have 32 of Regulation (EU) 2016/679, have been applied. been applied, for example by means of pseudonymisation of information collected pursuant to Article 4 (5) of Regulation (EU) No 2016/679. Or. en
Amendment 597 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
3. The information to be provided deleted pursuant to point (b) of paragraph 2 may be provided in combination with standardized icons in order to give a meaningful overview of the collection in an easily visible, intelligible and clearly legible manner.
Or. en
Justification
No matter if paragraph 2 stays in or not, the standardised icons are already provided for in the GDPR Article 12 (7) and (8). We should avoid confusion about the general applicability of the GDPR except where ePrivacy has its justified lex specialis provisions.
Amendment 598 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
3. The information to be provided deleted pursuant to point (b) of paragraph 2 may be provided in combination with standardized icons in order to give a meaningful overview of the collection in an easily visible, intelligible and clearly legible manner.
Or. en
Amendment 599 Cornelia Ernst
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
3. The information to be provided deleted pursuant to point (b) of paragraph 2 may be provided in combination with standardized icons in order to give a meaningful overview of the collection in an easily visible, intelligible and clearly legible manner.
Or. en
Amendment 600 Sophia in 't Veld
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
3. The information to be provided 3. The information to be provided pursuant to point (b) of paragraph 2 may be pursuant to point (b a) of paragraph 2 may provided in combination with standardized be provided in combination with icons in order to give a meaningful standardized icons in order to give a overview of the collection in an easily meaningful overview of the collection for visible, intelligible and clearly legible statistical counting in an easily visible, manner. intelligible and clearly legible manner.
Or. en
Amendment 601 Pál Csáky
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
3. The information to be provided 3. The information to be provided pursuant to point (b) of paragraph 2 may be pursuant to point (e) of paragraph 1 and provided in combination with standardized point (b) of paragraph 2 may be provided icons in order to give a meaningful in combination with standardized icons in overview of the collection in an easily order to give a meaningful overview of the visible, intelligible and clearly legible collection in an easily visible, intelligible manner. and clearly legible manner.
Or. en
Amendment 602 Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
(3) Die nach Absatz 2 Buchstabe b zu (3) Die nach Absatz 1 Buchstabe e gebenden Informationen können in und Absatz 2 Buchstabe b zu gebenden Kombination mit standardisierten Informationen können in Kombination mit Bildsymbolen bereitgestellt werden, um in standardisierten Bildsymbolen leicht wahrnehmbarer, verständlicher und bereitgestellt werden, um in leicht klar nachvollziehbarer Form einen wahrnehmbarer, verständlicher und klar aussagekräftigen Überblick über die nachvollziehbarer Form einen Erhebung zu vermitteln. aussagekräftigen Überblick über die Erhebung zu vermitteln.
Or. de
Amendment 603 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
3. The information to be provided 3. The information to be provided pursuant to point (b) of paragraph 2 may be pursuant to point (b) of paragraph 2 may be provided in combination with standardized provided in combination with standardized icons in order to give a meaningful icons in order to give a meaningful overview of the collection in an easily overview of the collection in an easily visible, intelligible and clearly legible visible, intelligible and clearly legible manner. manner. Such information may be provided by means of a transparency certification and labelling scheme for terminal equipment, indicating the equipment's quality, security and assurance properties.
Or. en
Amendment 604 Peter Kouroumbashev, Maria Grapini
Proposal for a regulation Article 8 – paragraph 3
Text proposed by the Commission Amendment
3. The information to be provided 3. The information to be provided pursuant to point (b) of paragraph 2 may be pursuant to point (b) of paragraph 2 may be provided in combination with standardized provided in combination with standardized icons in order to give a meaningful icons in order to give a meaningful overview of the collection in an easily overview of the collection in an easily visible, intelligible and clearly legible visible, intelligible and clearly legible manner. manner; in order to provide this information a labelling scheme can be used for software and terminal equipment specifying the security and quality characteristics.
Or. en
Amendment 605 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 8 – paragraph 4
Text proposed by the Commission Amendment
4. The Commission shall be deleted empowered to adopt delegated acts in accordance with Article 27 determining the information to be presented by the standardized icon and the procedures for providing standardized icons.
Or. en
Justification
No matter if paragraph 2 stays in or not, the standardised icons are already provided for in the GDPR Article 12 (7) and (8). We should avoid confusion about the general applicability of the GDPR except where ePrivacy has its justified lex specialis provisions.
Amendment 606 Cornelia Ernst
Proposal for a regulation Article 8 – paragraph 4
Text proposed by the Commission Amendment
4. The Commission shall be deleted empowered to adopt delegated acts in accordance with Article 27 determining the information to be presented by the standardized icon and the procedures for providing standardized icons.
Or. en
Amendment 607 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 8 – paragraph 4
Text proposed by the Commission Amendment
4. The Commission shall be deleted empowered to adopt delegated acts in accordance with Article 27 determining the information to be presented by the standardized icon and the procedures for providing standardized icons.
Or. en
Amendment 608 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 8 – paragraph 4
Text proposed by the Commission Amendment
4. The Commission shall be 4. The Commission shall be empowered to adopt delegated acts in empowered to adopt delegated acts in accordance with Article 27 determining the accordance with Article 25 determining the information to be presented by the information to be presented by the standardized icon and the procedures for standardized icon and the procedures for providing standardized icons, as well as providing standardized icons. establishing the transparency certification and labelling scheme referred to in paragraph 3.
Or. en
Amendment 609 Miltiadis Kyrkos
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
1. The definition of and conditions for 1. The definition of and conditions for consent provided for under Articles 4(11) consent provided for under Articles 4(11) and 7 of Regulation (EU) 2016/679/EU and 7 of Regulation (EU) 2016/679/EU shall apply. shall apply. The application of Art. 7(4) of Regulation (EU) 2016/679/EU must not oblige providers of information society services to offer a service without data processing which the service provider means to provide together with the service like e.g. data processing for the purpose of advertising.
Or. en
Amendment 610 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
1. The definition of and conditions for 1. The definition of and conditions for consent provided for under Articles 4(11) consent provided for in Regulation (EU) and 7 of Regulation (EU) 2016/679/EU 2016/679/EU, including, inter alia, in its shall apply. Articles 4(11), 7 and 8, shall apply.
Or. en
Amendment 611 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
1. The definition of and conditions for 1. The definition of and conditions for consent provided for under Articles 4(11) consent provided for under Articles 4(11) and 7 of Regulation (EU) 2016/679/EU and Article 7 (1), (2), and (3) of shall apply. Regulation (EU) 2016/679/EU shall apply.
Or. en
Justification
Legal basis for opt-in by the end-user based on informed browsing
Amendment 612 Heinz K. Becker
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
(1) Für die Einwilligung gelten die (1) Für die Einwilligung gelten die Begriffsbestimmung und die Begriffsbestimmungen und die Voraussetzungen, die in Artikel 4 Nummer Voraussetzungen, die in Artikel 4 Nummer 11 und Artikel 7 der Verordnung (EU) 11 und Artikel 7 (1), (2) und (3) der VO 2016/679 festgelegt sind. (EU) 2016/679 festgelegt sind.
Or. de
Amendment 613 Daniel Dalton, John Procter
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
1. The definition of and conditions for 1. The definition of and conditions for consent provided for under Articles 4(11) consent provided for under Articles 4(11) and 7 of Regulation (EU) 2016/679/EU and 7 (1), (2), and (3) of Regulation (EU) shall apply. 2016/679/EU shall apply. Or. en
Amendment 614 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
1. The definition of and conditions for 1. The definition of and conditions for consent provided for under Articles 4(11) consent provided for under Articles 4(11) and 7 of Regulation (EU) 2016/679/EU and 7 (1), (2) and (3)of Regulation (EU) shall apply. 2016/679/EU shall apply.
Or. en
Justification
The reference here to the conditions for consent laid down by Article 7 of Regulation (EU) No 2016/679/EU must at all events be limited to Article 7(1) to (3). The non-applicability of Article 7(4) of Regulation (EU) No 2016/679 to consent pursuant to Article 9 of the proposal for a regulation is necessary because, unlike in Regulation (EU) No 2016/679, data processing based on the general clause concerning justified interests is not provided for in this proposal.
Amendment 615 Cornelia Ernst
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
1. The definition of and conditions for 1. The definition of and conditions for consent provided for under Articles 4(11) consent provided for under Articles 4(11), and 7 of Regulation (EU) 2016/679/EU 7 and 8 of Regulation (EU) 2016/679/EU shall apply. shall apply.
Or. en
Amendment 616 Pál Csáky
Proposal for a regulation Article 9 – paragraph 1
Text proposed by the Commission Amendment
1. The definition of and conditions for 1. The definition of and conditions for consent provided for under Articles 4(11) consent provided for under Articles 4(11) and 7 of Regulation (EU) 2016/679/EU of Regulation (EU) 2016/679/EU shall shall apply. apply.
Or. en
Amendment 617 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, deleted where technically possible and feasible, for the purposes of point (b) of Article 8(1), consent may be expressed by using the appropriate technical settings of a software application enabling access to the internet.
Or. en
Amendment 618 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, deleted where technically possible and feasible, for the purposes of point (b) of Article 8(1), consent may be expressed by using the appropriate technical settings of a software application enabling access to the internet.
Or. en
Amendment 619 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, deleted where technically possible and feasible, for the purposes of point (b) of Article 8(1), consent may be expressed by using the appropriate technical settings of a software application enabling access to the internet.
Or. en
Justification
Articles 4(11) and 7 of Regulation (EU) No 2016/679 define the conditions for consent and are perfectly sufficient here. The proposal goes beyond these definitions and thus creates a dual regime for consent and renders the situation less clear. Article 9(2) should therefore be deleted.
Amendment 620 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, 2. Without prejudice to paragraph 1, where technically possible and feasible, for where technically feasible, for the purposes the purposes of point (b) of Article 8(1), of point (b) of Article 8(1), consent may be consent may be expressed by using the expressed and withdrawn by using the appropriate technical settings of a software appropriate technical specifications for application enabling access to the electronic communications services or internet. information society services which allow for specific consent for specific purposes and with regard to specific service providers actively selected by the user in each case, pursuant to paragraph 1. When such technical specifications are used by the user's terminal equipment or the software running on it, they may signal the user's preferences based on previous active selections by him or her. These signals shall be binding on, and enforceable against, any other party.
Or. en
Justification
The GDPR carefully avoids automated consent in Recital 32, as it cannot be informed, specific and active. Recital 32 GDPR only refers to individual information society services. Therefore, consent should be given actively by the user in each case, and the software should only remember this for later visits.
Amendment 621 Cornelia Ernst
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, 2. Without prejudice to paragraph 1, where technically possible and feasible, for where technically feasible, for the purposes the purposes of point (b) of Article 8(1), of point (b) of Article 8(1), consent may be consent may be expressed by using the expressed and withdrawn by using the appropriate technical settings of a software appropriate technical specifications for application enabling access to the electronic communications services or internet. information society services which allow for specific consent for specific purposes and with regard to specific service providers selected by the user. When such technical specifications are used by the user's terminal equipment or the software running on it, they shall be binding on, and enforceable against, any other party.
Or. en
Amendment 622 Monica Macovei
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, 2. End-users who have consented to where technically possible and feasible, the processing of electronic for the purposes of point (b) of Article communications data as set out in point 8(1), consent may be expressed by using (c) of Article 6(2) points (a) and (b) of the appropriate technical settings of a Article 6(3), point (b) of Article 8(1) and software application enabling access to point (b) of Article 8(2) shall be given the the internet. possibility to withdraw their consent at any time as set forth under Article 7(3) of Regulation (EU) 2016/679 and be reminded of this possibility at periodic intervals of 6 months, as long as the processing continues.
Or. en
Amendment 623 Miltiadis Kyrkos
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, 2. Where technically possible and where technically possible and feasible, for feasible, in particular for the purposes of the purposes of point (b) of Article 8(1), point (b) of Article 8(1), consent may be consent may be expressed by using the expressed by using the appropriate appropriate technical settings of a software technical settings of a software application application enabling access to the internet. enabling access to the internet, or by continuing the use of an information society service, having been provided with clear and comprehensive information that this action by the end-user signifies consent
Or. en
Amendment 624 Pál Csáky
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, 2. Where technically possible and where technically possible and feasible, for feasible, in particular for the purposes of the purposes of point (b) of Article 8(1), point (b) of Article 8(1), consent may be consent may be expressed by using the expressed by using the appropriate appropriate technical settings of a software technical settings of a software application application enabling access to the internet. enabling access to the internet or by continuing the use of an information society service, having been provided with clear and comprehensive information that this action by the end-user signifies consent.
Or. en
Amendment 625 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Article 9 – paragraph 2
Text proposed by the Commission Amendment
2. Without prejudice to paragraph 1, 2. Where technically possible and where technically possible and feasible, for feasible for the purposes of point (b) of the purposes of point (b) of Article 8(1), Article 8(1) consent may be expressed by consent may be expressed by using the using the appropriate technical setting of appropriate technical settings of a software software application enabling access to the application enabling access to the internet. internet or by the continued use of the information society service after having been provided with accessible and comprehensive information about this action of the end-user.
Or. en
Justification
The user's continued use of the services provided to them, based on accessible information, should be regarded as consent.
Amendment 626 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 9 – paragraph 3
Text proposed by the Commission Amendment
3. End-users who have consented to deleted the processing of electronic communications data as set out in point (c) of Article 6(2) and points (a) and (b) of Article 6(3) shall be given the possibility to withdraw their consent at any time as set forth under Article 7(3) of Regulation (EU) 2016/679 and be reminded of this possibility at periodic intervals of 6 months, as long as the processing continues.
Or. en
Justification
Articles 4(11) and 7 of Regulation (EU) 2016/679 define the conditions for consent and are perfectly sufficient here. The proposal goes beyond these definitions and thus creates a dual regime for consent and renders the situation less clear. Article 9(3) should therefore be deleted.
Amendment 627 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 9 – paragraph 3
Text proposed by the Commission Amendment
3. End-users who have consented to 3. In order to lower the burden on the processing of electronic end-users, requests for consent as well as communications data as set out in point consent withdrawals shall where possible (c) of Article 6(2) and points (a) and (b) of conform to technical standards applicable Article 6(3) shall be given the possibility to to such request or withdrawals and be withdraw their consent at any time as set machine-readable, in order to allow for forth under Article 7(3) of Regulation end-users to benefit from privacy (EU) 2016/679 and be reminded of this enhancing technologies. possibility at periodic intervals of 6 months, as long as the processing continues.
Or. en
Amendment 628 Sophia in 't Veld
Proposal for a regulation Article 9 – paragraph 3
Text proposed by the Commission Amendment
3. End-users who have consented to 3. End-users who have consented to the processing of electronic the processing of electronic communications data as set out in point (c) communications data as set out in point (c) of Article 6(2) and points (a) and (b) of of Article 6(2) and points (a) and (b) of Article 6(3) shall be given the possibility to Article 6(3) shall be given the possibility to withdraw their consent at any time as set withdraw their consent at any time as set forth under Article 7(3) of Regulation (EU) forth under Article 7(3) of Regulation (EU) 2016/679 and be reminded of this 2016/679 and be reminded of this possibility at periodic intervals of 6 possibility at periodic intervals of 6 months, as long as the processing months, as long as the processing continues. continues. End-users shall be given the possibility to disable the periodic reminder.
