19 Amendments of José BLANCO LÓPEZ related to 2017/0003(COD)
Amendment 90 #
Proposal for a regulation
Recital 23
Recital 23
(23) The principles of data protection by design and by default were codified under Article 25 of Regulation (EU) 2016/679. Currently, the default settings for cookies are set in most current browsers to ‘accept all cookies’. Therefore providers of software enabling the retrieval and presentation of information on the internet should have an obligation to configure the software so that it offers the option to prevent third parties from storing information on the terminal equipment; this is often presented as ‘reject third party cookies’. End-users should be offered a set of privacy setting options, ranging from higher (for example, ‘never accept cookies’) to lower (for example, ‘always accept cookies’) and two intermediate (for example, ‘reject third partyracking cookies’ or ‘only accept first party cookicookies on whitelisted and/or frequently visited information society services’). Such privacy settings should be presented in a an easily visible and intelligible manner.
Amendment 99 #
Proposal for a regulation
Recital 25
Recital 25
(25) Accessing electronic communications networks requires the regular emission of certain data packets in order to discover or maintain a connection with the network or other devices on the network. Furthermore, devices must have a unique address assigned in order to be identifiable on that network. Wireless and cellular telephone standards similarly involve the emission of active signals containing unique identifiers such as a MAC address, the IMEI (International Mobile Station Equipment Identity), the IMSI etc. A single wireless base station (i.e. a transmitter and receiver), such as a wireless access point, has a specific range within which such information may be captured. Service providers have emerged who offer tracking services based on the scanning of equipment related information with diverse functionalities, including people counting, providing data on the number of people waiting in line, ascertaining the number of people in a specific area, etc. This information may be used for more intrusive purposes, such as to send commercial messages to end-users, for example when they enter stores, with personalized offers. While some of these functionalities do not entail high privacy risks, others do, for example, those involving the tracking of individuals over time, including repeated visits to specified locations. Providers engaged in such practices should not only display prominent notices in public spaces, located on the edge of the area of coverage, but also send information to the terminal equipment, informing end-users prior to entering the defined area that the technology is in operation within a given perimeter, the purpose of the tracking, the person responsible for it and the existence of any measure the end-user of the terminal equipment can take to minimize or stop the collection. Additional information should be provided where personal data are collected pursuant to Article 13 of Regulation (EU) 2016/679.
Amendment 118 #
Proposal for a regulation
Article 1 – paragraph 2
Article 1 – paragraph 2
2. This Regulation ensures the accurate and sustainable functioning of the digital single market and the free movement of electronic communications data and electronic communications services within the Union, which shall be neither restricted nor prohibited for reasons related to the respect for the private life and communications of natural and legal persons and the protection of natural persons with regard to the processing of personal data.
Amendment 121 #
Proposal for a regulation
Article 2 – paragraph 1
Article 2 – paragraph 1
1. This Regulation applies to the processing of electronic communications data carried out in connection with the provision and the use ofwhen making available and utilizing electronic communications services, network services, and to information related to the terminal equipment of end-users.
Amendment 149 #
Proposal for a regulation
Article 5 – paragraph 1
Article 5 – paragraph 1
Electronic communications data shall be confidential. Any interference with electronic communications data, regardless of whether the communication involves natural or legal persons. Any interference with electronic communications inactive data that is stored physically in any digital form, or data in motion, such as by listening, tapping, storing, monitoring, scanning or other kinds of interception, surveillance or processing of electronic communications data, by persons other than the send-userer or intended recipients, shall be prohibited, except when permitted by this Regulation.
Amendment 161 #
Proposal for a regulation
Article 6 – paragraph 1 – point b
Article 6 – paragraph 1 – point b
(b) it is necessary to maintain or, restore the securand protect the security, constancy, confidentiality, availability and authenticity of electronic communications networks and services, or detect technical faults and/or errors in the transmission of electronic communications, for the duration necessary for that purpose; providers of electronic communications networks and services are encouraged to ensure through proportionate means the impediment of distribution of malicious software in line with Article 7(a) of Directive 2013/40/EU.
Amendment 168 #
Proposal for a regulation
Article 6 – paragraph 2 – introductory part
Article 6 – paragraph 2 – introductory part
2. Providers of electronic communications services and network providers may process electronic communications metadata if:
Amendment 174 #
Proposal for a regulation
Article 6 – paragraph 2 – point b
Article 6 – paragraph 2 – point b
(b) it is necessary for billing, calculating interconnection payments, detecting or stopping fraudulent, or abusive use of, or subscription to, electronic communications services; or scams schemes affecting third parties connected to the network; or
Amendment 182 #
Proposal for a regulation
Article 6 – paragraph 2 a (new)
Article 6 – paragraph 2 a (new)
2 a. Even in the denial or absence of consent of an end-user, for the processing of metadata in order to locate an individual, in cases of calls to emergency services, exclusively for Amber Alert and the European emergency phone number (112).
Amendment 199 #
Proposal for a regulation
Article 8 – title
Article 8 – title
Protection of information stored in and related to end-users’transmitted to, stored in, restored from or processed in any other way relative to terminal equipment
Amendment 225 #
Proposal for a regulation
Article 8 – paragraph 1 – point d a (new)
Article 8 – paragraph 1 – point d a (new)
(d a) for emergency services acting on calls to the European emergency phone number (112) or Amber Alert.
Amendment 232 #
Proposal for a regulation
Article 8 – paragraph 1 a (new)
Article 8 – paragraph 1 a (new)
1a. It is necessary to safeguard the security and privacy of the end-user, as well as to guarantee the incorruptibility, accessibility, confidentiality, and authenticity of terminal equipment or the electronic communication network or services.
Amendment 250 #
Proposal for a regulation
Article 8 – paragraph 3 – subparagraph 1 (new)
Article 8 – paragraph 3 – subparagraph 1 (new)
Relevant technical guidelines shall be developed by the competent European authorities.
Amendment 266 #
Proposal for a regulation
Article 9 – paragraph 3 a (new)
Article 9 – paragraph 3 a (new)
3a. The possibility of proper informed consent should be applied in all cases.
Amendment 267 #
Proposal for a regulation
Article 9 – paragraph 3 b (new)
Article 9 – paragraph 3 b (new)
3 b. The possibility to easily revoke consent should be offered in an explicit manner.
Amendment 274 #
Proposal for a regulation
Article 10 – paragraph 1 a (new)
Article 10 – paragraph 1 a (new)
1 a. Additional information practices should be put in place explaining clearly and briefly the necessity and purpose of the active tracking cookies.
Amendment 283 #
Proposal for a regulation
Article 10 – paragraph 2
Article 10 – paragraph 2
2. Upon installation, the software shall inform the end-user about the privacy settings options and, to continue with the installation, require the end-user to consent to a settinghoose a setting. Settings must be easily accessible and modifiable during the use of the terminal equipment or software.
Amendment 290 #
Proposal for a regulation
Article 10 a (new)
Article 10 a (new)
Article 10 a Information society services should respond to an emitted '' Do Not Track '' (DNT) signal, by indicating to the end- user that tracking cookies have been switched off.
Amendment 313 #
Proposal for a regulation
Article 15 – paragraph 3
Article 15 – paragraph 3
3. The providers of publicly available directories shall provide end-users that are legal persons or natural persons acting in their business capacity with the possibility to object to data related to them being included in the directory. Providers shall give such end-users that are legal persons the means to verify, correct and delete such data.