The Draft Regulation on Electronic Communication and Privacy (Draft) is currently under discussion at European Council and it targets high level protection for electronic communication users. In the circumstance that the Draft is approved, its date of taking effect is set as 25 May 2018. The Draft stands as a high profile arrangement while it completes General Data Privacy Regulation ("GDPR") by detailing it. The terms of GDPR would have the turn to be implemented for the topics that are not arranged within the Draft. In case it is approved, it would not be possible to implement the Draft for United Nations institutions, establishments and representatives. Pertaining to the Article 5 of the Draft, listening of electronic communication data, recording, monitoring, preserving or capturing the dialogues in a way, watching and processing them is not permitted pursuant to the privacy principle. The electronic communication data should be wiped off or anonymizated just following the receipt by the targeted receiver/receivers. Article 6 of the Draft regulates the terms of processing the electronic communication data. As per that, electronic communications data could be processed provided that the related people's acceptance is available, to be needed for its being used in line with the obtaining purpose, being required for data safety and if regulated as appropriate to be processed within the concerning legal regulations. Pertaining to the Article 7 of the Draft, in case the electronic communication high data is used in billing process, the concerning data could be preserved during the period of refusal or payment of invoice. Pursuant to the Article 8, for the end-user's utilizing the data processing or preserving capacity of the terminal equipment or collecting a data within it, one of the exceptions mentioned within the law should concretely be available. (Acceptance or demand of the end-user, processing just in line with the purpose of moving to the electronic communication network etc…). Obvious acceptance of the end-user is the pre-condition for the processing of personal data as per the Draft as well as it's in the GDPR also. The acceptance can be given through the suitable technical environment within the software application. As per the Article 9 of the Draft, end-user should be informed about the right of acceptance withdrawal during the acceptance's assignment and this right must be recalled each 6 month periods. Besides, as per the Article 10, during the installment of the software, end-user should be informed about privacy settings options and he/she should be requested for fiving acceptance. For the software already installed, this acceptance should be ensured during the first update provided that its date does not exceed 25 August 2018. Pertaining to the articles 12 and 13, interpersonal electronic communication service suppliers based on public numbers, must present options of hiding line number, refusing calls from unknown lines to the end-users called/calling or connecting/connected. However, emergency assistance services and interpersonal electronic communication service suppliers based on public numbers, hiding the calling number, refusing the processing of high data by the institutions dealing with emergency communication or unavailability of acceptance is not possible. Also, as per the Article 14 of the Draft, interpersonal electronic communication service suppliers based on public numbers should be supplying a free opportunity to the end-users to block the incoming calls from a certain number or an unknown one and to stop the call forwarding from the third parties to the end-user's terminal equipment. As per the Article 15 of the Draft, public guide suppliers should be obtaining the acceptance of end-users to attach them into the guide. The Draft's Article 16 regulates the un-demanded communications. Pursuant to that, communications with marketing purposes are possible with the acceptance of the end-user. Pertaining to the Draft's Article 17, electronic communication service suppliers should inform the end-users on the situations threatening the business network and electronic communication services. Section 4 within the Draft arranges the matters of legal solutions, liabilities and penalties. It should be strongly pointed out that the GDPR and sanctions set through the Draft would to applicable together in the circumstance that an awkward attitude is performed. As per the Draft's Article 21, the end user facing harm linked to the violation of liabilities would be able to demand for compensation. Also as per the Article 22, administrative fines of up to 20.000.000 euro are arranged for the ones violating the liabilities. Our explanations provided above include general information on the issue. No responsibility can be claimed against
EY and/or Kuzey YMM ve Bağımsız Denetim A.Ş. due to the implications arising from the context of this document or emerging with respect to its context.
Best Regards,
Kuzey YMM ve Bağımsız Denetim A.Ş. | 
Print 
Go to Top 
