Adtech: an Open Letter to the European Parliament

Today, Open Rights Group, Panoptykon and Liberties EU sent an Open Letter to the European Parliament, asking them to stand up for the ePrivacy Regulation and our online privacy. This is yet another step in our fight against illegal advertising and our work with EU partners, except that it is not only now this time: the letter was a success, with 30 civil society organisations joining our call to restore privacy in the online world.

The background

Alongside with the GDPR, the European Union aimed at modernising their data protection regime by updating their so-called cookie law, the ePrivacy Regulation.

Early drafts that came out of the European Parliament looked particularly good. They allowed Internet services to store information on our device only when technically necessary to deliver the service. In turn, this would require websites to ask our consent to store cookies or other identifiers for other purposes, such as targeting and online advertising. Furthermore, the same protection was set to be applied to information emitted by our browsers, thus banning fingerprinting and other novel tracking techniques.

Even more interesting was the European Parliament attempt to fix cookie consent banners, that are currently being used as a tool to deceive us or outright extort our consent. Under the new rules, websites would have not been allowed to ask you to consent to online tracking cookies in order to access a webpage or an Internet service (so-called cookie walls). Furthermore, choices that you express in your software settings (such as “do not track” in your browsers), would have become legally enforceable, thus forcing online advertisers to respect our will.

Why are we writing to the European Parliament?

The EU Council recently approved a disgraceful new ePrivacy draft, that would effectively water down these protections and legitimise illegal practices in the field of online tracking. Under the new draft, provisions that would have made your settings legally enforceable have vanished, while the cookie wall prohibition is now contingent on several ill-defined criteria that leave ample leeway to abuses.

In a nutshell, the EU Council proposal fails to address the reality of the adtech ecosystem and the widespread illegality of online advertising today. Where users need to be put in control of their choices, the EU Council wants adtech companies to be in control. Where previous rules had grey areas that were exploited by adtech companies for their own motives, the EU Council seems determined not to close these loopholes.

In light of these worrying developments, we decided to write to the European Parliament (the democratically elected body of the EU) to step in and make sure that these issues are dealt with in the upcoming interinstitutional negotiations.

What about the UK?

The Internet does not know frontiers in the same way countries and nations do, and the ePrivacy Regulation will undoubtedly have far-reaching implications for UK citizens privacy. On top of that, the UK is expected to enforce equivalent standard of data protection to the EU in order to protect the free flow of personal data with the block, something that is particularly important in light of the UK ambition to become a tech powerhouse.

Unfortunately, we have seen before how the UK Government lives in their techno-utopianist delusions, and how the ICO is failing to enforce the law against adtech companies. In this regard as well, ePrivacy could be a reality check for our institutions: with the EU and the world moving toward stronger privacy protections, why should the UK choose otherwise and go rogue?

Want to know more? Stay tuned or join us, and help us protect your rights in the digital age.