Principles and Regulations about Online Privacy: 'Implementation Divide' and Misunderstandings in the European Union
September 21, 2002
TPRC 2002 Working Paper No. 42
Unsatisfactory protection of privacy on the Internet is the price we pay for the misinterpretation of the concept of privacy. Even in legal systems, like that of European Union, commonly deemed sensitive towards privacy, the regulatory framework keeps missing something relevant. If we analyze the pieces of legislation enacted by the EU, a divide between general principles stated in fundamental documents, like the EU Charter of Nice, where privacy is valued as a fundamental right, and their implementation into specific regulations, where the protection of privacy is restricted to the protection of personal data, is clearly identifiable. The fact is that privacy is a composite concept, but its legal perception is too often limited to only its "material" sides, leaving parts that are more sensitive exposed.
As far as EU law is concerned, while official documents about online privacy have been issued, its legislation enacted so far does not deal directly with the protection of privacy on the Internet, but has different objectives: in particular, the protection of individuals with regard to the processing of personal data (Directive 95/46/EC, providing an horizontal framework) and the processing of personal data and the protection of privacy in the electronic communications sector (Directive 2002/58/EC, which repeals and replace Directive 97/66/EC, providing a sectoral framework). Personal data protection has absorbed most of regulatory efforts devoted to privacy, on the wrong assumption either that it coincides with privacy protection or that it has the same dignity of privacy protection. The misunderstanding of the concept of privacy has determined a devaluation of its value and a lower level of protections of some of its relevant sides, like solitude, anonymity, intimacy and personality.
The aim of the paper is to show what privacy is, where and why the "divide" between EU principles and regulations arises, what legal and ethical consequences follow, what parts of privacy have been underestimated, and whether more focused, Internet-oriented, regulatory framework might be the right response. Paradoxically enough, the analysis of the provisions concerning Internet issues, like cookies and spam, of Directive 2002/58/EC, shows that sectoral, and more recent, directives not always provide a satisfactory discipline compared to the one provided by the horizontal directive on data protection. Time and focus have not been sufficient to understand what online privacy is, and how to protect it, considering its spiritual sides. Moreover, the rules set and enforced with reference to offline privacy do not always apply to online privacy, as the latter were the child of a lesser God.
Number of Pages in PDF File: 31
Keywords: privacy, Internet, European Union, European Community, online privacy, electronic communications
JEL Classification: K23, K29, K33, K39working papers series
Date posted: November 11, 2002
© 2013 Social Science Electronic Publishing, Inc. All Rights Reserved.
This page was processed by apollo7 in 0.406 seconds