Or. en
Amendment 629 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 9 – paragraph 3
Text proposed by the Commission Amendment
3. End-users who have consented to 3. End-users who have consented to the processing of electronic the processing of electronic communications data as set out in point (c) communications data as set out in point (c) of Article 6(2) and points (a) and (b) of of Article 6(2) and points (a) and (b) of Article 6(3) shall be given the possibility to Article 6(3) shall be given the possibility to withdraw their consent at any time as set withdraw their consent at any time as set forth under Article 7(3) of Regulation (EU) forth under Article 7(3) of Regulation (EU) 2016/679 and be reminded of this 2016/679. possibility at periodic intervals of 6 months, as long as the processing continues.
Or. en
Amendment 630 Emilian Pavel
Proposal for a regulation Article 9 – paragraph 3
Text proposed by the Commission Amendment
3. End-users who have consented to 3. End-users who have consented to the processing of electronic the processing of electronic communications data as set out in point (c) communications data as set out in point (c) of Article 6(2) and points (a) and (b) of of Article 6(2) and points (a) and (b) of Article 6(3) shall be given the possibility to Article 6(3) shall be given the possibility to withdraw their consent at any time as set withdraw their consent at any time as set forth under Article 7(3) of Regulation (EU) forth under Article 7(3) of Regulation (EU) 2016/679 and be reminded of this 2016/679. possibility at periodic intervals of 6 months, as long as the processing continues.
Or. en
Amendment 631 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 9 – paragraph 3
Text proposed by the Commission Amendment
3. End-users who have consented to 3. End-users who have consented to the processing of electronic the processing of electronic communications data as set out in point (c) communications data as set out in point (c) of Article 6(2) and points (a) and (b) of of Article 6(2) and points (a) and (b) of Article 6(3) shall be given the possibility to Article 6(3) shall be given the possibility to withdraw their consent at any time as set withdraw their consent at any time as set forth under Article 7(3) of Regulation (EU) forth under Article 7(3) of Regulation (EU) 2016/679 and be reminded of this 2016/679. possibility at periodic intervals of 6 months, as long as the processing continues.
Or. en
Amendment 632 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 9 – paragraph 3
Text proposed by the Commission Amendment 3. End-users who have consented to 3. Without prejudice to paragraph 2, the processing of electronic users who have given their consent communications data as set out in point pursuant to Article 6 or Article 8 shall (c) of Article 6(2) and points (a) and (b) of have the right to withdraw their consent at Article 6(3) shall be given the possibility to any time as set forth under Article 7(3) of withdraw their consent at any time as set Regulation (EU) 2016/679 and shall be forth under Article 7(3) of Regulation (EU) reminded of this possibility by the 2016/679 and be reminded of this providers at periodic intervals of 6 months, possibility at periodic intervals of 6 as long as the processing continues. months, as long as the processing continues.
Or. en
Justification aligned with Art. 7(3) GDPR
Amendment 633 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 9 – paragraph 3 a (new)
Text proposed by the Commission Amendment
3 a. Without prejudice to Article 7(4) of Regulation (EU) 2016/679, a user shall not be denied access to any electronic communications service, information society service or functionality of a terminal equipment, regardless of whether this is remunerated or not, on the mere grounds that he or she has not given his or her consent to (a) the processing of electronic communications data, metadata or content pursuant to Article 6; or (b) the use of input, output, processing and storage capabilities of terminal equipment and the processing of information related to or processed by the users' terminal equipment, or making information available through the terminal equipment, including information about and processed by its software and hardware, pursuant to Article 8(1) that is technically not strictly necessary for the provision of that service or functionality.
Or. en
Justification based on LIBE AM 83 rapporteur, moved to the Article on consent where it belongs. This is complementary to 7(4) GDPR. 7(4) GDPR is about invalidity of forced consent, this here is about not forcing consent as a condition for access (“consent wall”).
Amendment 634 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 9 – paragraph 3 b (new)
Text proposed by the Commission Amendment
3 b. Any processing based on consent must not adversely affect the rights and freedoms of individuals whose personal data are related to or transmitted by the communication, in particular their rights to privacy and the protection of personal data.
Or. en
Justification
Based on suggestion from EDPS in order to clarify that persons other than the user have to be protected as well.
Amendment 635 Axel Voss, Heinz K. Becker, Anna Maria Corazza Bildt
Proposal for a regulation Article 10
Text proposed by the Commission Amendment
Article 10 deleted Information and options for privacy settings to be provided 1. Software placed on the market permitting electronic communications, including the retrieval and presentation of information on the internet, shall offer the option to prevent third parties from storing information on the terminal equipment of an end-user or processing information already stored on that equipment. 2. Upon installation, the software shall inform the end-user about the privacy settings options and, to continue with the installation, require the end-user to consent to a setting. 3. In the case of software which has already been installed on 25 May 2018, the requirements under paragraphs 1 and 2 shall be complied with at the time of the first update of the software, but no later than 25 August 2018.
Or. en
Justification
Article 25 of Regulation (EU) 2016/679 governs data protection by design and by default. Article 10 of the proposal for a regulation only undermines Article 25 of Regulation (EU) 2016/679 and would hamper most business models.
Amendment 636 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 10
Text proposed by the Commission Amendment
Article 10 deleted Information and options for privacy settings to be provided 1. Software placed on the market permitting electronic communications, including the retrieval and presentation of information on the internet, shall offer the option to prevent third parties from storing information on the terminal equipment of an end-user or processing information already stored on that equipment. 2. Upon installation, the software shall inform the end-user about the privacy settings options and, to continue with the installation, require the end-user to consent to a setting. 3. In the case of software which has already been installed on 25 May 2018, the requirements under paragraphs 1 and 2 shall be complied with at the time of the first update of the software, but no later than 25 August 2018.
Or. en
Amendment 637 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 10
Text proposed by the Commission Amendment
Article 10 deleted Information and options for privacy settings to be provided 1. Software placed on the market permitting electronic communications, including the retrieval and presentation of information on the internet, shall offer the option to prevent third parties from storing information on the terminal equipment of an end-user or processing information already stored on that equipment. 2. Upon installation, the software shall inform the end-user about the privacy settings options and, to continue with the installation, require the end-user to consent to a setting. 3. In the case of software which has already been installed on 25 May 2018, the requirements under paragraphs 1 and 2 shall be complied with at the time of the first update of the software, but no later than 25 August 2018.
Or. en
Amendment 638 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 10 – title
Text proposed by the Commission Amendment
Information and options for privacy Privacy settings and signals to be provided settings to be provided
Or. en
Amendment 639 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 10 – paragraph 1
Text proposed by the Commission Amendment
1. Software placed on the market 1. Hardware and software placed on permitting electronic communications, the market that enable the access to and including the retrieval and presentation of use of electronic communications services information on the internet, shall offer the or the access to and use of information option to prevent third parties from storing society services shall be able to prevent information on the terminal equipment of other parties from using input, output, an end-user or processing information processing and storage capabilities of already stored on that equipment. terminal equipment and the processing of information related to or processed by a users' terminal equipment, or making information available through the terminal equipment, including information about and processed by its software and hardware.
Or. en Justification
WP 29 notes that the definition of “third parties” in the GDPR doesn’t include the controllers. Therefore this expression should be avoided in the context of this Regulation. See related amendments to Articles 7 and 14.
Rest of the text aligned with Article 8(1). The Commission proposal and also AMs 94-98 LIBE rapporteur only refer to cookies, which is not future proof and already outdated with browser fingerprinting etc.
Amendment 640 Cornelia Ernst
Proposal for a regulation Article 10 – paragraph 1
Text proposed by the Commission Amendment
1. Software placed on the market 1. Hardware and software that permitting electronic communications, enable the access to and use of electronic including the retrieval and presentation of communications services or the access to, information on the internet, shall offer the and use of, information society services option to prevent third parties from storing shall be able to prevent other parties from information on the terminal equipment of using input, output, processing and an end-user or processing information storage capabilities of terminal equipment already stored on that equipment. and the processing of information related to, or processed by, a user's terminal equipment, or making information available through the terminal equipment, including information about, and processed by, its software and hardware.
Or. en
Amendment 641 Sophia in 't Veld
Proposal for a regulation Article 10 – paragraph 1
Text proposed by the Commission Amendment
1. Software placed on the market 1. The default setting of software permitting electronic communications, placed on the market permitting electronic including the retrieval and presentation of communications, including the retrieval information on the internet, shall offer the and presentation of information on the option to prevent third parties from internet, shall not allow the storing of storing information on the terminal information on the terminal equipment of equipment of an end-user or processing an end-user, the processing of information information already stored on that already stored on that equipment, or equipment. sharing of personal data. Such software setting options shall allow end-users to provide or withdraw consent for each distinct category of purposes.
Or. en
Amendment 642 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 1
Text proposed by the Commission Amendment
1. Software placed on the market 1. Software placed on the market permitting electronic communications, permitting electronic communications, including the retrieval and presentation of including the retrieval and presentation of information on the internet, shall offer the information on the internet, shall: option to prevent third parties from storing information on the terminal equipment of an end-user or processing information already stored on that equipment.
Or. en
Amendment 643 Anna Maria Corazza Bildt
Proposal for a regulation Article 10 – paragraph 1
Text proposed by the Commission Amendment
1. Software placed on the market 1. Software placed on the market permitting electronic communications, permitting electronic communications, including the retrieval and presentation of including the retrieval and presentation of information on the internet, shall offer the information on the internet, shall offer option to prevent third parties from appropriate technical settings referred to storing information on the terminal in Art.9 (2) for end- users to express equipment of an end-user or processing consent. information already stored on that equipment. Or. en
Amendment 644 Michał Boni, Frank Engel, Tomáš Zdechovský, Csaba Sógor, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 10 – paragraph 1
Text proposed by the Commission Amendment
1. Software placed on the market 1. Software placed on the market permitting electronic communications, permitting electronic communications, including the retrieval and presentation of including the retrieval and presentation of information on the internet, shall offer the information on the internet, shall offer option to prevent third parties from appropriate technical settings referred to storing information on the terminal in Article 9 (2) for end-user to express equipment of an end-user or processing consent. information already stored on that equipment.
Or. en
Amendment 645 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 1 – point a (new)
Text proposed by the Commission Amendment
(a) by default, offer privacy protective settings to prevent other parties from storing information on the terminal equipment of a user and from processing information already stored on that equipment, except for the purposes laid down by Article 8 paragraph (1), points (a), (c) and (d);
Or. en
Amendment 646 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 1 – point b (new)
Text proposed by the Commission Amendment
(b) offer the option to prevent other parties from processing information already stored on the terminal equipment for the purposes laid down by Article 8, paragraph (1), points (a), (c) and (d).
Or. en
Amendment 647 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 1 – point c (new)
Text proposed by the Commission Amendment
(c) upon installation, inform and offer the user the possibility to change or confirm the privacy settings options defined in point (a) by requiring the user's consent to a setting;
Or. en
Amendment 648 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 1 – point d (new)
Text proposed by the Commission Amendment
(d) make the setting defined in points (a) and (c) easily accessible during the use of the software; and
Or. en
Amendment 649 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 1 – point e (new)
Text proposed by the Commission Amendment
(e) offer the user the possibility to express specific consent through the settings after the installation of the software.
Or. en
Amendment 650 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. For the purpose of point (e) of paragraph 1, the settings shall include a signal which is sent to the other parties to inform them about the user's privacy settings. These settings shall be binding on, and enforceable against, any other party.
Or. en
Amendment 651 Marju Lauristin
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment
2. Upon installation, the software deleted shall inform the end-user about the privacy settings options and, to continue with the installation, require the end-user to consent to a setting.
Or. en
Amendment 652 Anna Maria Corazza Bildt
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment
2. Upon installation, the software shall 2. Upon installation, the software shall inform the end-user about the privacy inform the end-user about the privacy settings options and, to continue with the settings options. The technical settings installation, require the end-user to shall consist of multiple options for end- consent to a setting. user to choose from, including an option to prevent other parties from storing information on the terminal equipment of an end-user and from processing information already stored on that equipment. These settings shall be easily accessible during the use of software and presented in a manner that gives the end- user possibility to an informed decision. The software enabling end-user to access individual websites, shall offer end-users to customise their privacy settings according to the website visited.
Or. en
Amendment 653 Pál Csáky
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment
2. Upon installation, the software shall 2. Upon installation, the software shall inform the end-user about the privacy inform the end-user about the privacy settings options and, to continue with the settings options. After installation and installation, require the end-user to insofar the privacy settings prevent consent to a setting. storing and reading of information on the terminal equipment, the software shall ensure that an information society service requested by the end-user may prompt that end-user for his or her expression of consent in the sense of Art. 8(1) point (b) and that a consent given in this context by an end-user is accordingly applied by the software, e. g. via offering an interface or plugin.
Or. en
Amendment 654 Michał Boni, Frank Engel, Tomáš Zdechovský, Csaba Sógor, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment
2. Upon installation, the software shall 2. Upon installation, the software shall inform the end-user about the privacy inform the end-user about the privacy settings options and, to continue with the settings options. The technical settings installation, require the end-user to shall consist of multiple options for end- consent to a setting. user to chose from, including an option to prevent other parties from storing information on the terminal equipment of a n end-user and from processing information already stored on that equipment. These settings should be easily accessible during the use of the software.
Or. en
Amendment 655 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment
2. Upon installation, the software 2. By default, such hardware or shall inform the end-user about the software shall have activated privacy privacy settings options and, to continue settings that prevent other parties from with the installation, require the end-user exercising the activities referred to in to consent to a setting. paragraph 1. If the hardware or software allows for deviating settings, the user shall be informed about the privacy settings options during first use or installation and shall be offered the possibility to change or confirm them. Or. en
Amendment 656 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Louis Michel, Pavel Telička
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment
2. Upon installation, the software shall 2. Upon installation, the software shall inform the end-user about the privacy inform the end-user about the privacy settings options and, to continue with the settings options. Such software shall installation, require the end-user to ensure that a consent given by an end consent to a setting. user under Article 8 (1) point (b) prevails over the privacy settings chosen at the installation of the software.
Or. en
Amendment 657 Cornelia Ernst
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment
2. Upon installation, the software 2. By default, such hardware or shall inform the end-user about the software shall be set to prevent other privacy settings options and, to continue parties from exercising the activities with the installation, require the end-user referred to in paragraph 1. to consent to a setting.
Or. en
Amendment 658 Sophia in 't Veld
Proposal for a regulation Article 10 – paragraph 2
Text proposed by the Commission Amendment 2. Upon installation, the software 2. Before the first use of the software, shall inform the end-user about the privacy the software shall inform the end-user settings options and, to continue with the about the privacy settings and the installation, require the end-user to available granular setting options. consent to a setting.
Or. en
Amendment 659 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 10 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. For the purposes of (a) giving or withdrawing consent pursuant to Article 9(2) of this Regulation, and (b) objecting to the processing of personal data pursuant to Article 21(5) of Regulation (EU) 2017/679, the settings shall lead to a signal based on technical specifications which is sent to the other parties to inform them about the user's intentions with regard to consent or objection. This signal shall be legally valid and be binding on, and enforceable against, any other party. The European Data Protection Board shall issue guidelines to determine which technical specifications and signalling methods fulfil the conditions for consent and objection pursuant to points (a) and (b).
