30 October 2009

EU - Telecoms: Commission steps up UK legal action over privacy and personal data protection

The Commission has moved to the second phase of an infringement proceeding over the UK to provide its citizens with the full protection of EU rules on privacy and personal data protection when using electronic communications. European laws state that EU countries must ensure the confidentiality of people's electronic communications like email or internet browsing by prohibiting their unlawful interception and surveillance without the user's consent. As these rules have not been fully put in place in the national law of the UK, the Commission will send the UK a reasoned opinion. Specifically, the Commission has identified three gaps in the existing UK rules governing the confidentiality of electronic communications: 1) There is no independent national authority to supervise interception of communications 2) The current UK law - the Regulation of Investigatory Powers Act 2000 (RIPA) - authorises interception of communications not only where the persons concerned have consented to interception but also when the person intercepting the communications has "reasonable grounds for believing" that consent to do so has been given. These UK law provisions do not comply with EU rules defining consent as freely given, specific and informed indication of a person's wishes 3) The RIPA provisions are limited to 'intentional' interception only, whereas the EU law requires Members States to prohibit and to ensure sanctions against any unlawful interception regardless of whether committed intentionally or not.