EU: Internet Guidelines

The EC will participate in the Council of Europe’s work on the drawing up of data protection guidelines for the Internet. While these guidelines will not be binding, member countries of the Council of Europe (all EU Member States) will agree to secure their adoption by businesses, users and public authorities. The Commission intends ensuring compatibility with relevant EU Directives.

The recommendations would require MS to secure that they were adopted by businesses, users and public authorities. Particular attention would be paid to:

• specific risks to the right to privacy and personal data protection arising from the Internet
• practical enforcement of the right to be informed of data processing operations and to object to any such processing
• the conditions under which data may be used for direct marketing
• application of the so-called ‘purpose principle’, ie who wishes to use the data and why
• the question of cross-border flows of data

Meanwhile, the question of whether EU police forces should be given powers to monitor encrypted Internet messages looks set to spark a clash between MS and the Commission. Police authorities are suggesting that people using encryption software to scramble Internet messages should be required to provide the police with an electronic key enabling them to gain access to the material. Differences at government levels first arose during an EU Justice Ministers meeting in Birmingham on 31 January, when UK Home Secretary Jack Straw raised the issue, explaining that the UK government believed the police should be allowed to access private messages.

Revised ICC guidelines for interactive marketing, notably on the internet, have been drawn up and circulated to interested parties. The aim is to adopt new guidelines in March or April 1998.