Or. en
Justification
Some body must have the authority to decide which technical standards are good enough and meet the requirements of this Regulation and the GDPR.
Amendment 660 Michał Boni, Frank Engel, Tomáš Zdechovský, Viviane Reding, Csaba Sógor, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 10 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. The software permitting the end- user to access individual websites shall enable the end-user to customise his or her privacy settings according to the website visited.
Or. en
Amendment 661 Pál Csáky
Proposal for a regulation Article 10 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. The software shall not block data processing which is legally allowed according to Art. 8 (1) a), c) or d) or (2) a), irrespective of the browser settings.
Or. en
Amendment 662 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Article 10 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. The software shall not block data processing wich is legally allowed to Art. 8 (1) a), c) or d) or (2) a), irrespective of the browser settings.
Or. en
Amendment 663 Michał Boni, Frank Engel, Tomáš Zdechovský, Csaba Sógor, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 10 – paragraph 3
Text proposed by the Commission Amendment
3. In the case of software which has deleted already been installed on 25 May 2018, the requirements under paragraphs 1 and 2 shall be complied with at the time of the first update of the software, but no later than 25 August 2018.
Or. en
Amendment 664 Cornelia Ernst
Proposal for a regulation Article 10 – paragraph 3
Text proposed by the Commission Amendment
3. In the case of software which has deleted already been installed on 25 May 2018, the requirements under paragraphs 1 and 2 shall be complied with at the time of the first update of the software, but no later than 25 August 2018.
Or. en
Amendment 665 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 10 – paragraph 3
Text proposed by the Commission Amendment
3. In the case of software which has 3. In the case of software which has already been installed on 25 May 2018, the already been installed on 25 May 2018, the requirements under paragraphs 1 and 2 requirements under paragraphs 1, 2 and 2a shall be complied with at the time of the shall be complied with at the time of the first update of the software, but no later first update of the software, but no later than 25 August 2018. than 25 August 2018.
Or. en
Amendment 666 Peter Kouroumbashev, Cătălin Sorin Ivan
Proposal for a regulation Article 10 – paragraph 3
Text proposed by the Commission Amendment
3. In the case of software which has 3. In the case of software which has already been installed on 25 May 2018, the already been installed on 25 May 2018, the requirements under paragraphs 1 and 2 requirements under paragraphs 1 and 2 shall be complied with at the time of the shall be complied with at the time of the first update of the software, but no later first update of the software, but no later than 25 August 2018. than 25 May 2019.
Or. en
Amendment 667 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 10 a (new)
Text proposed by the Commission Amendment
Article 10 a Article 25 of Regulation (EU) No 2016/679 shall apply.
Or. en
Amendment 668 Axel Voss, Heinz K. Becker, Rachida Dati, Brice Hortefeux
Proposal for a regulation Article 10 a (new)
Text proposed by the Commission Amendment Article 10 a Article 25 of Regulation (EU) No 2016/679 shall apply.
Or. en
Justification
Article 25 of Regulation (EU) 2016/679 governs data protection by design and by default. Article 10 of the proposal for a regulation on ePrivacy only undermines Article 25 of Regulation (EU) 2016/679 and would hamper most business models.
Amendment 669 Cornelia Ernst
Proposal for a regulation Article 11
Text proposed by the Commission Amendment
Article 11 deleted Restrictions 1. Union or Member State law may restrict by way of a legislative measure the scope of the obligations and rights provided for in Articles 5 to 8 where such a restriction respects the essence of the fundamental rights and freedoms and is a necessary, appropriate and proportionate measure in a democratic society to safeguard one or more of the general public interests referred to in Article 23(1)(a) to (e) of Regulation (EU) 2016/679 or a monitoring, inspection or regulatory function connected to the exercise of official authority for such interests. 2. Providers of electronic communications services shall establish internal procedures for responding to requests for access to end-users’ electronic communications data based on a legislative measure adopted pursuant to paragraph 1. They shall provide the competent supervisory authority, on demand, with information about those procedures, the number of requests received, the legal justification invoked and their response.
Or. en
Amendment 670 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 11
Text proposed by the Commission Amendment
Article 11 deleted Restrictions 1. Union or Member State law may restrict by way of a legislative measure the scope of the obligations and rights provided for in Articles 5 to 8 where such a restriction respects the essence of the fundamental rights and freedoms and is a necessary, appropriate and proportionate measure in a democratic society to safeguard one or more of the general public interests referred to in Article 23(1)(a) to (e) of Regulation (EU) 2016/679 or a monitoring, inspection or regulatory function connected to the exercise of official authority for such interests. 2. Providers of electronic communications services shall establish internal procedures for responding to requests for access to end-users’ electronic communications data based on a legislative measure adopted pursuant to paragraph 1. They shall provide the competent supervisory authority, on demand, with information about those procedures, the number of requests received, the legal justification invoked and their response.
Or. en Justification
Following the LIBE rapporteur: Art. 11a for restrictions of user rights, Art. 11b for restrictions of confidentiality, added Art. 11c on documentation and reporting.
Amendment 671 Sophia in 't Veld, Kaja Kallas
Proposal for a regulation Article 11 – paragraph 1
Text proposed by the Commission Amendment
1. Union or Member State law may 1. Union or Member State law may restrict by way of a legislative measure the restrict by way of a legislative measure the scope of the obligations and rights scope of the obligations and rights provided for in Articles 5 to 8 where such a provided for in Articles 5 to 8 where such a restriction respects the essence of the restriction fully respects fundamental fundamental rights and freedoms and is a rights and freedoms and is a necessary, necessary, appropriate and proportionate appropriate and proportionate measure in a measure in a democratic society to democratic society to safeguard national safeguard one or more of the general security, defence, public security, and the public interests referred to in Article prevention, investigation, detection and 23(1)(a) to (e) of Regulation (EU) prosecution of criminal offences or of 2016/679 or a monitoring, inspection or unauthorised use of the electronic regulatory function connected to the communications system. exercise of official authority for such interests.
Or. en
Justification
This amendment stays as close to the status quo as possible.
Amendment 672 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 11 – paragraph 1
Text proposed by the Commission Amendment
1. Union or Member State law may 1. Union or Member State law may restrict by way of a legislative measure the restrict by way of a legislative measure the scope of the obligations and rights scope of the obligations and rights provided for in Articles 5 to 8 where such a provided for in Articles 5 to 8 where such a restriction respects the essence of the restriction respects the essence of the fundamental rights and freedoms and is a fundamental rights and freedoms and is a necessary, appropriate and proportionate necessary, appropriate and proportionate measure in a democratic society to measure in a democratic society to safeguard one or more of the general public safeguard one or more of the general public interests referred to in Article 23(1)(a) to interests referred to in Article 23(1)(a) to (e) of Regulation (EU) 2016/679 or a (d) of Regulation (EU) 2016/679 or a monitoring, inspection or regulatory monitoring, inspection or regulatory function connected to the exercise of function connected to the exercise of official authority for such interests. official authority for such interests.
Or. en
Amendment 673 Daniel Dalton, John Procter
Proposal for a regulation Article 11 – paragraph 1
Text proposed by the Commission Amendment
1. Union or Member State law may 1. Union or Member State law may restrict by way of a legislative measure the restrict by way of a legislative measure the scope of the obligations and rights scope of the obligations and rights provided for in Articles 5 to 8 where such a provided for in Articles 5 to 8 where such a restriction respects the essence of the restriction respects the essence of the fundamental rights and freedoms and is a fundamental rights and freedoms and is a necessary, appropriate and proportionate necessary, appropriate and proportionate measure in a democratic society to measure in a democratic society to safeguard one or more of the general public safeguard one or more of the general public interests referred to in Article 23(1)(a) to interests referred to in Article 23(1) of (e) of Regulation (EU) 2016/679 or a Regulation (EU) 2016/679 or a monitoring, monitoring, inspection or regulatory inspection or regulatory function connected function connected to the exercise of to the exercise of official authority for such official authority for such interests. interests.
Or. en
Amendment 674 Sophia in 't Veld, Angelika Mlinar, Kaja Kallas
Proposal for a regulation Article 11 – paragraph 1 a (new)
Text proposed by the Commission Amendment 1 a. The Union or Member States shall not impose any obligation on undertakings that would result in the weakening of the security and encryption of their networks and services.
Or. en
Amendment 675 Sophia in 't Veld, Kaja Kallas
Proposal for a regulation Article 11 – paragraph 2
Text proposed by the Commission Amendment
2. Providers of electronic 2. Providers of electronic communications services shall establish communications services shall publish internal procedures for responding to information about the number of requests requests for access to end-users’ received, the legal justification invoked electronic communications data based on and their response. a legislative measure adopted pursuant to paragraph 1. They shall provide the competent supervisory authority, on demand, with information about those procedures, the number of requests received, the legal justification invoked and their response.
Or. en
Justification
Mandatory Transparency Reports.
Amendment 676 Emilian Pavel
Proposal for a regulation Article 11 – paragraph 2
Text proposed by the Commission Amendment
2. Providers of electronic 2. Providers of electronic communications services shall establish communications services shall establish internal procedures for responding to internal procedures for responding to requests for access to end-users’ electronic requests for access to end-users’ electronic communications data based on a legislative communications data based on a legislative measure adopted pursuant to paragraph 1. measure adopted pursuant to paragraph 1. They shall provide the competent They shall provide the competent supervisory authority, on demand, with supervisory authority, on demand, with information about those procedures, the information about those procedures, the number of requests received, the legal number of requests received, the legal justification invoked and their response. justification invoked and their response. The requests coming from a Member State where the service provider is not established, must respect cross-border mechanisms under mutual legal assistance conventions.
Or. en
Amendment 677 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 11 – paragraph 2
Text proposed by the Commission Amendment
2. Providers of electronic 2. Providers of electronic communications services shall establish communications services shall establish internal procedures for responding to appropriate internal procedures for requests for access to end-users’ electronic responding to requests for access to end- communications data based on a legislative users’ electronic communications data measure adopted pursuant to paragraph 1. based on a legislative measure adopted They shall provide the competent pursuant to paragraph 1 and therefore to supervisory authority, on demand, with facilitate the handling of these requests. information about those procedures, the They shall provide the competent number of requests received, the legal supervisory authority, on demand, with justification invoked and their response. information about those procedures, the number of requests received, the legal justification invoked and their response.
Or. en
Amendment 678 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 11 a (new)
Text proposed by the Commission Amendment Article 11 a Restrictions on the rights of the user or subscriber 1. Union or Member State law to which the provider is subject may temporarily restrict by way of a legislative measure the scope of the obligations and principles relating to processing of electronic communications data provided for in Articles 6, 7 and 8 of this Regulation in so far as its provisions correspond to the rights and obligations provided for in Articles 12 to 22 of Regulation (EU) 2016/679, when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary, appropriate and proportionate measure in a democratic society to safeguard one or more of the following general public interests: (a) national security; (c) defence; (d) the prevention, investigation, detection or prosecution of serious criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security. 2. In particular, any legislative measure referred to in paragraph 1 shall contain specific provisions at least, where relevant, pursuant to Article 23(2) of Regulation (EU) 2016/679.
Or. en
Amendment 679 Cornelia Ernst
Proposal for a regulation Article 11 a (new)
Text proposed by the Commission Amendment
Article 11 a Restrictions on the rights of the user or subscriber 1. Union or Member State law to which the provider is subject may temporarily restrict by way of a legislative measure the scope of the obligations and principles relating to processing of electronic communications data provided for in Articles 6, 7 and 8 of this Regulation in so far as its provisions correspond to the rights and obligations provided for in Articles 12 to 22 of Regulation (EU) 2016/679, when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary, appropriate and proportionate measure in a democratic society to safeguard one or more of the following general public interests: (a) national security; (b) defence; (c) the prevention, investigation, detection or prosecution of serious criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security. 2. In particular, any legislative measure referred to in paragraph 1 shall contain specific provisions at least, where relevant, pursuant to Article 23(2) of Regulation (EU) 2016/679.
Or. en
Amendment 680 Cornelia Ernst
Proposal for a regulation Article 11 b (new)
Text proposed by the Commission Amendment
Article 11 b Restrictions of the confidentiality of communications 1. Union or Member State law to which the provider is subject may temporarily restrict by way of a legislative measure the scope of the rights provided for in Article 5 where such a restriction respects the essence of the fundamental rights and freedoms and is a necessary, appropriate and proportionate measure in a democratic society to safeguard one or more of the following general public interests: (a) national security; (b) defence; (c) the prevention, investigation, detection or prosecution of serious criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security. 2. In particular, any legislative measure referred to in paragraph 1 shall contain specific provisions at least, where relevant, pursuant to Article 23(2) of Regulation (EU) 2016/679. It shall also require prior judicial authorisation for any access to content or metadata. 3. No legislative measure referred to in paragraph 1 may allow for the weakening of the integrity and confidentiality of electronic communications by mandating a manufacturer of hardware or software, including terminal equipment or software providing for the use of electronic communications, or a provider of electronic communications services, to create and build in backdoors that weaken the cryptographic methods used or the security and integrity of the terminal equipment.
Or. en
Amendment 681 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 11 b (new)
Text proposed by the Commission Amendment
Article 11 b Restrictions of the confidentiality of communications 1. Union or Member State law to which the provider is subject may temporarily restrict by way of a legislative measure the scope of the rights provided for in Article 5 where such a restriction respects the essence of the fundamental rights and freedoms and is a necessary, appropriate and proportionate measure in a democratic society to safeguard one or more of the following general public interests: (a) national security; (b) defence; (c) the prevention, investigation, detection or prosecution of serious criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security. 2. In particular, any legislative measure referred to in paragraph 1 shall contain specific provisions at least, where relevant, pursuant to Article 23(2) of Regulation (EU) 2016/679. It shall also require prior judicial authorisation for any access to content or metadata. 3. No legislative measure referred to in paragraph 1 may allow for the weakening of the integrity and confidentiality of electronic communications by mandating a manufacturer of hardware or software, including terminal equipment or software providing for the use of electronic communications, or a provider of electronic communications services, to create and build in backdoors that weaken the cryptographic methods used or the security and integrity of the terminal equipment.
Or. en
Amendment 682 Cornelia Ernst
Proposal for a regulation Article 11 c (new)
Text proposed by the Commission Amendment
Article 11 c Documentation and reporting of restrictions 1. Providers of electronic communications services shall keep documentation about requests made by competent authorities to access communications content or metadata pursuant to Article 11b(2). This documentation shall include for each request: (a) the in-house staff member who handled the request; (b) the identity of the body making the request; (c) the purpose for which the information was sought; (d) the date and time of the request; (e) the legal basis and authority for the request, including the identity and status or function of the official submitting the request; (f) the judicial authorisation of the request; (g) the number of subscribers to whose data the request related; (h) the data provided to the requesting authority; and (i) the period covered by the data. The documentation shall be made available to the competent supervisory authority upon request. 2. Providers of electronic communications services shall publish once per year a report with statistical information about data access requests by law enforcement authorities pursuant to Articles 11a and 11b. The report shall include, at least (a) the number of requests; (b) the categories of purposes for the request; (b) the categories of data requested; (c) the legal basis and authority for the request; (d) the number of subscribers to whose data the request related; (e) the period covered by the data; (f) the number of negative and positive responses to those requests. 3. Member States' competent authorities shall publish once per year a report with statistical information per month about data access requests pursuant to Articles 11a and 11b, including requests that were not authorised by a judge, including, but not limited to, the following points: (a) the number of requests; (b) the categories of purposes for the request; (b) the categories of data requested; (c) the legal basis and authority for the request; (d) the number of subscribers to whose data the request related; (e) the period covered by the data; (f) the number of negative and positive responses to those requests. The reports shall also contain statistical information per month about any other restrictions pursuant to Articles 11a and 11b.
