The tech industry is fighting a pending measure that’s even stricter than the recently enacted G.D.P.R. It’s called the ePrivacy Regulation.
By NATASHA SINGER, The New York Times
The new European data privacy legislation is so stringent that it could kill off data-driven online services and chill innovations like driverless cars, tech industry groups warn.
The American Chamber of Commerce to the European Union called the legislation “overly strict.” The Developers Alliance, a trade group representing Facebook, Google, Intel and dozens of app makers, said it could cost businesses in Europe more than 550 billion euros, or about $640 billion, in annual lost revenue. And DigitalEurope, another tech trade group, said the legislation’s prohibitive approach “seriously undermines the development of Europe’s digital economy.”
These industry alarms are not over the General Data Protection Regulation, or G.D.P.R., a tough privacy law that went into effect in the European Union on Friday. Instead, the cause is an even stricter privacy law that’s pending — the tech industry’s next regulatory battleground in Europe.
Sign Up For the Morning Briefing Newsletter
It is called the ePrivacy Regulation, and it specifically protects the confidentiality of electronic communications. The law was approved by the European Parliament last fall and is under review by the Council of the European Union, a group of government officials representing the 28 member countries. Bloc officials had originally intended for the law to go into effect this month, but Council negotiations have been slowed by internal disagreements.
If the current draft prevails, the law will require Skype, WhatsApp, iMessage, video games with player messaging and other electronic services that allow private interactions to obtain people’s explicit permission before placing tracking codes on users' devices or collecting data about their communications.
Now, some of the same companies and trade associations that a few years ago tried to defang G.D.P.R. have set their sights on derailing the ePrivacy legislation. Apart from heavily lobbying government officials in Europe, trade groups are funding doomsday financial forecasts and creating worst-case scenario video campaigns warning people of the rule’s potential drawbacks.
“Most of the lobbying is unreasonable and very low regarding facts,” said Jan Philipp Albrecht, a member of the European Parliament from Germany who steered the G.D.P.R. legislation through Parliament. He pointed to industry “campaigns saying, ‘With ePrivacy, the internet is going dark, and independent media, as well as digital growth, will be lost.’”
Industry and consumer advocates are essentially fighting over a contentious issue central to the post-Cambridge Analytica online economy: whether data-driven digital services represent more of a boon to consumers or the kind of surveillance that can threaten democracy.
“With one click you can manipulate hundreds of thousands or millions of people, whether you know their names or not,” said Birgit Sippel, a European Parliament member from Germany who drafted the ePrivacy legislation. “That is why protecting privacy is becoming more important, especially in the digital environment.”
The ePrivacy Regulation will replace and broaden an older European Union directive — which covered traditional telecommunications like voice calls — by also covering digital communications like text messaging and video chat apps.
The legislation currently provides only one condition under which a company may use data or metadata about users’ electronic communications: obtaining consumers’ explicit and informed permission to use their information for a specific, agreed-upon purpose. The bill also requires companies to offer people the same communications services whether or not they agree to have their data collected.
“Do you really want that app to use your metadata? Do you really want them to read your content on a dating app?” Ms. Sippel asked. “Consumers need to get back control over what is happening with their lives and their data.”
But tech industry groups and their supporters argue that ePrivacy’s consent requirement and other provisions are so onerous that they would hinder innovations like smart cars, which automatically transmit safety information back to the manufacturer. And requiring companies to provide equal communications services to people who opt out of data mining, they say, could cause sites or apps that rely on data-driven advertising to start charging fees or close down.
“Europe will become a digital backwater,” said Daniel Dalton, a member of the European Parliament from Britain. Mr. Dalton, who pushed for amendments on the ePrivacy bill, said he had met with Google, Microsoft, video game companies and trade groups to discuss their objections to the legislation.
“Every stakeholder I have talked to from industry, from all sizes from the very biggest to the very smallest businesses, are unanimously opposed to this,” he said.
Tech companies and trade groups have waged a furious, multipronged lobbying campaign to shut down, or at least weaken, the legislation.
Cisco, Facebook, Google, IBM, Microsoft, SAP, the American Chamber of Commerce, DigitalEurope and the Interactive Advertising Bureau Europe, a digital advertising industry group, have all lobbied officials at the European Commission about ePrivacy, according to a lobbying database created by Transparency International EU, a nonprofit research group in Brussels.
How much they are spending on the effort is unclear. While companies and trade groups that lobby European Commission officials must provide financial details on annual lobbying expenditures, they do not have to break out the spending by issue.
Trade groups have also created doomsday videos on ePrivacy. In one, an ominous voice warns that free online services won’t be able to survive financially if they can’t use people’s personal data to target them with ads. The inevitable result, the narrator says, is “an app-less future consumers never saw coming.”
Industry associations have also lobbied the Council of the European Union, whose leadership rotates every six months. For the ePrivacy law to be enacted, the Council must first come to its own consensus on the bill before negotiating the law’s final language in a three-way discussion with the European Parliament and the European Commission, the bloc’s executive arm.
The Council’s decisions are so critical for ePrivacy that the Computer and Communications Industry Association — which represents Amazon, Google, Netflix and others — traveled to Bulgaria in October to meet government ministers there as that country was preparing to take over the Council presidency. The bill’s supporters said the Council had not made much headway on ePrivacy since then.
Elitsa Zlateva, a spokeswoman for the permanent representation of Bulgaria to the European Union, said her country’s officials were committed to the bill’s progress. She declined to provide names of other trade groups that the country’s representatives had met with on ePrivacy.
The “Bulgarian presidency acts as an honest broker,” she wrote in an email, and works to balance the interests of European member states, citizens and business.
With support from Google, the computer industry group also financed a research study last year saying that ePrivacy’s data restrictions could cut revenue for the online news and online advertising industries, diminishing venture capital funding for cloud computing.
Christian Borggreen, vice president for the computer industry group in Europe, said he hoped that the ePrivacy Regulation would not conflict with the G.D.P.R. and that it would “add meaningful privacy protection without unduly hurting digital innovation.”
And this month, the Developers Alliance published its own sponsored economic research that forecast the ePrivacy Regulation would slash profits dependent on electronic communication by 30 percent across all sectors in the European Union. The group called on government officials to “take these findings into account when discussing this critical file.”
Michela Palladino, director of European policy and government relations at the Developers Alliance, said of the ePrivacy bill’s restrictions on handling user content and metadata: “That is something that is too extreme and will really cut potential business opportunities” for many industries that rely on data.
Ms. Sippel said hewing to industry opinions was impeding progress on the ePrivacy effort.
“In my view, we have some weak governments on the Council that are not willing to get into trouble with industry,” she said, emphasizing that she was expressing her opinion and not stating an official parliamentary position. “So, for the time being, they haven’t found a common position.”
COMMENTS