By EDRi

This article is also available in:
Deutsch: [Stellungnahme des EDSB zu Netzneutralität und Datenschutz | www.unwatched.org/EDRigram_9.20_Stellungnahme_des_EDSB_zu_Netzneutralitaet_und_Datenschutz?pk_campaign=edri&pk_kwd=20111028]

Peter Hustinx, the European Data Protection Supervisor (EDPS) adopted an
opinion on 7 October 2011 on the European Commission Communication on the
open internet and net neutrality in Europe, stressing the necessity of
respecting the fundamental right to privacy and data protection of users, in
particular in terms of confidentiality of communications.

The Opinion addresses a very controversial subject and comes in the light of
the Communication adopted by the Commission on 19 April 2011 and the
Commission’s public consultation preceding the Communication. It also takes
into consideration the draft Council conclusions on net neutrality.

Net neutrality refers to whether Internet service providers (ISPs) should be
allowed to monitor network traffic, filter or restrict Internet access of
their users. The idea is that “information on the Internet should be
transmitted impartially, without regard to content, destination or source,
and that users should be able to decide what applications, services and
hardware they want to use. This means that ISPs cannot, at their own choice,
prioritise or slow down access to certain applications or services such as
Peer to Peer (‘P2P’), etc.”

The EDPS draws attention to such practices on certain
inspection techniques used by ISPs that may be highly intrusive, involving
the monitoring of content of communications, websites visited, emails sent
and received, the time when this takes place, enabling filtering of
communications. In Hustinx’s opinion, monitoring of the ISPs’ compliance
with data protection rules should be closely monitored.

The confidentiality of communications is a fundamental right protected by
the European Convention for the Protection of Human Rights and Fundamental
Freedoms, the Charter of Fundamental Rights of the European Union as well as
the EU ePrivacy Directive.

Hustinx believes there is a tendency of increased monitoring and inspection
techniques from ISPs which raises serious issues regarding the
protection of users’ privacy and personal data and therefore, more has to be
done to devise and implementsatisfactory policies on the matter.

He therefore calls on the Commission to initiate a debate involving all
relevant stakeholders, for the clarification of the data protection legal
framework applying in this case.

In his Opinion, the EDPS has made some recommendations which include: the
determination of legitimate inspection practices needed to ensure the smooth
flow of traffic or carried out for security purposes; the determination of
the cases when monitoring requires the users’ consent (such as filtering
aimed to limit access to certain applications and services, such as peer to
peer); and, in such cases, the necessity of guidance regarding the
application of the necessary data protection safeguards (purpose limitation,
security etc).

Hustinx also believes national authorities and BEREC should monitor the
market situation. “This monitoring should result in a clear picture
describing whether the market is evolving towards massive, real-time
inspection of communications and issues related to complying with the legal
framework.” “Further analysis of the effects of new practices in relation to
data protection and privacy on the Internet”, is also necessary.

Based on such analyses, additional legislative measures might be necessary
in which case “the Commission should put forward policy measures aimed at
strengthening data protection rules and ensuring legal certainty. New
measures should clarify the practical consequences of the net neutrality
principle and guarantee users the possibility.”

Opinion of the European Data Protection Supervisor on net neutrality,
traffic management and the protection of privacy and personal data
(7.10.2011)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2011/11-10-07_Net_neutrality_EN.pdf

Press Release “A serious policy debate on net neutrality must effectively
address users’ confidentiality of communication” (7.10.2011)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/PressNews/Press/2011/EDPS-2011-10-Net-neutrality_EN.pdf

Busting net neutrality may amount to spying, says EU (13.10.2011)
http://www.theregister.co.uk/2011/10/13/isps_traffic_managemnet_may_breach_european_net_neutrality_rules/

EDRi-gram: EDRi’s answer to net neutrality consultation (6.10.2010)
http://www.edri.org/edrigram/number8.19/edri-net-neutrality-position

EDRi-gram: Draft Council conclusions on Net Neutrality (27.07.2011)
http://www.edri.org/edrigram/number9.15/net-neutrality-council-conclusions