Or. en
Amendment 683 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 11 c (new)
Text proposed by the Commission Amendment
Article 11 c Documentation and reporting of restrictions 1. Providers of electronic communications services shall keep documentation about requests made by competent authorities to access communications content or metadata pursuant to Article 11b(2). This documentation shall include for each request: (a) the in-house staff member who handled the request; (b) the identity of the body making the request; (c) the purpose for which the information was sought; (d) the date and time of the request; (e) the legal basis and authority for the request, including the identity and status or function of the official submitting the request; (f) the judicial authorisation of the request; (g) the number of subscribers to whose data the request related; (h) the data provided to the requesting authority; and (i) the period covered by the data. The documentation shall be made available to the competent supervisory authority upon request. 2. Member States' competent authorities shall publish once per year a report with statistical information per month about data access requests pursuant to Article 11b(2), including requests that were not authorised by a judge, including, but not limited to, the following points: (a) the number of requests; (b) the categories of purposes for the request; (b) the categories of data requested; (c) the legal basis and authority for the request; (d) the number of subscribers to whose data the request related; (e) the period covered by the data; The reports shall also contain statistical information per month about any other restrictions pursuant to Articles 11a and 11b.
Or. en
Justification
Reports by Member States’ authorities are more comprehensive, as they consolidate all requests to all communications service providers. This also avoids additional burdens for providers.
Amendment 684 Heinz K. Becker
Proposal for a regulation Chapter 3 – title
Text proposed by the Commission Amendment
RECHTE NATÜRLICHER UND RECHTE NATÜRLICHER PERSONEN JURISTISCHER PERSONEN IN BEZUG IN BEZUG AUF DIE KONTROLLE AUF DIE KONTROLLE ÜBER IHRE ÜBER IHRE ELEKTRONISCHE ELEKTRONISCHE KOMMUNIKATION KOMMUNIKATION
Or. de
Amendment 685 Anna Maria Corazza Bildt
Proposal for a regulation Article 12 – paragraph 1 – introductory part
Text proposed by the Commission Amendment 1. Where presentation of the calling 1. Where presentation of the calling and connected line identification is offered and connected line identification is offered in accordance with Article [107] of the in accordance with Article [107] of the [Directive establishing the European [Directive establishing the European Electronic Communication Code], the Electronic Communication Code], the providers of publicly available number- providers of publicly available number- based interpersonal communications based interpersonal communications services shall provide the following: services shall provide the following, subject to technical feasibility and economic viability:
Or. en
Amendment 686 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 12 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) the calling end-user with the (a) the calling user or subscriber with possibility of preventing the presentation of the possibility of preventing the the calling line identification on a per call, presentation of the calling line per connection or permanent basis; identification on a per call, per connection or permanent basis;
Or. en
Amendment 687 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 12 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) the called end-user with the (b) the called user or subscriber with possibility of preventing the presentation of the possibility of preventing the the calling line identification of incoming presentation of the calling line calls; identification of incoming calls;
Or. en
Amendment 688 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 12 – paragraph 1 – point c
Text proposed by the Commission Amendment
(c) the called end-user with the (c) the called user or subscriber with possibility of rejecting incoming calls the possibility of rejecting incoming calls where the presentation of the calling line where the presentation of the calling line identification has been prevented by the identification has been prevented by the calling end-user; calling user or subscriber;
Or. en
Amendment 689 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 12 – paragraph 1 – point d
Text proposed by the Commission Amendment
(d) the called end-user with the (d) the called user or subscriber with possibility of preventing the presentation of the possibility of preventing the the connected line identification to the presentation of the connected line calling end-user. identification to the calling user or subscriber.
Or. en
Amendment 690 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 12 – paragraph 2
Text proposed by the Commission Amendment
2. The possibilities referred to in 2. The possibilities referred to in points (a), (b), (c) and (d) of paragraph 1 points (a), (b), (c) and (d) of paragraph 1 shall be provided to end-users by simple shall be provided to users or subscribers means and free of charge. by simple means and free of charge.
Or. en
Amendment 691 Peter Kouroumbashev, Filiz Hyusmenova
Proposal for a regulation Article 13 – paragraph 1
Text proposed by the Commission Amendment
1. Regardless of whether the calling 1. Regardless of whether the calling end-user has prevented the presentation of end-user has prevented the presentation of the calling line identification, where a call the calling line identification, where a call is made to emergency services, providers is made to emergency services, providers of publicly available number-based of publicly available number-based interpersonal communications services interpersonal communications services shall override the elimination of the shall override the elimination of the presentation of the calling line presentation of the calling line identification and the denial or absence of identification, on a per-line basis for consent of an end-user for the processing organisations dealing with emergency of metadata, on a per-line basis for communications, including public safety organisations dealing with emergency answering points, for the purpose of communications, including public safety responding to such communications. answering points, for the purpose of responding to such communications.
Or. en
Amendment 692 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 13 – paragraph 1
Text proposed by the Commission Amendment
1. Regardless of whether the calling 1. Regardless of whether the calling end-user has prevented the presentation of user or subscriber has prevented the the calling line identification, where a call presentation of the calling line is made to emergency services, providers identification, where a call is made to of publicly available number-based emergency services, providers of publicly interpersonal communications services available number-based interpersonal shall override the elimination of the communications services shall override the presentation of the calling line elimination of the presentation of the identification and the denial or absence of calling line identification and the denial or consent of an end-user for the processing absence of consent of a user for the of metadata, on a per-line basis for processing of metadata, on a per-line basis organisations dealing with emergency for organisations dealing with emergency communications, including public safety communications, including public safety answering points, for the purpose of answering points, for the purpose of responding to such communications. responding to such communications. Or. en
Amendment 693 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 13 – paragraph 2
Text proposed by the Commission Amendment
2. Member States shall establish 2. The Commission shall be more specific provisions with regard to the empowered to adopt implementing establishment of procedures and the measures in accordance with Article 26(1) circumstances where providers of publicly with regard to the establishment of available number-based interpersonal procedures and the circumstances where communication services shall override the providers of publicly available number- elimination of the presentation of the based interpersonal communication calling line identification on a temporary services shall override the elimination of basis, where end-users request the tracing the presentation of the calling line of malicious or nuisance calls. identification on a temporary basis, where users or subscribers request the tracing of malicious or nuisance calls.
Or. en
Justification
We should avoid fragmenting the Digital Single Market.
Amendment 694 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 14 – paragraph 1 – introductory part
Text proposed by the Commission Amendment
Providers of publicly available number- Providers of publicly available number- based interpersonal communications based interpersonal communications services shall deploy state of the art services shall provide the called end-user measures to limit the reception of with the following possibilities, free of unwanted calls by end-users and shall charge: also provide the called end-user with the following possibilities, free of charge:
Or. en Justification
Unclear what it would mean on top of points (a) and (b). Algorithmic filtering? Artificial intelligence that guesses which calls the user doesn’t want to receive?
Amendment 695 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 14 – paragraph 1 – point a
Text proposed by the Commission Amendment
(a) to block incoming calls from (a) to block incoming calls from specific numbers or from anonymous specific numbers, or numbers having a sources; specific code or prefix identifying the fact that the call is a marketing call referred to in Article 16(3)(b), or from anonymous sources;
Or. en
Amendment 696 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 14 – paragraph 1 – point b
Text proposed by the Commission Amendment
(b) to stop automatic call forwarding (b) to stop automatic call forwarding by a third party to the end-user's terminal by a party to the subscriber's terminal equipment. equipment.
Or. en
Justification
WP 29 notes that the definition of “third parties” in the GDPR doesn’t include the controllers. Therefore this expression should be avoided in the context of this Regulation. See related amendments to Articles 7 and 10.
Amendment 697 Marju Lauristin
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The providers of publicly available directories shall obtain the consent of end- directories or the electronic users who are natural persons to include communication services providers shall their personal data in the directory and, obtain the consent of users to include their consequently, shall obtain consent from personal data in the directory and, these end-users for inclusion of data per consequently, shall obtain consent from category of personal data, to the extent that these users for inclusion of data per such data are relevant for the purpose of category of personal data, to the extent that the directory as determined by the such data are relevant for the purpose of provider of the directory. Providers shall the directory. Electronic communication give end-users who are natural persons service providers shall give users the the means to verify, correct and delete means to verify, correct, update, complete such data. and delete such data. When electronic communication service providers obtain consent of users, they shall make users' data available for public directory providers in an immediate, non- discriminatory and fair manner.
Or. en
Amendment 698 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Elissavet Vozemberg- Vrionidi
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The providers of electronic directories shall obtain the consent of end- communication services shall obtain the users who are natural persons to include consent of end-users who are natural their personal data in the directory and, persons to share their personal data with consequently, shall obtain consent from the providers of publicly available these end-users for inclusion of data per directories to include them in the directory category of personal data, to the extent that and, consequently, shall provide end-users such data are relevant for the purpose of who are natural persons with information the directory as determined by the provider about inclusion of data per category of of the directory. Providers shall give end- personal data, to the extent that such data users who are natural persons the means to are relevant for the purpose of the directory verify, correct and delete such data. as determined by the provider of the directory. Providers shall give end-users who are natural persons the means to verify, correct and delete such data. Or. en
Amendment 699 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The providers of publicly available directories shall obtain the consent of end- directories or the electronic users who are natural persons to include communication service providers shall their personal data in the directory and, obtain the consent of subscribers who are consequently, shall obtain consent from natural persons to include their personal these end-users for inclusion of data per data in the directory and, consequently, category of personal data, to the extent that shall obtain consent from these subscribers such data are relevant for the purpose of for inclusion of data per category of the directory as determined by the personal data, to the extent that such data provider of the directory. Providers shall are necessary for the purpose of the give end-users who are natural persons the directory. Without prejudice to Articles 12 means to verify, correct and delete such to 22 of Regulation (EU) 2016/679, data. providers shall give subscribers who are natural persons the means to verify, correct and delete such data.
Or. en
Justification
Last part: Clarification that this does not affect the data subject rights under the GDPR, but is about giving the means to exercise them.
Amendment 700 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The operators of electronic directories shall obtain the consent of end- communication shall provide the option to users who are natural persons to include end-users who are natural persons to object their personal data in the directory and, to their personal data being included in the consequently, shall obtain consent from directory and, consequently, shall provide these end-users for inclusion of data per to these end-users the option to object to category of personal data, to the extent that the inclusion of data per category of such data are relevant for the purpose of personal data, to the extent that such data the directory as determined by the provider are relevant for the purpose of the directory of the directory. Providers shall give end- as determined by the provider of the users who are natural persons the means to directory. Providers shall give end-users verify, correct and delete such data. who are natural persons the means to verify, correct and delete such data
Or. en
Justification
The publicly available directories are now based on a functional opt-out system. This proposal would create a opt-in system, where the providors are forced to gain consent from all end-users, creating an unnecessary burden for the providors. Securing the end-user's right to object should be sufficient.
Amendment 701 Pál Csáky
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The operators of electronic directories shall obtain the consent of information, communication and end-users who are natural persons to telecommunication services collect the include their personal data in the directory data of end-users who are natural persons and, consequently, shall obtain consent to include their personal data in publicly from these end-users for inclusion of data available directories. They grant end-users per category of personal data, to the who are natural persons the right to extent that such data are relevant for the object against the inclusion of their purpose of the directory as determined by related data in directories. The operators the provider of the directory. Providers shall give end-users who are natural shall give end-users who are natural persons the option to verify, correct and persons the means to verify, correct and delete such data. delete such data.
Or. en
Amendment 702 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The providers of electronic directories shall obtain the consent of end- communications services shall be users who are natural persons to include responsible for collecting the data of end- their personal data in the directory and, users who are natural persons in order to consequently, shall obtain consent from include their personal data in publicly these end-users for inclusion of data per available directories. The providers grant category of personal data, to the extent end users who are natural persons the that such data are relevant for the right to object against the inclusion of purpose of the directory as determined by their related data in directories. The the provider of the directory. Providers providers shall give end-users who are shall give end-users who are natural natural persons the means to verify, correct persons the means to verify, correct and and delete such data. delete such data.
Or. en
Amendment 703 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The providers of electronic directories shall obtain the consent of end- information, communication and users who are natural persons to include telecommunication services shall collect their personal data in the directory and, the data of end-users who are natural consequently, shall obtain consent from persons in order to include their personal these end-users for inclusion of data per data in publicly accessible directories. category of personal data, to the extent They shall give end-users that are natural that such data are relevant for the persons the right to object to data related purpose of the directory as determined by to them being included in directories. the provider of the directory. Providers Providers shall give end-users who are shall give end-users who are natural natural persons the means to verify, persons the means to verify, correct and correct, update, supplement and delete delete such data. such data.
Or. en
Amendment 704 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 15 – paragraph 1
Text proposed by the Commission Amendment
1. The providers of publicly available 1. The providers of electronic directories shall obtain the consent of end- information, communication and users who are natural persons to include telecommunication services shall collect their personal data in the directory and, the data of end-users who are natural consequently, shall obtain consent from persons in order to include their personal these end-users for inclusion of data per data in publicly accessible directories. category of personal data, to the extent Upon the request of an end-user who is that such data are relevant for the natural person the directory providers purpose of the directory as determined by shall provide the end-user with the provider of the directory. Providers transparent information about the data shall give end-users who are natural being included in the directory and the persons the means to verify, correct and means to verify, correct, update, delete such data. supplement and delete such data.
Or. en
Amendment 705 Sophia in 't Veld
Proposal for a regulation Article 15 – paragraph 1 a (new)
Text proposed by the Commission Amendment
1 a. Electronic communications service providers may, on behalf of a specific public directory, ask for the consent of a subscriber to have his personal data included in that public directory.
Or. en
European Parliament 2014-2019
Committee on Civil Liberties, Justice and Home Affairs
2017/0003(COD)
14.7.2017
AMENDMENTS 706 - 827
Draft report Marju Lauristin (PE606.011v01-00)
Respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)
Proposal for a regulation (COM(2017)0010 – C8-0009/2017 – 2017/0003(COD)) AM_Com_LegReport Amendment 706 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 15 – paragraph 2
Text proposed by the Commission Amendment
2. The providers of a publicly 2. The providers of a publicly available directory shall inform end-users available directory shall inform end-users who are natural persons whose personal who are natural persons and acting out of data are in the directory of the available their business capacity whose personal search functions of the directory and data are in the directory of the available obtain end-users’ consent before enabling search functions of the directory. Providers such search functions related to their own of number-based interpersonal data. communications services and electronic communications service providers shall inform end-users when new search functions are made available.
Or. en
Amendment 707 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 15 – paragraph 2
Text proposed by the Commission Amendment
2. The providers of a publicly 2. The providers of a publicly available directory shall inform end-users available directory shall inform end-users who are natural persons whose personal who are natural persons whose personal data are in the directory of the available data are in the directory of the available search functions of the directory and search functions of the directory, which obtain end-users’ consent before enabling they shall do there. The providers of such search functions related to their own electronic information, communication data. and telecommunication services shall inform end-users when new search functions are made available.
