UK eComm laws breach EU ePrivacy Directive

Specifically, the commission considers that UK law governing the confidentiality of eComms is in breach of the UK’s obligations under the ePrivacy Directive 2002/58/EC and the Data Protection Directive 95/46/EC in three specific areas.

The first is that there is no independent national authority to supervise the interception of some communications, although the establishment of such authority is required under the ePrivacy and Data Protection Directives − in particular to hear complaints regarding interception of communications.

The second is that current UK law authorises interception of communications, not only where the persons concerned have consented to interception but also when the person intercepting the communications has ’reasonable grounds for believing’ that consent to do so has been given. These UK provisions do not comply with EU rules defining consent as ’freely given, specific and informed indication of a person’s wishes’.

Lastly, the EU says that current UK law prohibiting and providing sanctions in case of unlawful interception are limited to ’intentional’ interception only, whereas EU law requires all member states to prohibit and to ensure sanctions against any unlawful interception, regardless of whether committed intentionally or not.