Discussions on the proposed ePrivacy Regulations have been going on for more than three years now. The planned Regulation will introduce new rules regarding Data Protection and confidentiality of communication and the new Croatian Presidency of the Council of the European Union recently published its first Presidency Discussion Paper (5979/20). Bitkom welcomes the steps already taken on the text of the ePrivacy Regulation but in our view there are still many unresolved areas and the file needs further work and in depth discussion. A clear, coherent and future-proof text is needed to move on to trilogue discussions. As Bitkom has always provided comments and industry insights on several questions regarding the ePR, we would like to use this opportunity to comment on the latest developments as well.
We appreciate the efforts of the Croatian presidency to make the ePR text simpler, more structured and to further align it with the GDPR1. Therefore, we agree with the addition of another legal bases (legitimate interest). However, we disagree with the assumption that compatible further processing would no longer be needed, due to the introduction of legitimate interest. Compatible further processing is not a “legal base” according to GDPR, but a principle, and thus does not lead to “overlaps” or “duplications”. To the contrary, the requirements of legitimate interest foresee a careful weighing of interests between company and data subject.