Or. en
Amendment 708 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Pavel Telička
Proposal for a regulation Article 15 – paragraph 2
Text proposed by the Commission Amendment
2. The providers of a publicly 2. The providers of a publicly available directory shall inform end-users available directory shall provide accessible who are natural persons whose personal and intelligible information to end-users data are in the directory of the available who are natural persons whose personal search functions of the directory and data are in the directory of the available obtain end-users’ consent before enabling search functions of the directory and such search functions related to their own provide the end-users' the option to disable data. such search functions related to their own data.
Or. en
Justification
The publicly available directories are now based on a functional opt-out system. This proposal would create a opt-in system, where the providors are forced to gain consent from all end-users, creating an unnecessary burden for the providors. Securing the end-user's right to object should be sufficient.
Amendment 709 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 15 – paragraph 2
Text proposed by the Commission Amendment
2. The providers of a publicly 2. The providers of a publicly available directory shall inform end-users available directory shall inform end-users who are natural persons whose personal who are natural persons whose personal data are in the directory of the available data are in the directory of the available search functions of the directory and search functions of the directory and shall obtain end-users’ consent before enabling inform end-users if new search functions such search functions related to their own are made available. data.
Or. en
Amendment 710 Pál Csáky
Proposal for a regulation Article 15 – paragraph 2
Text proposed by the Commission Amendment
2. The providers of a publicly 2. In publicly available directories available directory shall inform end-users the providers of these directories shall who are natural persons whose personal inform end-users who are natural persons data are in the directory of the available whose personal data are in the directory of search functions of the directory and the available search functions of the obtain end-users’ consent before enabling directory. The operators shall inform end- such search functions related to their own users if new search functions are enabled. data.
Or. en
Amendment 711 Marju Lauristin
Proposal for a regulation Article 15 – paragraph 2
Text proposed by the Commission Amendment
2. The providers of a publicly 2. The providers of a publicly available directory shall inform end-users available directories shall inform users who are natural persons whose personal whose personal data are in the directory of data are in the directory of the available the available search functions of the search functions of the directory and directory. The electronic communication obtain end-users’ consent before enabling service providers shall inform users if new such search functions related to their own search functions are enabled. data.
Or. en
Amendment 712 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 15 – paragraph 2
Text proposed by the Commission Amendment
2. The providers of a publicly 2. The providers of a publicly available directory shall inform end-users available directory shall inform who are natural persons whose personal subscribers who are natural persons whose data are in the directory of the available personal data are in the directory of the search functions of the directory and obtain available search functions of the directory and obtain subscribers' consent before end-users’ consent before enabling such enabling such search functions related to search functions related to their own data. their own data.
Or. en
Amendment 713 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment
3. The providers of publicly available 3. The providers of electronic directories shall provide end-users that are information, communication and legal persons with the possibility to object telecommunication services shall provide to data related to them being included in end-users that are legal persons with the the directory. Providers shall give such possibility to object to data related to them end-users that are legal persons the means being included in the directory. Providers to verify, correct and delete such data. shall give such end-users that are legal persons the means to verify, correct, update, supplement and delete such data. Natural persons acting for an economic purpose, such as independent professionals, operators of small businesses or freelancers, shall be equated with legal persons.
Or. en
Amendment 714 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Louis Michel, Pavel Telička
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment
3. The providers of publicly available 3. The operators of electronic directories shall provide end-users that are communication services available legal persons with the possibility to object directories shall provide end-users that are to data related to them being included in legal persons with the possibility to object the directory. Providers shall give such to data related to them being included in end-users that are legal persons the means the directory. The operators shall give to verify, correct and delete such data. such end-users that are legal persons the means to verify, correct and delete such data. Natural persons who act for a commercial or economic purpose, such as freelancers, one-man businesses and individual professionals shall be considered legal persons
Or. en
Justification
Freelancers, one-man businesses and individual professional would be considered as natural persons, but should be considered as legal persons due to their commercial and economic purpose.
Amendment 715 Pál Csáky
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment
3. The providers of publicly available 3. The operators of electronic directories shall provide end-users that are information, communication and legal persons with the possibility to object telecommunication services shall provide to data related to them being included in end-users that are legal persons with the the directory. Providers shall give such possibility to object to data related to them end-users that are legal persons the means being included in the directories. The to verify, correct and delete such data. operators shall give such end-users that are legal persons the option to verify, correct and delete such data. Natural persons who act with commercial intent, such as freelancers, small traders or self- employed persons, are equated to legal persons.
Or. en
Amendment 716 Miltiadis Kyrkos
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment 3. The providers of publicly available 3. The operators of electronic directories shall provide end-users that are information, communication and legal persons with the possibility to object telecommunication services shall provide to data related to them being included in end-users that are legal persons with the the directory. Providers shall give such possibility to object to data related to them end-users that are legal persons the means being included in directories. The to verify, correct and delete such data. operators shall give such end-users that are legal persons the option to verify, correct and delete such data. Natural persons who act with commercial intent, such as freelancers, small traders or self-emlyed persons, are equated to legal persons.
Or. en
Amendment 717 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment
3. The providers of publicly available 3. The providers of electronic directories shall provide end-users that are communications services shall provide legal persons with the possibility to object end-users that are legal persons with the to data related to them being included in possibility to object to data related to them the directory. Providers shall give such being included in the directory. Providers end-users that are legal persons the means shall give such end-users that are legal to verify, correct and delete such data. persons the means to verify, correct and delete such data. Natural persons who act with commercial intent, such as freelancers, small traders or self- employed persons, are equated to legal persons.
Or. en
Amendment 718 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment 3. The providers of publicly available 3. The providers electronic directories shall provide end-users that are information, communication and legal persons with the possibility to object telecommunication services shall provide to data related to them being included in end-users that are legal persons or natural the directory. Providers shall give such persons acting in their business capacity end-users that are legal persons the means with the possibility to object to data related to verify, correct and delete such data. to them being included in the directory. Providers shall give such end-users that are legal persons the means to verify, correct, update, supplement and delete such data.
Or. en
Amendment 719 Marju Lauristin
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment
3. The providers of publicly available 3. The electronic communication directories shall provide end-users that are service providers shall provide end-users legal persons with the possibility to object that are legal persons with the possibility to to data related to them being included in object to data related to them being the directory. Providers shall give such included in the directory. Electronic end-users that are legal persons the means communication service Providers shall to verify, correct and delete such data. give such end-users that are legal persons the means to verify, correct and delete such data. Users who act with commercial intent shall be equated to legal persons.
Or. en
Amendment 720 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Brice Hortefeux, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment
3. The providers of publicly available 3. The providers of electronic directories shall provide end-users that are communication services or providers of legal persons with the possibility to object publicly available directories shall provide to data related to them being included in end-users that are legal persons with the the directory. Providers shall give such possibility to object to data related to them end-users that are legal persons the means being included in the directory. Providers to verify, correct and delete such data. shall give such end-users that are legal persons the means to verify, correct and delete such data.
Or. en
Amendment 721 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 15 – paragraph 3
Text proposed by the Commission Amendment
3. The providers of publicly available 3. The providers of publicly available directories shall provide end-users that are directories shall provide subscribers that legal persons with the possibility to object are legal persons with the possibility to to data related to them being included in object to data related to them being the directory. Providers shall give such included in the directory. Providers shall end-users that are legal persons the means give such subscribers that are legal persons to verify, correct and delete such data. the means to verify, correct and delete such data.
Or. en
Amendment 722 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Viviane Reding, Carlos Coelho, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 15 – paragraph 4
Text proposed by the Commission Amendment
4. The possibility for end-users not to 4. The possibility for end-users not to be included in a publicly available be included in a publicly available directory, or to verify, correct and delete directory, or to verify, correct and delete any data related to them shall be provided any data related to them shall be provided free of charge. free of charge and in an easily accessible manner by the party that collected the consent or directly from the provider of publicly available directory.
Or. en
Amendment 723 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 15 – paragraph 4
Text proposed by the Commission Amendment
4. The possibility for end-users not to 4. Without prejudice to Article 12(5) be included in a publicly available of Regulation (EU) 2016/679, the directory, or to verify, correct and delete information to the subscribers and the any data related to them shall be provided possibility for subscribers not to be free of charge. included in a publicly available directory, or to verify, correct and delete any data related to them shall be provided free of charge.
Or. en
Justification
GDPR Art. 12(5) already provides that exercising one’s rights shall be free of charge. e- Privacy however also applies to legal persons.
Amendment 724 Sophia in 't Veld
Proposal for a regulation Article 15 – paragraph 4
Text proposed by the Commission Amendment
4. The possibility for end-users not to 4. The possibility for end-users not to be included in a publicly available be included in a publicly available directory, or to verify, correct and delete directory, or to verify, correct and delete any data related to them shall be provided any data related to them shall be provided free of charge. free of charge and in an easily accessible manner.
Or. en
Amendment 725 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 15 – paragraph 4
Text proposed by the Commission Amendment
4. The possibility for end-users not to 4. The possibility for end-users not to be included in a publicly available be included in a publicly available directory, or to verify, correct and delete directory, or to verify, correct, update, any data related to them shall be provided supplement and delete any data related to free of charge. them shall be provided free of charge.
Or. en
Amendment 726 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 15 – paragraph 4
Text proposed by the Commission Amendment
4. The possibility for end-users not to 4. The possibility for end-users not to be included in a publicly available be included in a publicly available directory, or to verify, correct and delete directory, or to verify, correct, update, any data related to them shall be provided supplement and delete any data related to free of charge. them shall be provided free of charge.
Or. en
Amendment 727 Sophia in 't Veld
Proposal for a regulation Article 15 – paragraph 4 a (new)
Text proposed by the Commission Amendment
4 a. Where the personal data of end- users who are natural persons have been included in a publicly available directory before this Regulation enters into force, and where acquiring consent would lay an unreasonable burden on the directory or originating service provider, the personal data of such end-users may remain included in a publicly available directory, including versions with search functions, unless the end-users have expressed their manifest objection against their data being included in the directory or against available search functions related to their data.
Or. en
Justification
Transitional provision.
Amendment 728 Marju Lauristin
Proposal for a regulation Article 15 – paragraph 4 a (new)
Text proposed by the Commission Amendment
4 a. Where the personal data of the users of number- based interpersonal communications services have been included in a publicly available directory before this Regulation enters into force, the personal data of such users may remain included in a publicly available directory, including versions with search functions, unless the users have expressed their objection against their data being included in the directory or against available search functions related to their data.
Or. en
Amendment 729 Daniel Dalton, John Procter
Proposal for a regulation Article 15 – paragraph 4 a (new)
Text proposed by the Commission Amendment
4 a. The provisions of paragraphs 1 to 4 shall not apply to data and information published in other publicly accessible sources and data provided by end-users themselves.
Or. en
Amendment 730 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 15 – paragraph 4 a (new)
Text proposed by the Commission Amendment
4 a. The provisions of paragraphs 1 to 4 shall not apply to data and information published in other publicly accessible sources and data provided by end-users themselves.
Or. en
Amendment 731 Pál Csáky
Proposal for a regulation Article 15 – paragraph 4 a (new)
Text proposed by the Commission Amendment
4 a. This article shall not apply to data information published in other publicly accessible sources, nor to data which are provided by end-users themselves.
Or. en
Amendment 732 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 15 – paragraph 4 b (new)
Text proposed by the Commission Amendment 4 b. Any undertaking which provides publicly accessible information, communication or telecommunication services and which issues or uses telephone numbers, user names or other means of user identification shall be required, upon request and with due regard for provisions relating to data protection, to make the participants' data available to any undertaking which provides or operates directory or information services, in order to provide publicly accessible directory or information services. The data shall be communicated immediately and in a non- discriminatory manner.
Or. en
Amendment 733 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 16
Text proposed by the Commission Amendment
Article 16 deleted Unsolicited communications 1. Natural or legal persons may use electronic communications services for the purposes of sending direct marketing communications to end-users who are natural persons that have given their consent. 2. Where a natural or legal person obtains electronic contact details for electronic mail from its customer, in the context of the sale of a product or a service, in accordance with Regulation (EU) 2016/679, that natural or legal person may use these electronic contact details for direct marketing of its own similar products or services only if customers are clearly and distinctly given the opportunity to object, free of charge and in an easy manner, to such use. The right to object shall be given at the time of collection and each time a message is sent. 3. Without prejudice to paragraphs 1 and 2, natural or legal persons using electronic communications services for the purposes of placing direct marketing calls shall: (a) present the identity of a line on which they can be contacted; or (b) present a specific code/or prefix identifying the fact that the call is a marketing call. 4. Notwithstanding paragraph 1, Member States may provide by law that the placing of direct marketing voice-to-voice calls to end-users who are natural persons shall only be allowed in respect of end-users who are natural persons who have not expressed their objection to receiving those communications. 5. Member States shall ensure, in the framework of Union law and applicable national law, that the legitimate interest of end-users that are legal persons with regard to unsolicited communications sent by means set forth under paragraph 1 are sufficiently protected. 6. Any natural or legal person using electronic communications services to transmit direct marketing communications shall inform end-users of the marketing nature of the communication and the identity of the legal or natural person on behalf of whom the communication is transmitted and shall provide the necessary information for recipients to exercise their right to withdraw their consent, in an easy manner, to receiving further marketing communications. 7. The Commission shall be empowered to adopt implementing measures in accordance with Article 26(2) specifying the code/or prefix to identify marketing calls, pursuant to point (b) of paragraph 3. Or. en
Justification
Article 16 of the proposal for a regulation deals with direct marketing aspects without making any direct link to communications data or end-user terminal equipment. This provision is concerned with the law on advertising and consumer protection, matters which should be governed by a substantively appropriate EU legal instrument. Directive 2005/29/EC (Directive on unfair business practices) would be a more appropriate legal instrument here.
Amendment 734 Marju Lauristin
Proposal for a regulation Article 16 – paragraph 1
Text proposed by the Commission Amendment
1. Natural or legal persons may use 1. The use by natural or legal persons electronic communications services for the of electronic communications services, purposes of sending direct marketing including automated calling, communications to end-users who are communications systems, semi-automated natural persons that have given their systems that connect the call person to an consent. individual, faxes, e-mail or other use of electronic communications services for the purposes of presenting unsolicited or direct marketing communications to end- users, shall be allowed only in respect of end-users who have given their prior consent.
Or. en
Amendment 735 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 16 – paragraph 1
Text proposed by the Commission Amendment
1. Natural or legal persons may use 1. The use by natural or legal persons electronic communications services for the of electronic communications networks for purposes of sending direct marketing the purposes of sending, directing or communications to end-users who are presenting direct marketing natural persons that have given their communications to end-users who are consent. natural persons may be allowed only in respect of end- users who have given their prior consent.
Or. en
Amendment 736 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 16 – paragraph 1
Text proposed by the Commission Amendment
1. Natural or legal persons may use 1. Natural or legal persons may use electronic communications services for the electronic communications services for the purposes of sending direct marketing purposes of presenting or sending communications to end-users who are unsolicited or direct marketing natural persons that have given their communications to subscribers who are consent. natural persons only if these have given their explicit consent.
Or. en
Justification
Based on the German Act Against Unfair Competition, which stipulates prior explicit consent for advertising by means of a voice-to-voice call or advertising using automated calling machines, faxes or e-mails.
