Apple joins wide array of tech companies in fight to kill EU's 'Cookie Law'
Apple and a cadre of other tech companies are fighting the European Union's so-called "Cookie Law," lobbying the organization for more refined laws that aim to strike a balance between user privacy and data collected by providers.
The filing, submitted just hours before a July 5 public comment deadline, states that a similar law, the General Data Protection Regulation (GDPR), should be the framework for "a comprehensive set of horizontal rules ensuring high levels of data protection" for citizens of the EU. The parties would prefer the GDPR over expansion of the widely criticized ePrivacy Directive.
"We believe that simplifying and streamlining regulation will benefit consumers by ensuring they are provided with a simple, consistent, and meaningful set of rules designed to protect their personal data," the industry group said http://www.gsma.com/newsroom/press-release/empowering-trust-innovation-repealing-e-privacy-directive/">in its statement. "At the same time, it will encourage innovation across the digital value chain and drive new growth and social opportunities. This is critical at a time when digital companies are striving to launch new innovative services and working to build a 5G Europe."
The ePrivacy Directive, effective May 26, 2012, is an attempt to regulate a number of internet-specific issues, including confidentiality of user information, how data is handled and retained by providers, spam regulation, and browser cookie implementation under one law. Many of the provisions in the ePrivacy Directive overlap other EU laws and policies, such as the GDPR.
The public comment period on the ePrivacy Directive was querying respondents to see if widening the law to voice-over-IP, and social media networking was appropriate. The disseminated questions about the law also asked about if there should be updated legislation on personal data breaches, location data, and further protections on privacy of various communication methods on the Internet.
The industry group is seeking as yet unspecified "appropriate legal instruments" rather than continuation of the wide-reaching ePrivacy Directive.
The coalition includes Apple, Amazon, BT, Blackberry, Dropbox, eBay, Facebook, Fastnet, Foursquare, Google, Huawei, LinkedIn, Microsoft, Netflix, Orange, Paypal, T-Mobile, TalkTalk, Telefonica, Three, and Vodafone.
The filing, submitted just hours before a July 5 public comment deadline, states that a similar law, the General Data Protection Regulation (GDPR), should be the framework for "a comprehensive set of horizontal rules ensuring high levels of data protection" for citizens of the EU. The parties would prefer the GDPR over expansion of the widely criticized ePrivacy Directive.
"We believe that simplifying and streamlining regulation will benefit consumers by ensuring they are provided with a simple, consistent, and meaningful set of rules designed to protect their personal data," the industry group said http://www.gsma.com/newsroom/press-release/empowering-trust-innovation-repealing-e-privacy-directive/">in its statement. "At the same time, it will encourage innovation across the digital value chain and drive new growth and social opportunities. This is critical at a time when digital companies are striving to launch new innovative services and working to build a 5G Europe."
The ePrivacy Directive, effective May 26, 2012, is an attempt to regulate a number of internet-specific issues, including confidentiality of user information, how data is handled and retained by providers, spam regulation, and browser cookie implementation under one law. Many of the provisions in the ePrivacy Directive overlap other EU laws and policies, such as the GDPR.
The public comment period on the ePrivacy Directive was querying respondents to see if widening the law to voice-over-IP, and social media networking was appropriate. The disseminated questions about the law also asked about if there should be updated legislation on personal data breaches, location data, and further protections on privacy of various communication methods on the Internet.
The industry group is seeking as yet unspecified "appropriate legal instruments" rather than continuation of the wide-reaching ePrivacy Directive.
The coalition includes Apple, Amazon, BT, Blackberry, Dropbox, eBay, Facebook, Fastnet, Foursquare, Google, Huawei, LinkedIn, Microsoft, Netflix, Orange, Paypal, T-Mobile, TalkTalk, Telefonica, Three, and Vodafone.
Comments
Normally Apple claims to respect the privacy of the user, but here Apple takes an opposite position, which I don't understand.
sorry, there are some of us who have a brain and know where this is going. Welcom to the Borg. I opt out thank you.
Why?
I had my identity stolen in 2009. Took me years to get things sorted out.
If you support this action then all I can say is, I hope you get your ID stolen and you enjoy the grief it will bring you.
Google and FB are part of this stripping away of individual identities and freedoms. This I do not want.
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:en:HTML
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=URISERV:l24120
-----------------------------------------
"Providers of electronic communication services must secure their services by at least:
The service provider must inform the national authority of any personal data breach within 24 hours. If the personal data or privacy of a user is likely to be harmed, they must also be informed unless specifically identified technological measures have been taken to protect the data.
EU countries must ensure the confidentiality of communications made over public networks, in particular they must:
When traffic data are no longer required for communication or billing, they must be erased or made anonymous. However, service providers may process these data for marketing purposes for as long as the users concerned give their consent. This consent may be withdrawn at any time.
User consent is also required in a number of other situations, including:
EU countries are required to have a system of penalties including legal sanctions for infringements of the directive.
The scope of the rights and obligations can only be restricted by national legislative measures when such restrictions are necessary and proportionate to safeguard specific public interests, such as to allow criminal investigations or to safeguard national security, defence or public security."
-----------------------------------------
There are rules for transfer of data and dealing with location data. US companies would occasionally store customer data outside the EU. The surveillance directive should be directed at certain intelligence agencies but they wouldn't have known when it was written up.The cookie directive is important but they implemented it completely the wrong way. I suppose it's due to how it's enforced by jurisdiction but they shouldn't have asked sites to do anything because it's completely unmanageable. There are a handful of browsers, the cookie blocking should have been done by them and could have been implemented very quickly.
Browsers would be required to create temporary and isolated storage for a website on visiting it and remove this data by default on finishing the browsing session. This negates the need to ask the user for anything. If a site requires persistent data then they have to explicitly request long-term storage to the user and this would be part of the HTML or Javascript spec. On calling this API, the browser would ask the user to allow it with an unobtrusive request. Users would be able to block requests for persistent storage by default. The EU would ask Apple, Google, Microsoft, Opera, Mozilla to implement this and it covers almost the entire internet. They can implement it within a week and it would actually work to protect privacy unlike what they have now.
They could prevent data interception by requiring protocol-level encryption. Again, they are targeting the wrong people, they should deal with the people who make the spec (IETF?). The problem with legislators putting technology laws together is that most of them don't know how any of it works, they just impose rules to get the results they want and don't think about the feasibility of it. They need to ask the tech companies how best to get the results they want before they write up the laws.