skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view


The timing of the European Commission's (EC's) initiative to consult on the reform of the ePrivacy Directive is not surprising. The EC has waited for final approval of the General Data Protection Regulation, which will come into force in 2018. A first assessment of the documents suggests that over-the-top (OTT) providers should expect a heavier regulatory burden when guaranteeing the secrecy of communications data once the EC comes up with a proposal of reform. However, the issue of data retention, which is a key instrument to help public authorities tackle crime, is strikingly absent; this will require the EC to take further action in due course.

The issue of data retention is strikingly absent from the consultation documents

Having finally put to bed the reform of the data protection framework, the EC is rightly looking at updating more specific rules related to privacy in communications data by launching a consultation on the reform of the ePrivacy Directive. The directive dates back to 2002, with some updates passed in 2009. It complements the Data Protection Directive of 1995, which will fall away in 2018 when the newly approved Data Protection Regulation comes into force, and is part of the regulatory framework for electronic communications.

It is the right time to consider updates to this piece of legislation, for at least two reasons. First, the EC will have to ensure the new rules are consistent with the new data protection regulation. Second, the EC is currently engaging in the complex, but necessary, task of reviewing the whole regulatory framework for communications to ensure that it captures the most recent market developments.

In particular, any update or replacement of the ePrivacy Directive will have to take account of the current role of OTT providers in the communications landscape. The consultation launched by the EC during 2015 on a possible reform of the electronic communications framework shows that the EC is mindful of the impact of OTT providers in the market from a competition perspective. However, OTT communications providers should now expect that the EC will aim to impose obligations on them similar to the ones that were enforced on telcos in terms of secrecy and the protection of communications data. Not only will this help level the playing field between OTT providers and telcos, but it will also aim to enhance consumers' privacy and protection, as OTT communications continue to play an increasingly important role in the market.

In the consultation questionnaire, the EC is asking respondents whether the updated framework should apply to OTT providers, unlike the current one. The background document to the consultation also notes that national legislation in some countries has already been updated to reflect such a change, as shown by the Information Society Code adopted in Finland at the beginning of 2015.

The consultation on the ePrivacy Directive could have also been an opportunity to reconsider the role of communications providers in helping public authorities to tackle crime. The now-demised Data Retention Directive, which applied to telcos until the European Court of Justice struck it down in 2014, was in derogation to the ePrivacy Directive. Not only was it seen as disproportionate by the European Court of Justice, but it was also considered burdensome by telcos, which had to retain data for a long and often unnecessary period of time. However, this issue is strikingly absent in the consultation and in the related background document.

Given that states are trying to legislate on the same matter on their own, the EC should have included the topic of data retention in the consultation. The EC should now start to come up with a better framework, which should also require OTT providers to cooperate with authorities while not turning into a permanent snoopers' charter.


Further reading

Data Protection Tracker: 4Q15, TE0007-000955 (December 2015)

Regulatory Developments in Data Protection and Data Retention in the EU, TE009-000987 (July 2013)


Luca Schiavoni, Senior Analyst, Regulation

Recommended Articles

  • Service Provider Markets, Consumer & Entertainment Services,...

    MWC 2018 Highlights

    By Ronan De Renesse 27 Feb 2018

    Over 20 of our senior Ovum analysts and consultants attended this year’s Mobile World Congress in Barcelona at the end of February. In between meetings, briefings and presentations, our analyst team were blogging and tweeting about key developments, trends and rumors. Have a look through our daily MWC 2018 Highlights to find out what happened.

    Topics 5G AI IoT Cloud Payments SDN/NFV Smart home

  • Internet of Things

    IoT Viewpoints 2018

    IoT Viewpoints explore the IoT opportunity in 2018 and beyond. Download our latest e-book to get our newest collection of thought leadership articles on the emerging IoT trends, technologies and opportunities.

    Topics IoT

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now