Amendment 737 Cornelia Ernst
Proposal for a regulation Article 16 – paragraph 1
Text proposed by the Commission Amendment
1. Natural or legal persons may use 1. Natural or legal persons may use electronic communications services for the electronic communications services for the purposes of sending direct marketing purposes of presenting or sending communications to end-users who are unsolicited or direct marketing natural persons that have given their communications to subscribers who are consent. natural persons only if these have given their explicit consent.
Or. en
Amendment 738 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 16 – paragraph 2
Text proposed by the Commission Amendment
2. Where a natural or legal person 2. Where a natural or legal person obtains electronic contact details for obtains electronic contact details for electronic mail from its customer, in the electronic mail from its customer, in the context of the sale of a product or a context of the sale of a product or a service, in accordance with Regulation service, in accordance with Regulation (EU) 2016/679, that natural or legal person (EU) 2016/679, that natural or legal person may use these electronic contact details for may use these electronic contact details for direct marketing of its own similar direct marketing of its own similar products or services only if customers are products or services only if customers are clearly and distinctly given the opportunity clearly and distinctly given the opportunity to object, free of charge and in an easy to object, free of charge and in an easy manner, to such use. The right to object manner, to such use. The customer shall be shall be given at the time of collection and informed about the right to object and each time a message is sent. shall be given an easy way to exercise it at the time of collection and each time a message is sent.
Or. en
Amendment 739 Monica Macovei, Barbara Spinelli
Proposal for a regulation Article 16 – paragraph 2
Text proposed by the Commission Amendment
2. Where a natural or legal person 2. Where a natural or legal person obtains electronic contact details for obtains electronic contact details for electronic mail from its customer, in the electronic mail from its customer, in the context of the sale of a product or a context of the sale of a product or a service, in accordance with Regulation service, in accordance with Regulation (EU) 2016/679, that natural or legal person (EU) 2016/679, that natural or legal person may use these electronic contact details for may use these electronic contact details for direct marketing of its own similar direct marketing of its own similar products or services only if customers are products or services for a period of no clearly and distinctly given the opportunity more than 12 months only if customers are to object, free of charge and in an easy clearly and distinctly given the opportunity manner, to such use. The right to object to object, free of charge and in an easy shall be given at the time of collection and manner, to such use. The right to object each time a message is sent. shall be given at the time of collection and each time a message is sent.
Or. en
Amendment 740 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 16 – paragraph 2
Text proposed by the Commission Amendment
2. Where a natural or legal person 2. Where a natural or legal person obtains electronic contact details for obtains electronic contact details for electronic mail from its customer, in the electronic mail or phone number from its context of the sale of a product or a customer, in the context of the sale of a service, in accordance with Regulation product or a service, in accordance with (EU) 2016/679, that natural or legal person Regulation (EU) 2016/679, that natural or may use these electronic contact details for legal person may use these electronic direct marketing of its own similar contact details for direct marketing of its products or services only if customers are own products or services only if customers clearly and distinctly given the opportunity are clearly and distinctly given the to object, free of charge and in an easy opportunity to object, free of charge and in manner, to such use. The right to object an easy manner, to such use. The right to shall be given at the time of collection and object shall be given at the time of each time a message is sent. collection and each time a message is sent.
Or. en
Amendment 741 Anna Maria Corazza Bildt
Proposal for a regulation Article 16 – paragraph 2
Text proposed by the Commission Amendment
2. Where a natural or legal person 2. Where a natural or legal person obtains electronic contact details for obtains electronic contact details for electronic mail from its customer, in the electronic mail from its customer, in the context of the sale of a product or a context of the sale of a product or a service, in accordance with Regulation service, in accordance with Regulation (EU) 2016/679, that natural or legal person (EU) 2016/679, that natural or legal person may use these electronic contact details for may use these electronic contact details for direct marketing of its own similar direct marketing of its own products or products or services only if customers are services only if customers are clearly and clearly and distinctly given the opportunity distinctly given the opportunity to object, to object, free of charge and in an easy free of charge and in an easy manner, to manner, to such use. The right to object such use. The right to object shall be given shall be given at the time of collection and at the time of collection and each time a each time a message is sent. message is sent.
Or. en
Amendment 742 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 16 – paragraph 2
Text proposed by the Commission Amendment
2. Where a natural or legal person 2. Where a natural or legal person obtains electronic contact details for obtains electronic contact details for electronic mail from its customer, in the electronic mail from its customer, in the context of the sale of a product or a context of the sale of a product or a service, in accordance with Regulation service, in accordance with Regulation (EU) 2016/679, that natural or legal person (EU) 2016/679, that natural or legal person may use these electronic contact details for may use these electronic contact details for direct marketing of its own similar direct marketing of its own products or products or services only if customers are services only if customers are clearly and clearly and distinctly given the opportunity distinctly given the opportunity to object, to object, free of charge and in an easy free of charge and in an easy manner, to manner, to such use. The right to object such use. The right to object shall be given shall be given at the time of collection and at the time of collection and each time a each time a message is sent. message is sent.
Or. en
Amendment 743 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 16 – paragraph 3 – introductory part
Text proposed by the Commission Amendment
3. Without prejudice to paragraphs 1 3. Without prejudice to paragraphs 1 and 2, natural or legal persons using and 2, natural or legal persons using electronic communications services for the electronic communications services for the purposes of placing direct marketing calls purposes of placing direct marketing calls shall: shall present the identity of a line on which they can be contacted; or present a specific code/or prefix identifying the fact that the call is a marketing call.
Or. en
Amendment 744 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 16 – paragraph 3 – introductory part
Text proposed by the Commission Amendment
3. Without prejudice to paragraphs 1 3. Without prejudice to paragraphs 1 and 2, natural or legal persons using and 2, natural or legal persons using electronic communications services for the electronic communications services for the purposes of placing direct marketing calls purposes of placing direct marketing calls shall: shall present the identity of a line on which the can be contacted.
Or. en
Amendment 745 Daniel Dalton, Helga Stevens, John Procter
Proposal for a regulation Article 16 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) present the identity of a line on deleted which they can be contacted; or
Or. en
Amendment 746 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 16 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) present the identity of a line on deleted which they can be contacted; or
Or. en
Amendment 747 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 16 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) present the identity of a line on (a) present the identity of a line on which they can be contacted; or which they can be contacted; and
Or. en
Amendment 748 Sophia in 't Veld
Proposal for a regulation Article 16 – paragraph 3 – point a
Text proposed by the Commission Amendment
(a) present the identity of a line on (a) present the identity of a line on which they can be contacted; or which they can be contacted; and
Or. en
Amendment 749 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 16 – paragraph 3 – point b
Text proposed by the Commission Amendment
(b) present a specific code/or prefix deleted identifying the fact that the call is a marketing call. Or. en
Amendment 750 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 16 – paragraph 3 – point b
Text proposed by the Commission Amendment
(b) present a specific code/or prefix deleted identifying the fact that the call is a marketing call.
Or. en
Amendment 751 Sophia in 't Veld
Proposal for a regulation Article 16 – paragraph 3 a (new)
Text proposed by the Commission Amendment
3 a. The masking of the identity and the use of false identities, false return addresses or numbers while sending unsolicited communications for direct marketing purposes is prohibited.
Or. en
Amendment 752 Cornelia Ernst
Proposal for a regulation Article 16 – paragraph 4
Text proposed by the Commission Amendment
4. Notwithstanding paragraph 1, deleted Member States may provide by law that the placing of direct marketing voice-to- voice calls to end-users who are natural persons shall only be allowed in respect of end-users who are natural persons who have not expressed their objection to receiving those communications.
Or. en
Amendment 753 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 16 – paragraph 4
Text proposed by the Commission Amendment
4. Notwithstanding paragraph 1, deleted Member States may provide by law that the placing of direct marketing voice-to- voice calls to end-users who are natural persons shall only be allowed in respect of end-users who are natural persons who have not expressed their objection to receiving those communications.
Or. en
Justification
We should prohibit all direct marketing cold calls to natural persons across the EU and not only leave it to the Member States to introduce a Robinson List or a consent requirement. See also paragraph 5, where parts of this paragraph were moved for legal persons.
Amendment 754 Monica Macovei, Marian-Jean Marinescu, Barbara Spinelli
Proposal for a regulation Article 16 – paragraph 4
Text proposed by the Commission Amendment
4. Notwithstanding paragraph 1, 4. Notwithstanding paragraph 1, Member States may provide by law that the Member States may provide by law that the placing of direct marketing voice-to-voice placing of direct marketing voice-to-voice calls to end-users who are natural persons calls to end-users who are natural persons shall only be allowed in respect of end- shall only be allowed in respect of end- users who are natural persons who have not users who are natural persons who have not expressed their objection to receiving those expressed their objection to receiving those communications. communications. Member States availing of this exception shall establish a national "Do Not Call" register and provide by law that end-users who are natural persons can object to all future direct marketing voice-to-voice calls by registering in the national "Do Not Call" register.
Or. en
Amendment 755 Marju Lauristin
Proposal for a regulation Article 16 – paragraph 4
Text proposed by the Commission Amendment
4. Notwithstanding paragraph 1, 4. Notwithstanding paragraph 1, Member States may provide by law that the Member States may provide by law that the placing of direct marketing voice-to-voice placing of direct marketing voice-to-voice calls to end-users who are natural persons calls to end-users who are natural persons shall only be allowed in respect of end- shall only be allowed in respect of end- users who are natural persons who have not users who are natural persons who have not expressed their objection to receiving those expressed their objection to receiving those communications. communications. Member States shall provide that users can object to receiving the direct marketing voice-to-voice calls via a national Do Not Call Register, thereby also ensuring that the user needs to opt- out only once.
Or. en
Amendment 756 Sophia in 't Veld
Proposal for a regulation Article 16 – paragraph 4
Text proposed by the Commission Amendment
4. Notwithstanding paragraph 1, 4. Notwithstanding paragraph 1, the Member States may provide by law that placing of direct marketing voice-to-voice the placing of direct marketing voice-to- calls to end-users who are natural persons voice calls to end-users who are natural shall only be allowed in respect of end- persons shall only be allowed in respect of users who are natural persons who have not end-users who are natural persons who have not expressed their objection to expressed their objection to receiving those receiving those communications. communications.
Or. en
Amendment 757 Sophia in 't Veld
Proposal for a regulation Article 16 – paragraph 4 a (new)
Text proposed by the Commission Amendment
4 a. Service providers of electronic communications services enabling marketing calls referred to in Article 16(3) shall provide new subscribers with the choice to either accept marketing calls with the designated prefix or to automatically block such calls.
Or. en
Amendment 758 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 16 – paragraph 5
Text proposed by the Commission Amendment
5. Member States shall ensure, in the 5. Member States shall ensure, in the framework of Union law and applicable framework of Union law and applicable national law, that the legitimate interest of national law, that the legitimate interest of end-users that are legal persons with subscribers that are legal persons with regard to unsolicited communications sent regard to unsolicited communications sent by means set forth under paragraph 1 are to them by means set forth under paragraph sufficiently protected. 1 are sufficiently protected. Member States shall specifically provide that the placing of direct marketing voice-to-voice calls to subscribers who are legal persons shall only be allowed in respect of subscribers who have not expressed their objection or have consented to receiving those communications. Member States shall provide that subscribers can object to receiving the unsolicited communications via a national Do Not Call Register, thereby also ensuring that the user is only required to opt out once.
Or. en
Justification
Moved parts of the provisions in paragraph 4 here, where it is limited to subscribers that are legal persons. Here, the Member States can have a certain leeway.
Amendment 759 Monica Macovei, Marian-Jean Marinescu, Barbara Spinelli
Proposal for a regulation Article 16 – paragraph 6
Text proposed by the Commission Amendment
6. Any natural or legal person using 6. Any natural or legal person using electronic communications services to electronic communications services to transmit direct marketing communications transmit direct marketing communications shall inform end-users of the marketing shall inform end-users of the marketing nature of the communication and the nature of the communication and the identity of the legal or natural person on identity of the legal or natural person on behalf of whom the communication is behalf of whom the communication is transmitted and shall provide the necessary transmitted and shall provide the necessary information for recipients to exercise their information for recipients to exercise their right to withdraw their consent, in an easy right to withdraw their consent, in an easy manner, to receiving further marketing manner and free of charge, to receiving communications. further marketing communications. Any use of masked sender identities, false contact information or false return addresses or numbers for direct marketing purposes shall be prohibited.
Or. en
Amendment 760 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 16 – paragraph 6
Text proposed by the Commission Amendment 6. Any natural or legal person using 6. Any natural or legal person using electronic communications services to electronic communications services to transmit direct marketing communications transmit direct marketing communications shall inform end-users of the marketing shall clearly and visibly inform subscribers nature of the communication and the of the marketing nature of the identity of the legal or natural person on communication and the identity of the legal behalf of whom the communication is or natural person transmitting the transmitted and shall provide the necessary communication and on behalf of whom information for recipients to exercise their the communication is transmitted and shall right to withdraw their consent, in an easy provide the necessary information and manner, to receiving further marketing means for recipients to exercise their right communications. to withdraw their consent or to object, in an easy manner, to receiving further marketing communications.
Or. en
Justification
Incorporates LIBE AM 110 Rapporteur (new paragraph 3a) here in order to avoid duplication.
Amendment 761 Sophia in 't Veld
Proposal for a regulation Article 16 – paragraph 6
Text proposed by the Commission Amendment
6. Any natural or legal person using 6. Any natural or legal person using electronic communications services to electronic communications services to transmit direct marketing communications transmit direct marketing communications shall inform end-users of the marketing shall inform end-users of the marketing nature of the communication and the nature of the communication and the identity of the legal or natural person on identity of the legal or natural person on behalf of whom the communication is behalf of whom the communication is transmitted and shall provide the necessary transmitted and shall provide the necessary information for recipients to exercise their information for recipients to exercise their right to withdraw their consent, in an easy right to withdraw their consent, in an easy manner, to receiving further marketing manner and free of charge, to receiving communications. further marketing communications.
Or. en
Amendment 762 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 16 – paragraph 7
Text proposed by the Commission Amendment
7. The Commission shall be deleted empowered to adopt implementing measures in accordance with Article 26(2) specifying the code/or prefix to identify marketing calls, pursuant to point (b) of paragraph 3.
Or. en
Amendment 763 Daniel Dalton, John Procter, Helga Stevens
Proposal for a regulation Article 16 – paragraph 7
Text proposed by the Commission Amendment
7. The Commission shall be deleted empowered to adopt implementing measures in accordance with Article 26(2) specifying the code/or prefix to identify marketing calls, pursuant to point (b) of paragraph 3.
Or. en
Amendment 764 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 16 – paragraph 7
Text proposed by the Commission Amendment
7. The Commission shall be 7. The Commission shall be empowered to adopt implementing empowered to adopt implementing measures in accordance with Article 26(2) measures in accordance with Article 26(2) specifying the code/or prefix to identify specifying the code or prefix to identify marketing calls, pursuant to point (b) of marketing calls, pursuant to point (b) of paragraph 3. paragraph 3. Or. en
Amendment 765 Axel Voss, Heinz K. Becker, Brice Hortefeux
Proposal for a regulation Article 17
Text proposed by the Commission Amendment
Article 17 deleted Information about detected security risks In the case of a particular risk that may compromise the security of networks and electronic communications services, the provider of an electronic communications service shall inform end-users concerning such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform end-users of any possible remedies, including an indication of the likely costs involved.
