Go to main content
Important legal notice

EUROPA - Europe's Information Society Thematic Portal

Navigation path: European Commission > Information Society
Language navigation: en
Home | News | Calendar | Library | RSS | XML | Search | Contact | Help

Local menu

Alternate presentations: Default layout Alternate layout, printer-friendly and allows font resizing

POLICIES :: eCommunications

Confidentiality of communications - spyware, cookies

Confidentiality of communications

The secrecy of correspondence has protected the content of letters against prying eyes ever since the transportation of such letters was confided to public postal services. With the introduction of public telephone services, a similar guarantee has been provided for the confidentiality of telephone calls. Article 5(1) of the Privacy and Electronic Communications Directive  now ensures that in all EU Member States the protection of confidentiality is guaranteed for all forms of private communications over public electronic networks. This does not only include phone calls and faxes but also e-mail, SMS or MMS messages etc.


Spyware and cookies

Personal computers and sophisticated mobile phones with extensive storage capacity and open software, offer the users many new possibilities for communications over public networks. However, they also offer third parties many new possibilities to gain access to information stored on this terminal equipment or even to install or store their own information or programs on other people's PCs. The purpose of such invisible forms of intrusion vary from intentional destruction of files and programs (e.g. viruses) to theft of information, verification of copyright infringements, profiling for marketing, checking of access permission for restricted services or recording user preferences. Some of these purposes are perfectly harmless or even useful for the user, while other objectives are very harmful and threatening. A major concern in all cases is that users are very often not aware of the fact that others gain access to their PCs and store information or programs on it, so they have no means to control, let alone stop such activities.

To remedy this problem, Article 5(3) of the Privacy and Electronic Communications Directive  requires that gaining access to or storing information on a user's terminal equipment (a PC, mobile phone or other device) is only allowed if the user is given clear information about the purpose of any such invisible activities and is offered the right to refuse it. This will enable the user to decide which forms of access to his equipment are acceptable and which are not.

The new provision will not only apply to so-called spyware (hidden espionage programs) and Trojan horses (programs hidden in messages or in other innocent looking programs) but also to 'cookies' (tracking devices which register users' preferences as they visit websites).

Member States have also adopted a Framework Decision on Illegal Attacks against Information Systems in February 2005 ( FR ).  Under this Decision spyware-related activities like illegal access and interference with information systems will have to be punishable in national law, as of March 2007, with criminal penalties up to several years of imprisonment in the most severe cases.

 

Back to top
Last update: 25/01/2007
 
Home | News | Calendar | Library | RSS | XML | Search | Contact | Help