The European Commission istaking the UK to courtover problems
with the UK's implementation of EU ePrivacy and personal data
protection rules.
The case is a sequel to
complaints a year ago by UK internet users about the use of a
behavioural advertising technology made by AIM-listed software
house Phorm by internet service
providers.
EU countries must ensure, among other things, the
confidentiality of communications by prohibiting interception and
surveillance without the user's consent. Phorm critics believe
Phorm's technology breaches this requirement, hence making its use
illegal.
BT has trialled Phorm three times, twice without users'
knowledge, and once publically. It has not revealed the results of
the trials.
The commission wrote to the UK government last year to ask
whether Phorm or its customers breached the law. A study by several
government departments, including the Information Commissioners'
Office, concluded that Phorm's operation was legal, provided that
users were given notice of it, and were required to "opt in" to
receive advertisements served by Phorm as they surfed the web.
EU Telecoms Commissioner Viviane Reding said, "We have been
following the Phorm case for some time and have concluded that
there are problems in the way the UK has implemented parts of EU
rules on the confidentiality of communications."
She called on the UK to change its national laws and to ensure
that national authorities were duly empowered and had "proper
sanctions" available to enforce EU legislation on the
confidentiality of communications.
"This should allow the UK to respond more vigorously to new
challenges to ePrivacy and personal data protection such as those
that have arisen in the Phorm case. It should also help reassure UK
consumers about their privacy and data protection while surfing the
internet," she said.
The European Commission analysed the UK's answers on Phorm and
concluded there are structural problems in the way the UK has
implemented EU rules ensuring the confidentiality of
communications.
It said that under UK law, which is enforced by the UK police,
it is an offence to unlawfully intercept communications. But this
is limited to "intentional" interception only.
It said UK law also considers interception to be lawful when the
interceptor has "reasonable grounds for believing" that consent to
interception has been given.
The European Commission was also concerned that the UK does not
have an independent national supervisory authority to deal with
such interceptions.
Reding said technologies such as internet behavioural
advertising could be useful for businesses and consumers but they
had to comply with EU rules. "These rules are there to protect the
privacy of citizens and must be rigorously enforced by all member
states," she said.
Phorm technology works by constantly analysing customers' web
surfing to determine users' interests and then deliver targeted
advertising to users when they visit certain websites.
The UK has two months to reply to this first stage of an
infringement proceeding, the letter of formal notice sent today. If
the European Commission receives no reply, or if the observations
presented by the UK are not satisfactory, the European Commission
may decide to issue a reasoned opinion (the second stage in an
infringement proceeding). If the UK still fails to fulfil its
obligations under EU law after that, the European Commission will
refer the case to the European Court of Justice.