Or. en
Justification
Article 34 of Regulation (EU) No 2016/679, Article 40 of the European Electronic Communications Code (COM(2016) 590 final) and the Directive concerning measures for a high common level of security of network and information systems across the Union (EU 2016/1148) are adequate legal instruments containing information about recognised security risks.
Amendment 766 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 17
Text proposed by the Commission Amendment
Article 17 deleted Information about detected security risks In the case of a particular risk that may compromise the security of networks and electronic communications services, the provider of an electronic communications service shall inform end-users concerning such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform end-users of any possible remedies, including an indication of the likely costs involved.
Or. en
Amendment 767 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 17 – title
Text proposed by the Commission Amendment
Information about detected security risks Integrity of the communications and information about security risks
Or. en
Amendment 768 Daniel Dalton, John Procter
Proposal for a regulation Article 17 – title
Text proposed by the Commission Amendment
Information about detected security risks Information about security risks and personal data breaches
Or. en
Amendment 769 Michał Boni, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 17 – title
Text proposed by the Commission Amendment Information about detected security risks Security obligations
Or. en
Amendment 770 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 17 – paragraph 1
Text proposed by the Commission Amendment
In the case of a particular risk that may deleted compromise the security of networks and electronic communications services, the provider of an electronic communications service shall inform end-users concerning such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform end-users of any possible remedies, including an indication of the likely costs involved.
Or. en
Amendment 771 Cornelia Ernst
Proposal for a regulation Article 17 – paragraph 1
Text proposed by the Commission Amendment
In the case of a particular risk that may deleted compromise the security of networks and electronic communications services, the provider of an electronic communications service shall inform end-users concerning such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform end-users of any possible remedies, including an indication of the likely costs involved.
Or. en
Amendment 772 Emilian Pavel
Proposal for a regulation Article 17 – paragraph 1
Text proposed by the Commission Amendment
In the case of a particular risk that may deleted compromise the security of networks and electronic communications services, the provider of an electronic communications service shall inform end-users concerning such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform end-users of any possible remedies, including an indication of the likely costs involved.
Or. en
Amendment 773 Michał Boni, Frank Engel, Tomáš Zdechovský, Rachida Dati, Brice Hortefeux, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 17 – paragraph 1
Text proposed by the Commission Amendment
In the case of a particular risk that may Provider of electronic communication compromise the security of networks and services shall comply with the security electronic communications services, the obligations as prescribed Regulation (EU) provider of an electronic communications 2016/679 and [European Electronic service shall inform end-users concerning Communications Code]. such risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform end-users of any possible remedies, including an indication of the likely costs involved.
Or. en
Amendment 774 Daniel Dalton, John Procter
Proposal for a regulation Article 17 – paragraph 1
Text proposed by the Commission Amendment
In the case of a particular risk that may In the case of a particular risk that may compromise the security of networks and compromise the security of networks and electronic communications services, the electronic communications services or of a provider of an electronic communications personal data breach, Article 40 of service shall inform end-users concerning [Electronic Communications Code] and such risk and, where the risk lies outside Article 34 of Regulation (EU) 2016/679 the scope of the measures to be taken by shall apply. the service provider, inform end-users of any possible remedies, including an indication of the likely costs involved.
Or. en
Amendment 775 Sophia in 't Veld
Proposal for a regulation Article 17 – paragraph 1
Text proposed by the Commission Amendment
In the case of a particular risk that may In the case of a particular risk that may compromise the security of networks and compromise the security of networks, electronic communications services, the electronic communications services, provider of an electronic communications information society services, hardware or service shall inform end-users concerning software, the relevant provider or such risk and, where the risk lies outside manufacturer shall inform all end-users of the scope of the measures to be taken by such a risk and, where the risk lies outside the service provider, inform end-users of the scope of the measures to be taken by any possible remedies, including an the service provider, inform subscribers of indication of the likely costs involved. any possible remedies.
Or. en
Amendment 776 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 17 – paragraph 1 a (new)
Text proposed by the Commission Amendment Providers of electronic communications services shall ensure that there is sufficient protection in place against unauthorised access or alterations to the electronic communications data, and that the confidentiality and integrity of the communication in transmission or stored are also guaranteed by technical measures according to the state of the art, including end-to-end encryption of the electronic communications data. When encryption of electronic communications data is used, decryption by anybody else than the user shall be prohibited. Member States shall not impose any obligations on electronic communications service providers or on hardware or software manufacturers that would result in the weakening of the confidentiality and integrity of their networks and services of the terminal equipment, including the encryption methods used.
Or. en
Justification
Based on LIBE rapporteur AM 116.
Amendment 777 Cornelia Ernst
Proposal for a regulation Article 17 – paragraph 1 a (new)
Text proposed by the Commission Amendment
The providers of electronic communications services shall ensure that there is sufficient protection in place against unauthorised access or alterations to the electronic communications data, and that the confidentiality and safety of the transmission are also guaranteed by the nature of the means of transmission used or by state-of-the-art end-to-end encryption of the electronic communications data. Furthermore, when encryption of electronic communications data is used, decryption, reverse engineering or monitoring of such communications shall be prohibited. Member States shall not impose any obligations on electronic communications service providers that would result in the weakening of the security and encryption of their networks and services.
Or. en
Amendment 778 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 17 – paragraph 1 b (new)
Text proposed by the Commission Amendment
Providers of electronic communications services, providers of information society services, and manufacturers of hardware and software permitting the retrieval and presentation of information on the internet shall not use any means, no matter if technical, operational, or by terms of use or by contracts, that could prevent users and subscribers from applying the best available techniques against intrusions and interceptions and to secure their networks, terminal equipment and electronic communications. Breaking, decrypting, restricting or circumventing such measure taken by users or subscribers shall be prohibited.
Or. en
Justification
The users should always be able to protect their own security by any means available to them.
Amendment 779 Cornelia Ernst
Proposal for a regulation Article 17 – paragraph 1 b (new)
Text proposed by the Commission Amendment
In the case of a particular risk that may compromise the security of networks and electronic communications services, the relevant provider of an electronic communications service shall inform end- users of such a risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform end-users of any possible remedies.
Or. en
Amendment 780 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 17 – paragraph 1 c (new)
Text proposed by the Commission Amendment
In the case of a particular risk that may compromise the security of networks, electronic communications services, information society services, hardware or software, the relevant provider or manufacturer shall inform all subscribers of such a risk and, where the risk lies outside the scope of the measures to be taken by the service provider, inform subscribers of any possible remedies. It shall also inform the relevant manufacturer and service provider.
Or. en
Justification
Based on LIBE AM 117 rapporteur, added manufacturer.
Amendment 781 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 17 – paragraph 1 d (new)
Text proposed by the Commission Amendment
As regards the security of networks and services and related security obligations, the obligations of Article 40 of the [European Electronic Communications Code] shall apply mutatis mutandis to all services in the scope of this Regulation.
Or. en
Amendment 782 Jan Philipp Albrecht, Judith Sargentini, Viviane Reding
Proposal for a regulation Article 17 – paragraph 1 e (new)
Text proposed by the Commission Amendment
This Article shall be without prejudice to the obligations provided for in Articles 32 to 34 of Regulation (EU) 2016/679 and the obligations provided for in Directive (EU) 2016/1148.
Or. en
Justification
Security obligations and breach notifications under the GDPR and the general obligations under the NIS Directive of course shall remain applicable.
Amendment 783 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 18 – paragraph 1
Text proposed by the Commission Amendment
1. The independent supervisory 1. The independent supervisory authority or authorities responsible for authority or authorities responsible for monitoring the application of Regulation monitoring the application of Regulation (EU) 2016/679 shall also be responsible for (EU) 2016/679 shall also be responsible for monitoring the application of this monitoring the application of this Regulation. Chapter VI and VII of Regulation. Chapter VI and VII of Regulation (EU) 2016/679 shall apply Regulation (EU) 2016/679 shall apply mutatis mutandis. The tasks and powers of mutatis mutandis. Where Regulation (EU) the supervisory authorities shall be 2016/679 refers to data subjects, the tasks exercised with regard to end-users. and powers of the supervisory authorities shall be exercised with regard to users and subscribers under this Regulation. Where Regulation (EU) 2016/679 refers to data controllers, the tasks and powers of the supervisory authorities shall be exercised with regard to providers of electronic communications services and information society services, and manufacturers of hardware and software under this Regulation.
Or. en
Justification
Clarification about which entities in this Regulation relate to which entities under the GDPR.
Amendment 784 Elissavet Vozemberg-Vrionidi, Kostas Chrysogonos, Miltiadis Kyrkos
Proposal for a regulation Article 18 – paragraph 1
Text proposed by the Commission Amendment
1. The independent supervisory 1. Each Member State shall provide authority or authorities responsible for for one or more independent public monitoring the application of Regulation authorities to be responsible for (EU) 2016/679 shall also be responsible monitoring the application of this for monitoring the application of this Regulation. Regulation. Chapter VI and VII of Regulation (EU) 2016/679 shall apply mutatis mutandis. The tasks and powers of the supervisory authorities shall be exercised with regard to end-users.
Or. en
Justification
The present wording of Article 18(1) does not take into consideration the constitutional identity of all Member States. It is indicative that the Hellenic Constitution (HC) pursuant to its Article 19 par 2 calls for the establishment of an independent authority with the mission to ensure the confidentiality of mail and all other forms of free correspondence or communication. This provision has been implemented with the establishment of the Hellenic Authority for Communication Security and Privacy (ADAE). On the other hand Article 9A HC calls for the establishment of the Hellenic Data Protection Authority, which has the task to protect personal data. As a result, the present wording of Article 18(1) would lead to a repeal of Article 19 HC. This is why the present wording of Article 18(1) shall be modified.
Amendment 785 Gérard Deprez, Morten Løkkegaard, Jean-Marie Cavada, Petr Ježek, Louis Michel, Pavel Telička
Proposal for a regulation Article 18 – paragraph 1
Text proposed by the Commission Amendment
1. The independent supervisory 1. Each member state shall authority or authorities responsible for determine which relevant supervisory monitoring the application of Regulation authority should be responsible for (EU) 2016/679 shall also be responsible monitoring the application of this for monitoring the application of this Regulation. Chapter VI and VII of Regulation. Chapter VI and VII of Regulation (EU) 2016/679 shall apply Regulation (EU) 2016/679 shall apply mutatis mutandis. The tasks and powers of mutatis mutandis. The tasks and powers of the supervisory authorities shall be the supervisory authorities shall be exercised with regard to end-users. exercised with regard to end-users.
Or. en
Amendment 786 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 18 – paragraph 2
Text proposed by the Commission Amendment
2. The supervisory authority or 2. The supervisory authority or authorities referred to in paragraph 1 shall authorities referred to in paragraph 1 shall cooperate whenever appropriate with cooperate whenever appropriate with national regulatory authorities established national regulatory authorities established pursuant to the [Directive Establishing the pursuant to the [Directive Establishing the European Electronic Communications European Electronic Communications Code]. Code], and vice versa.
Or. en
Amendment 787 Elissavet Vozemberg-Vrionidi, Kostas Chrysogonos, Miltiadis Kyrkos
Proposal for a regulation Article 18 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. Where more than one supervisory authority is established in a Member State, each authority is represented to the European Data Protection Board to the extent of its respective competence, and the Member State shall set out the mechanism to ensure compliance by the other authorities with the rules relating to the consistency mechanism.
Or. en
Justification
With regard to recital 38 of the Preamble of the proposed Regulation, and in order to ensure the more effective protection and confidentiality, Member States should be able to have more than one supervisory authority for the implementation of the present Regulation, in accordance with their constitutional and administrative structure, and to extent of each authotity's respective competence. This is in line with the provisions of the proposed Regulation, which, inter alia, lays down the rules relating to the protection of electronic communications data conveyed through publicly available communications channels, which, as it is recognized in recital 4 of the Preamble, do not necessarily include personal data.. Hence, Member States should be able to set out the mechanism to ensure compliance by the other authorities with the rules relating to the consistency mechanism.
Amendment 788 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 19 – paragraph 1 – point b a (new)
Text proposed by the Commission Amendment
(b a) draw up guidelines for supervisory authorities concerning the application of Article 9(1) and the particularities of expression of consent by legal entities;
Or. en
Amendment 789 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 19 – paragraph 1 – point b b (new)
Text proposed by the Commission Amendment
(b b) issue guidelines, recommendations and best practices in accordance with point (b) of this paragraph for the purpose of further specifying the criteria and requirements for types of services that may be requested for purely individual or work-related usage as referred to in Article 6(3a);
Or. en
Amendment 790 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 19 – paragraph 1 – point b c (new)
Text proposed by the Commission Amendment
(b c) issue guidelines, recommendations and best practices in accordance with point (b) of this paragraph for the purpose of further specifying the criteria and requirements for: (i) security updates referred to in Article 8(1)(e); (ii) the interference in the context of employment relationships referred to in Article 8(1)(f); (iv) the processing of information emitted by the terminal equipment referred to in Article 8(2)(c); (v) technical specifications and signalling methods that fulfil the conditions for consent and objection pursuant to Article 8(2a). (vi) software settings referred to in Article 10(1) and (2); and (vii) technical measures to ensure confidentiality and integrity of the communication pursuant to Article 17(1).
Or. en
Amendment 791 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 21 – paragraph 1
Text proposed by the Commission Amendment
1. Without prejudice to any other 1. Without prejudice to any other administrative or judicial remedy, every administrative or judicial remedy, every end-user of electronic communications user and subscriber of electronic services shall have the same remedies communications services and, where provided for in Articles 77, 78, and 79 of applicable, every body, organisation or Regulation (EU) 2016/679. association, shall have the same remedies provided for in Articles 77, 78, 79, and 80 of Regulation (EU) 2016/679.
Or. en
Justification
Aligned with the GDPR
Amendment 792 Sophia in 't Veld
Proposal for a regulation Article 21 – paragraph 1
Text proposed by the Commission Amendment
1. Without prejudice to any other 1. Without prejudice to any other administrative or judicial remedy, every administrative or judicial remedy, every end-user of electronic communications end-user of electronic communications services shall have the same remedies services and, where applicable, every provided for in Articles 77, 78, and 79 of body, organization or association, shall Regulation (EU) 2016/679. have the same remedies provided for in Articles 77, 78, 79 and 80 of Regulation (EU) 2016/679.
Or. en
Amendment 793 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 21 – paragraph 2
Text proposed by the Commission Amendment
2. Any natural or legal person other deleted than end-users adversely affected by infringements of this Regulation and having a legitimate interest in the cessation or prohibition of alleged infringements, including a provider of electronic communications services protecting its legitimate business interests, shall have a right to bring legal proceedings in respect of such infringements.
Or. en
Justification
Articles 77, 78 and 79 of Regulation (EU) No 2016/679 regulate the right to lodge a complaint with a supervisory authority, the right to an effective judicial remedy against a supervisory authority and the right to an effective judicial remedy against a controller or processor, and therefore provide sufficiently for complaints.
Amendment 794 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 21 – paragraph 2
Text proposed by the Commission Amendment
2. Any natural or legal person other 2. Any natural or legal person other than end-users adversely affected by than users or subscribers adversely infringements of this Regulation and affected by infringements of this having a legitimate interest in the cessation Regulation and having a legitimate interest or prohibition of alleged infringements, in the cessation or prohibition of alleged including a provider of electronic infringements, including a provider of communications services protecting its electronic communications services legitimate business interests, shall have a protecting its legitimate business interests, right to bring legal proceedings in respect shall have a right to bring legal of such infringements. proceedings in respect of such infringements.
