It likely comes as a blow to the Government to find that UK is to face legal action in the European Courts for failure to comply with European Law in regards to privacy. The EU Directive requires that the UK (and other states in the EU) create a industrial regulator that will act as a guardian of privacy. The requirements that monitoring of Internet activity sticks within the permits of the law would be their responsibility.
Since the UK has failed to create such a regulator and given the high profile invasions of privacy such as BT’s trial of Phorm software against its user base to “provide better advertising” has lead to the EU Commission launching legal action against the Government to ensure that the privacy of the people is respected.
The EU Directives in question, ePrivacy Directive and Data Protection Directive in the opinion of the European Commision have been broken on two key points.
Firstly the aforementioned requirement of an regulatory body which should be independent needs to be setup to monitor the monitoring of interception of communications. This is the first point the commission is taking action over – creation of such a body will see the UK fall into compliance with this respect of the law.
Secondly, the UK Law in regards to permission for interception of communication has the vague requirement of the interceptor should have reason to believe that consent has been given. This does mean that under UK Law, consent does not actually need to be given only a reasonable believe that it is implied. Under the directives, consent must be given freely, and in knowledge of what is being given. This is a clear difference of opinion.
Many belive that with the information commisioner it should be able to cover the requirements of the regulator to cover and monitor and that the creation of a new body to manage this is a waste of tax payer’s money.At the very least however a significant shake up of the privacy laws of the UK may be in order.