Feeds

EU issues ultimatum on internet privacy

Behavioural targeting investigated

Top 5 reasons to deploy VMware with Tegile

The European Commission today delivered an ultimatum to internet firms - improve your approach to privacy online, or face a regulatory clampdown from Brussels.

Meglena Kuneva, the consumer affairs Commissioner, told a gathering of ISPs, major websites and advertising firms they are violating "basic consumer rights in terms of transparency, control and risk", through data collection and behavioural targeting.

"I want to send a warning signal today that we cannot afford foot dragging in this area," she said.

"If we fail to see an adequate response to consumers concerns on the issue of data collection and profiling, as a regulator, we will not shy away from our duties nor wait for a cataclysm to wake us up."

Officials are understood to be particularly concerned about ISPs' experiments using Deep Packet Inspection (DPI) technology to intercept and profile their customers' web use. The information society and media Commissioner Viviane Reding's department is still investigating the UK government's apparent failure to enforce European privacy law over BT and Phorm's secret trials of such a system in 2006 and 2007.

Kuneva's initiative will also address behavioural targeting and data collection by websites.

Google launched its own behavioural tracking network earlier this month, requiring consumers who do not want to be tracked to opt out. "We must establish the principles of transparency, clear language, opt-in or opt-out options that are meaningful and easy to use," Kuneva said. "I am talking about the right to have a stable contract and the right to withdraw."

She will tell delegates that to avoid regulation they must agree rules to protect consumers' rights, in line with existing legislation. The UK's Internet Advertising Bureau recently published behavioural advertising guidelines in an attempt to ward off regulation. Privacy activists were not satisfied, however, particularly with the guidelines' onus on consumers to opt out.

Proponents of behavioural targeting point to anonymising measures as a guarantee of privacy. Phorm identifies users only via a random token, but Kuneva will argue such steps do not completely mitigate privacy conerns.

"The current work on privacy has concentrated on eliminating personally identifiable information such as name or IP addresses from the public domain," she said. "Consumer policy needs to go beyond that and address the fact that users have a profile and can be commercially targeted based on that profile, even if no one knows their actual name."

Kuneva's department will also today begin an informal investigation of online privacy and data collection in preparation for potential regulatory action. At a recent Westminster event, British peers said the Information Commissioner's Office, responsible for enforcing EU privacy regulations, had failed in its duty to consumers over behavioural targeting.

In separate news on Monday, Phorm officially announced a trial of its technology by Korea Telecom. ®

Security for virtualized datacentres

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.