GDPR marked a turning point in 2018, requiring greater transparency in data collection and use in the European Union. Implement directives “ePrivacy” was amended to specifically require permission to be requested for cookies, trackers that follow an Internet user’s journey.
Today the Commission is discussing a “fatigue associated with consent and widespread use of blindfolds” to justify modifications to the ePrivacy directive. The project aims to centralize regulations: management will now be grouped based on GDPR only. But also to simplify the recording of choices: Internet users will be able to record their consent preferences directly in their browser or through other applications. The aim is to avoid systematic and repeated banner displays on each site.
However, there are exceptions for the press. Consider “the importance of online revenue streams for independent journalism”media will still have the possibility to ask for consent from Internet users who visit their sites directly.
AI training
Another major development concerns access to personal data by technology companies, which have always worried about European regulations being too strict, especially since the AI boom.
For “stimulating opportunities for a dynamic business environment” and encouraging data sharing and reuse, the EU executive introduced new usage patterns for training AI models.
Companies can rely on a “legitimate interests” to support their AI models during the training or testing phase. However, this use should not be exceeded “interests or fundamental rights and freedoms” user.
This project also intends “clarify” the true definition of “personal data”to reduce it to the only element that, by itself, allows one to be clearly identified.
At the same time, the text provides other administrative relief. For example, in the event of a personal data leak, the risk level is raised to require notification to the authorities, and the notification obligation deadline is extended.
A “massive decline” condemned by the association
This proposed modification immediately raised the ire of associations that defend digital rights.
The Austrian Noyb Association condemned the text “massively lowered protection of Europeans”. According to him, the proposed changes represent a “a gift to America’s big tech companies” by opening “many new weaknesses” that can be used by their legal department.
The day after the project was inaugurated, 127 European associations and organizations were alarmed by what they saw as a bad thing. “biggest rollback of basic digital rights in EU history”. They remember that GDPR is “one of the few mechanisms that gives citizens a way to speak out against companies or powerful authorities when they overreach”.
