Feeds

EU issues ultimatum on internet privacy

Behavioural targeting investigated

Internet Security Threat Report 2014

The European Commission today delivered an ultimatum to internet firms - improve your approach to privacy online, or face a regulatory clampdown from Brussels.

Meglena Kuneva, the consumer affairs Commissioner, told a gathering of ISPs, major websites and advertising firms they are violating "basic consumer rights in terms of transparency, control and risk", through data collection and behavioural targeting.

"I want to send a warning signal today that we cannot afford foot dragging in this area," she said.

"If we fail to see an adequate response to consumers concerns on the issue of data collection and profiling, as a regulator, we will not shy away from our duties nor wait for a cataclysm to wake us up."

Officials are understood to be particularly concerned about ISPs' experiments using Deep Packet Inspection (DPI) technology to intercept and profile their customers' web use. The information society and media Commissioner Viviane Reding's department is still investigating the UK government's apparent failure to enforce European privacy law over BT and Phorm's secret trials of such a system in 2006 and 2007.

Kuneva's initiative will also address behavioural targeting and data collection by websites.

Google launched its own behavioural tracking network earlier this month, requiring consumers who do not want to be tracked to opt out. "We must establish the principles of transparency, clear language, opt-in or opt-out options that are meaningful and easy to use," Kuneva said. "I am talking about the right to have a stable contract and the right to withdraw."

She will tell delegates that to avoid regulation they must agree rules to protect consumers' rights, in line with existing legislation. The UK's Internet Advertising Bureau recently published behavioural advertising guidelines in an attempt to ward off regulation. Privacy activists were not satisfied, however, particularly with the guidelines' onus on consumers to opt out.

Proponents of behavioural targeting point to anonymising measures as a guarantee of privacy. Phorm identifies users only via a random token, but Kuneva will argue such steps do not completely mitigate privacy conerns.

"The current work on privacy has concentrated on eliminating personally identifiable information such as name or IP addresses from the public domain," she said. "Consumer policy needs to go beyond that and address the fact that users have a profile and can be commercially targeted based on that profile, even if no one knows their actual name."

Kuneva's department will also today begin an informal investigation of online privacy and data collection in preparation for potential regulatory action. At a recent Westminster event, British peers said the Information Commissioner's Office, responsible for enforcing EU privacy regulations, had failed in its duty to consumers over behavioural targeting.

In separate news on Monday, Phorm officially announced a trial of its technology by Korea Telecom. ®

Providing a secure and efficient Helpdesk

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.