Or. en
Amendment 795 Sophia in 't Veld
Proposal for a regulation Article 21 – paragraph 2 a (new)
Text proposed by the Commission Amendment
2 a. End-users shall have the right to mandate a not-for-profit body, organisation or association to lodge the complaint on their behalf, to exercise the right referred to in paragraphs 1, 1a and 1b of this Article on their behalf, and to exercise the right to receive compensation referred to in Article 22 on their behalf. Such bodies, organisations or associations shall be properly constituted in accordance with the law of the Member State concerned, have statutory objectives which are in the public interest, and be active in the field of the protection of data subjects' rights and freedoms with regard to the protection of their personal data and the protection of privacy.
Or. en
Amendment 796 Sophia in 't Veld
Proposal for a regulation Article 21 – paragraph 2 b (new)
Text proposed by the Commission Amendment
2 b. Independently of an end-user's mandate, a body, organisation or association has the right to lodge a complaint with the supervisory authority which is competent pursuant to paragraph 1 and to exercise the rights referred to in paragraphs 1a and 1b if it considers that the rights of the end-user under this Regulation have been infringed.
Or. en
Amendment 797 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 22 – paragraph 1
Text proposed by the Commission Amendment
Any end-user of electronic Article 82 of Regulation (EU) 2016/679 communications services who has shall apply. suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the infringer for the damage suffered, unless the infringer proves that it is not in any way responsible for the event giving rise to the damage in accordance with Article 82 of Regulation (EU) 2016/679.
Or. en
Justification
Article 82 of Regulation (EU) No 2016/679 already regulates the issue of liability and the right to compensation. The article inserted in Article 22 of the proposal for a regulation extends and specifies Article 82 of Regulation (EU) No 2016/679 and makes this proposal lex specialis.
Amendment 798 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 22 – paragraph 1
Text proposed by the Commission Amendment
Any end-user of electronic Any user or subscriber of electronic communications services who has suffered communications services who has suffered material or non-material damage as a result material or non-material damage as a result of an infringement of this Regulation shall of an infringement of this Regulation shall have the right to receive compensation have the right to receive compensation from the infringer for the damage suffered, from the infringer for the damage suffered, unless the infringer proves that it is not in unless the infringer proves that it is not in any way responsible for the event giving any way responsible for the event giving rise to the damage in accordance with rise to the damage. Article 82 of Article 82 of Regulation (EU) 2016/679. Regulation (EU) 2016/679 shall apply mutatis mutandis also for subscribers which are legal persons.
Or. en
Justification
Needed to clarify that the damages provisions of the GDPR also apply for legal persons under the e-Privacy Regulation.
Amendment 799 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 23
Text proposed by the Commission Amendment
[...] deleted
Or. en
Justification
Article 83 of Regulation (EU) No 2016/679 regulates the general preconditions for the imposition of fines. The specification here amends Article 83 of Regulation (EU) No 2016/679 and creates a dual regime. This dual structure would hamper the correct application of the law by supervisory authorities and courts and lead to unfair treatment.
Amendment 800 Cornelia Ernst
Proposal for a regulation Article 23 – paragraph 2 – point a
Text proposed by the Commission Amendment
(a) the obligations of any legal or deleted natural person who process electronic communications data pursuant to Article 8; Or. en
Amendment 801 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 23 – paragraph 2 – point a
Text proposed by the Commission Amendment
(a) the obligations of any legal or deleted natural person who process electronic communications data pursuant to Article 8;
Or. en
Justification moved to paragraph 3
Amendment 802 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 23 – paragraph 2 – point a a (new)
Text proposed by the Commission Amendment
(a a) the obligations of the providers of electronic communications services for documentation, pursuant to Article 11c(1);
Or. en
Amendment 803 Cornelia Ernst
Proposal for a regulation Article 23 – paragraph 2 – point a a (new)
Text proposed by the Commission Amendment (a a) the obligations of providers pursuant to Article 11c;
Or. en
Amendment 804 Cornelia Ernst
Proposal for a regulation Article 23 – paragraph 2 – point b
Text proposed by the Commission Amendment
(b) the obligations of the provider of deleted software enabling electronic communications, pursuant to Article 10;
Or. en
Amendment 805 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 23 – paragraph 2 – point b
Text proposed by the Commission Amendment
(b) the obligations of the provider of deleted software enabling electronic communications, pursuant to Article 10;
Or. en
Justification moved to paragraph 3
Amendment 806 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 23 – paragraph 2 – point d a (new)
Text proposed by the Commission Amendment (d a) the obligations of the providers of publicly available number-based interpersonal communication services pursuant to Article 12, 13 and 14.
Or. en
Amendment 807 Cornelia Ernst
Proposal for a regulation Article 23 – paragraph 3
Text proposed by the Commission Amendment
3. Infringements of the principle of 3. Infringements of the following confidentiality of communications, provisions of this Regulation shall, in permitted processing of electronic accordance with paragraph 1, be subject to communications data, time limits for administrative fines up to 20 000 000 EUR, erasure pursuant to Articles 5, 6, and 7 or in the case of an undertaking, up to 4 % shall, in accordance with paragraph 1 of of the total worldwide annual turnover of this Article, be subject to administrative the preceding financial year, whichever is fines up to 20 000 000 EUR, or in the case higher: of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.
Or. en
Amendment 808 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 23 – paragraph 3
Text proposed by the Commission Amendment
3. Infringements of the principle of 3. Infringements of the following confidentiality of communications, provisions of this Regulation shall, in permitted processing of electronic accordance with paragraph 1, be subject to communications data, time limits for administrative fines up to 20 000 000 EUR, erasure pursuant to Articles 5, 6, and 7 or in the case of an undertaking, up to 4 % shall, in accordance with paragraph 1 of of the total worldwide annual turnover of this Article, be subject to administrative the preceding financial year, whichever is fines up to 20 000 000 EUR, or in the case higher: of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.
Or. en
Amendment 809 Cornelia Ernst
Proposal for a regulation Article 23 – paragraph 3 – subparagraph 1 (new)
Text proposed by the Commission Amendment
(a) the principle of confidentiality of communications pursuant to Article 5; (b) the permitted processing of electronic communications data, pursuant to Article 6, (c) the time limits for erasure and the confidentiality obligations pursuant to Article 7; (d) the obligations of any legal or natural person who process electronic communications data pursuant to Article 8; (e) the requirements for consent pursuant to Article 9; (f) the obligations of the provider of software or hardware enabling electronic communications, pursuant to Article 10; (g) the obligations of the providers of electronic communications services, of the providers of information society services, or of the manufacturers of hardware and software permitting the retrieval and presentation of information on the internet pursuant to Article 17.
Or. en
Amendment 810 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 23 – paragraph 3 – subparagraph 1 (new)
Text proposed by the Commission Amendment
(a) the principle of confidentiality of communications pursuant to Article 5; (b) the permitted processing of electronic communications data, pursuant to Article 6, (c) the time limits for erasure and the confidentiality obligations pursuant to Article 7; (d) the obligations of any legal or natural person who process electronic communications data pursuant to Article 8; (e) the requirements for consent pursuant to Article 9; (f) the obligations of the provider of software enabling electronic communications, pursuant to Article 10; (g) the obligations of the providers of electronic communications services, of the providers of information society services, or of the manufacturers of hardware and software permitting the retrieval and presentation of information on the internet pursuant to Article 17.
Or. en
Amendment 811 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 23 – paragraph 4
Text proposed by the Commission Amendment
4. Member States shall lay down the deleted rules on penalties for infringements of Articles 12, 13, 14, and 17.
Or. en Justification
Based on recommendations by EDPS and WP29. Covered by introduction of the references in this Article to ensure full harmonisation.
Amendment 812 Cornelia Ernst
Proposal for a regulation Article 23 – paragraph 4
Text proposed by the Commission Amendment
4. Member States shall lay down the deleted rules on penalties for infringements of Articles 12, 13, 14, and 17.
Or. en
Amendment 813 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 23 a (new)
Text proposed by the Commission Amendment
Article 23 a Article 83 of Regulation (EU) No 2016/679 shall apply.
Or. en
Justification
Article 83 of Regulation (EU) No 2016/679 regulates the general preconditions for the imposition of fines. The specification here amends Article 83 of Regulation (EU) No 2016/679 and creates a dual regime. This dual structure would hamper the correct application of the law by supervisory authorities and courts and lead to unfair treatment.
Amendment 814 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 24
Text proposed by the Commission Amendment
Article 24 deleted Penalties 1. Member States shall lay down the rules on other penalties applicable to infringements of this Regulation in particular for infringements which are not subject to administrative fines pursuant to Article 23, and shall take all measures necessary to ensure that they are implemented. Such penalties shall be effective, proportionate and dissuasive. 2. Each Member State shall notify to the Commission the provisions of its law which it adopts pursuant to paragraph 1, no later than 18 months after the date set forth under Article 29(2) and, without delay, any subsequent amendment affecting them.
Or. en
Justification
Article 84 of Regulation (EU) No 2016/679 regulates penalties. The specification here amends Article 84 of Regulation (EU) No 2016/679 and creates a dual regime. This dual structure would hamper the correct application of the law by supervisory authorities and courts and lead to unfair treatment.
Amendment 815 Axel Voss, Heinz K. Becker, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 24 a (new)
Text proposed by the Commission Amendment
Article 24 a Article 84 of Regulation (EU) No 2016/679 shall apply.
Or. en Justification
Article 84 of Regulation (EU) No 2016/679 regulates penalties. The specification here amends Article 84 of Regulation (EU) No 2016/679 and creates a dual regime. This dual structure would hamper the correct application of the law by supervisory authorities and courts and lead to unfair treatment.
Amendment 816 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 25
Text proposed by the Commission Amendment
Article 25 deleted Exercise of the delegation 1. The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article. 2. The power to adopt delegated acts referred to in Article 8(4) shall be conferred on the Commission for an indeterminate period of time from [the data of entering into force of this Regulation]. 3. The delegation of power referred to in Article 8(4) may be revoked at any time by the European Parliament or by the Council. A decision to revoke shall put an end to the delegation of the power specified in that decision. It shall take effect the day following the publication of the decision in the Official Journal of the European Union or at a later date specified therein. It shall not affect the validity of any delegated acts already in force. 4. Before adopting a delegated act, the Commission shall consult experts designated by each Member State in accordance with the principles laid down in the Inter-institutional Agreement on Better Law-Making of 13 April 2016. 5. As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council. 6. A delegated act adopted pursuant to Article 8(4) shall enter into force only if no objection has been expressed either by the European Parliament or the Council within a period of two months of notification of that act to the European Parliament and the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by two months at the initiative of the European Parliament or of the Council.
Or. en
Justification
The only delegated act is on privacy icons in Art. 8(4) of this proposal, which is already in the GDPR and therefore not needed.
Amendment 817 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 26 – paragraph 1
Text proposed by the Commission Amendment
1. The Commission shall be assisted 1. The Commission shall be assisted by the Communications Committee by the Committee established under Article established under Article 110 of the 93 of Regulation (EU) 2016/679. That [Directive establishing the European committee shall be a committee within the Electronic Communications Code]. That meaning of Regulation (EU) No committee shall be a committee within the 182/201129 . meaning of Regulation (EU) No 182/201129 . ______29 Regulation (EU) No 182/2011 of the 29 Regulation (EU) No 182/2011 of the European Parliament and of the Council of European Parliament and of the Council of 16 February 2011 laying down the rules 16 February 2011 laying down the rules and general principles concerning and general principles concerning mechanisms for control by Member States mechanisms for control by Member States of the Commission’s exercise of of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, implementing powers (OJ L 55, 28.2.2011, p. 13–18). p. 13–18).
Or. en
Amendment 818 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 27 – paragraph 1
Text proposed by the Commission Amendment
1. Directive 2002/58/EC is repealed 1. Directive 2002/58/EC is repealed with effect from 25 May 2018. with effect from [1 year after entering into force of this Regulation].
Or. en
Amendment 819 Jan Philipp Albrecht, Judith Sargentini
Proposal for a regulation Article 27 – paragraph 1
Text proposed by the Commission Amendment
1. Directive 2002/58/EC is repealed 1. Directive 2002/58/EC and with effect from 25 May 2018. Commission Regulation 611/2013 are repealed with effect from 25 May 2018.
Or. en
Justification
As breach notifications are now fully covered by the GDPR, the Commission Regulation on breach notifications, which is based on the old e-Privacy Directive, should also be repealed.
Amendment 820 Peter Kouroumbashev, Maria Grapini
Proposal for a regulation Article 27 – paragraph 1
Text proposed by the Commission Amendment
1. Directive 2002/58/EC is repealed 1. Directive 2002/58/EC is repealed with effect from 25 May 2018. with effect from 25 November 2018.
Or. en
Amendment 821 Anna Maria Corazza Bildt
Proposal for a regulation Article 27 – paragraph 1
Text proposed by the Commission Amendment
1. Directive 2002/58/EC is repealed 1. Directive 2002/58/EC is repealed with effect from 25 May 2018. with effect from [XXX]
Or. en
Amendment 822 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 28 – paragraph 1
Text proposed by the Commission Amendment
By 1 January 2018 at the latest, the By [the date of entry into force of this Commission shall establish a detailed Regulation] at the latest, the Commission programme for monitoring the shall establish a detailed programme for effectiveness of this Regulation. monitoring the effectiveness of this Regulation.
Or. en
Amendment 823 Brice Hortefeux, Rachida Dati
Proposal for a regulation Article 29 – paragraph 2 – subparagraph 1
Text proposed by the Commission Amendment It shall apply from 25 May 2018. It shall apply from [one year from the date of entry into force of this regulation].
Or. en
Amendment 824 Michał Boni, Roberta Metsola, Frank Engel, Tomáš Zdechovský, Carlos Coelho, Pál Csáky, Elissavet Vozemberg-Vrionidi
Proposal for a regulation Article 29 – paragraph 2 – subparagraph 1
Text proposed by the Commission Amendment
It shall apply from 25 May 2018. It shall apply from [1 year after entering into force of this Regulation].
Or. en
Amendment 825 Anna Maria Corazza Bildt
Proposal for a regulation Article 29 – paragraph 2 – subparagraph 1
Text proposed by the Commission Amendment
It shall apply from 25 May 2018. It shall apply 18 months following the entry into forces.
Or. en
Amendment 826 Peter Kouroumbashev, Maria Grapini
Proposal for a regulation Article 29 – paragraph 2 – subparagraph 1
Text proposed by the Commission Amendment
It shall apply from 25 May 2018. It shall apply from 25 November 2018.
Or. en
Amendment 827 Axel Voss, Heinz K. Becker
Proposal for a regulation Article 29 – paragraph 2 – subparagraph 1
Text proposed by the Commission Amendment
It shall apply from 25 May 2018. It shall apply from 25 May 2019.
Or. en
Justification
The regulation ought to apply from 25 May 2019 at the earliest, and, at the latest, from one year after the entry into force of the European Electronic Communications Code (COM(2016)590 final). This proposal and Regulation (EU) No 2016/679 ought indeed to enter into force in parallel, but businesses must be given a realistic time frame for adjustment, and the definition must be aligned with the European Electronic Communications Code.