|Author (Corporate)||Council of the European Union, European Parliament|
|Series Title||Official Journal of the European Union|
|Series Details||L 274, Pages 41-51|
|Content Type||Blog & Commentary, Legislation, News, Policy-making|
Regulation (EU) 2021/1232 - formally adopted by the European Union on 14 July 2021 - introducing a temporary derogation from certain provisions of Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector. This is a text with EEA relevance.
Directive 2002/58/EC - also known as Directive on Privacy and Electronic Communications (ePrivacy) - ensures the protection of private life, confidentiality of communications and personal data in the electronic communications sector. The definition of electronic communications services is to be replaced by the entry into application of the European Electronic Communications Code (EECC), to include number-independent interpersonal communications services. These are to be covered by the ePrivacy Directive, which relies on the definition of the EECC.
The providers must comply with the ePrivacy Directive’s obligation to respect the confidentiality of communications and with the conditions for processing communications data. The existing practices of some number-independent interpersonal communications services to detect child sexual abuse online could interfere with certain provisions of the ePrivacy Directive.
A draft law was therefore tabled by the European Commission on 10 September 2020 to introduce a narrow and targeted legislative interim solution with the sole objective of creating a temporary and strictly limited derogation from the applicability of Articles 5(1) and 6 of the ePrivacy Directive, which protect the confidentiality of communications and traffic data. This Regulation should cease to apply in December 2025. In case the announced long-term legislation is adopted and enters into force prior to this date, that legislation should repeal the present Regulation.
The draft law was tabled by the European Commission on 10 September 2020. Member State representatives adopted a Council negotiating position on 28 October, followed by the European Parliament's relevant committee on 7 December and confirmed by plenary on 16 December. An informal agreement between the co-legislators on a compromise text for this draft law was reached on 29 April 2021. Following formal endorsement by the Council and the Parliament, the Act was signed on 14 July 2021. It was published in the Official Journal on 30 July 2021.
This Regulation lays down temporary and limited rules derogating from certain obligations laid down in Directive 2002/58/EC, with the sole objective of enabling providers of certain number-independent interpersonal communications services to use specific technologies for the processing of personal and other data to the extent strictly necessary to detect online child sexual abuse on their services and report it and to remove online child sexual abuse material from their services. This Regulation does not apply to the scanning of audio communications.
|Subject Categories||Business and Industry|
|Subject Tags||Children | Young People, Telecommunications|
|Keywords||Data Privacy | Protection
|International Organisations||European Union [EU]|