Feeds

EU issues ultimatum on internet privacy

Behavioural targeting investigated

Beginner's guide to SSL certificates

The European Commission today delivered an ultimatum to internet firms - improve your approach to privacy online, or face a regulatory clampdown from Brussels.

Meglena Kuneva, the consumer affairs Commissioner, told a gathering of ISPs, major websites and advertising firms they are violating "basic consumer rights in terms of transparency, control and risk", through data collection and behavioural targeting.

"I want to send a warning signal today that we cannot afford foot dragging in this area," she said.

"If we fail to see an adequate response to consumers concerns on the issue of data collection and profiling, as a regulator, we will not shy away from our duties nor wait for a cataclysm to wake us up."

Officials are understood to be particularly concerned about ISPs' experiments using Deep Packet Inspection (DPI) technology to intercept and profile their customers' web use. The information society and media Commissioner Viviane Reding's department is still investigating the UK government's apparent failure to enforce European privacy law over BT and Phorm's secret trials of such a system in 2006 and 2007.

Kuneva's initiative will also address behavioural targeting and data collection by websites.

Google launched its own behavioural tracking network earlier this month, requiring consumers who do not want to be tracked to opt out. "We must establish the principles of transparency, clear language, opt-in or opt-out options that are meaningful and easy to use," Kuneva said. "I am talking about the right to have a stable contract and the right to withdraw."

She will tell delegates that to avoid regulation they must agree rules to protect consumers' rights, in line with existing legislation. The UK's Internet Advertising Bureau recently published behavioural advertising guidelines in an attempt to ward off regulation. Privacy activists were not satisfied, however, particularly with the guidelines' onus on consumers to opt out.

Proponents of behavioural targeting point to anonymising measures as a guarantee of privacy. Phorm identifies users only via a random token, but Kuneva will argue such steps do not completely mitigate privacy conerns.

"The current work on privacy has concentrated on eliminating personally identifiable information such as name or IP addresses from the public domain," she said. "Consumer policy needs to go beyond that and address the fact that users have a profile and can be commercially targeted based on that profile, even if no one knows their actual name."

Kuneva's department will also today begin an informal investigation of online privacy and data collection in preparation for potential regulatory action. At a recent Westminster event, British peers said the Information Commissioner's Office, responsible for enforcing EU privacy regulations, had failed in its duty to consumers over behavioural targeting.

In separate news on Monday, Phorm officially announced a trial of its technology by Korea Telecom. ®

Internet Security Threat Report 2014

More from The Register

next story
YOU are the threat: True confessions of real-life sysadmins
Who will save the systems from the men and women who save the systems from you?
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Virgin Media struck dumb by NATIONWIDE packet loss balls-up
Turning it off and on again fixes glitch 12 HOURS LATER
Ofcom snatches 700MHz off digital telly, hands it to mobile data providers
Hungry mobe'n'slab-waving Blighty swallows spectrum
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.