10 Amendments of Kerstin WESTPHAL related to 2017/0003(COD)
Amendment 70 #
Proposal for a regulation
Recital 9
Recital 9
(9) This Regulation should apply to electronic communications data processed in connection with the provision and use of electronic communications services in the Union, regardless of whether or not the processing takes place in the Union. Moreover, in order not to deprive end-users in the Union of effective protection, this Regulation should also apply to electronic communications data processed in connection with the provision of electronic communications services from outside the Union to end-users in the Union. This should be the case irrespective of whether the electronic communications are connected to a payment or not.
Amendment 109 #
Proposal for a regulation
Recital 20
Recital 20
(20) Terminal equipment of end-users of electronic communications networks and any information relating to the usage of such terminal equipment, whether in particular is stored in or emitted by such equipment, requested from or processed in order to enable it to connect to another device and or network equipment, are part of the private sphere of the end-users requiring protection under the Charter of Fundamental Rights of the European Union and the European Convention for the Protection of Human Rights and Fundamental Freedoms. Given that such equipment contains or processes sensitive information that may reveal details of an individual's emotional, political, social complexities, including the content of communications, pictures, the location of individuals by accessing the device’'s GPS capabilities, contact lists, and other information already stored in the device, the information related to such equipment requires enhanced privacy protection. Furthermore, the so-called spyware, web bugs, hidden identifiers, tracking cookies and other similar unwanted tracking tools can enter end-user's terminal equipment without their knowledge in order to gain access to information, to store hidden information and to trace the activities. Information related to the end-user’s' device may also be collected remotely for the purpose of identification and tracking, using techniques such as the so-called ‘'device fingerprinting’', often without the knowledge of the end-user, and may seriously intrude upon their privacy of these end-users. T. Therefore, any such interference with the users' terminal equipment should be allowed only with their consent and for specific and transparent purposes. The use of exceptionally privacy invasive technologies and techniques that surreptitiously monitor the actions of end-users, for example by tracking their activities online or the location of their terminal equipment without the users' knowledge, or subvert the operation of the end-users’' terminal equipment, pose a serious threat to the privacy of end-users. Therefore, any such interference with the end-user's terminal equipment should be allowed only with the end-user's consent and for specific and transparent purposesusers' privacy and should be forbidden.
Amendment 125 #
Proposal for a regulation
Recital 23
Recital 23
(23) The principles of data protection by design and by default weare codified under Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies are set in most current browsers to ‘accept all cookies’. Therefore providers of software enabling the retrieval and presentation of information on the internetHardware manufacturers and providers of software permitting electronic communications should have an obligation to configure thedevices and software so that it offers the option to prevent third parties from storing information on the terminal equipment; this is often presented as ‘rejecttheir default settings provide the highest level of privacy protection possible, protecting users' against cross-domain tracking and unauthorised interferences with theird party cookies’. End-users should be offered a set of privacy setting options, ranging from higher (for example, ‘never accept cookies’) to lower (for example, ‘always accept cookies’) and intermediate (for example, ‘reject third party cookies’ or ‘only accept first party cookies’). Such communications and terminal equipment. Users should be informed about the default privacy settings and any available options to change those settings during installation or first use of the device or software and when they make significant changes to it. Privacy settings should be presented in an objective, easily visible and intelligible manner. They should be easily accessible and modifiable during the use of the device or software. Information provided should not incentivise users to select lower privacy settings and should binclude presented in a an easily visible and intelligible mannerlevant information about the risks associated with each setting.
Amendment 133 #
Proposal for a regulation
Recital 23 a (new)
Recital 23 a (new)
(23a) Children merit specific protection with regard to their online privacy. They usually start using the internet at an early age and become very active users. Yet, they may be less aware of the risks and consequences associated to their online activities, as well as less aware of their rights. Specific safeguards are necessary in relation to the use of children's data, notably for the purposes of marketing and the creation of personality or user profiles.
Amendment 252 #
Proposal for a regulation
Article 5 – paragraph 1 a (new)
Article 5 – paragraph 1 a (new)
Confidentiality of electronic communications shall also include terminal equipment and machine-to- machine communications when related to a user.
Amendment 302 #
Proposal for a regulation
Article 6 – paragraph 3 a (new)
Article 6 – paragraph 3 a (new)
3 a. Neither providers of electronic communications services, nor any other party, shall further process electronic communications data collected on the basis of this Regulation.
Amendment 403 #
Proposal for a regulation
Article 9 – paragraph 3 a (new)
Article 9 – paragraph 3 a (new)
3 a. Users shall not be denied access to an information society service or functionality, irrespective of whether the service is provided for remuneration or not, on grounds that they have not given their consent under point (c) of Article 6(1), point (c) of Article 6(2), point (a) of Article 6(3), point (b) of Article 8(1) or point (b) of Article 8(2) to the processing of information or the use of the processing or storage capabilities of their terminal equipment that is not necessary for the provision of that service or functionality. In particular, processing of data for the purposes of providing behaviourally targeted advertising shall not be considered as necessary for the performance of a service.
Amendment 414 #
Proposal for a regulation
Article 10 – paragraph 1
Article 10 – paragraph 1
1. SThe default settings of hardware and software placed on the market permitting electronic communications, including the retrieval and presentation of information on the internet, shall offer the option to prevent third parties from storing information on the terminal equipment of an end-user or processing information already stored on that equipmentbe configured to provide the highest level of privacy protection and protect users' against unauthorised interferences. In particular, default settings shall prevent the tracking of users' online behaviour by other parties. For this purpose, privacy settings shall include a signal which is sent to other parties to inform them about the users' settings. Such settings shall be binding on and enforceable against any other party.
Amendment 420 #
Proposal for a regulation
Article 10 – paragraph 2
Article 10 – paragraph 2
2. Upon installation, the softwarefirst use or whenever any significant modifications are introduced, the user shall be inform the end-usered about the default privacy settings options and, to continue with the installation, require the end-user to consent to a settingand other available options, if any. Information shall be presented in an easily visible and intelligible manner. It shall not incentivise users to select lower privacy settings and shall include relevant information about the risks associated with each setting. Settings must be easily accessible and modifiable at any time during the use of the device or software.
Amendment 427 #
Proposal for a regulation
Article 10 – paragraph 2 a (new)
Article 10 – paragraph 2 a (new)
2 a. Hardware and software which enables electronic communications and is specifically intended for children's use or targeted at children shall not allow tracking of its user's behaviour and activities for profiling, marketing or advertising purposes.