Consumers’ trust is at the core of the e-commerce industry, therefore the fair, safe and transparent use and collection of data is the key to the growth of the sector, not only for domestic online purchases but also when it comes to online cross-border sales. In its newly published position paper, Ecommerce Europe reflects on the almost concluded EU Data Protection Reform and the upcoming review of the E-Privacy Directive.
Ecommerce Europe strongly believes in full harmonization of data protection rules and welcomes the efforts made by the European legislators to update the European Data Protection legislation. However, the European e-commerce association is strongly convinced that some key elements of the text need to be modified, in order to avoid that the new General Data Protection Regulation (GDPR) will have a negative impact on the e-commerce businesses in Europe. A more balanced approach is therefore needed, in order to effectively protect the consumer but without additional administrative burdens for online merchants.
Ecommerce Europe welcomes the upcoming revision of the E-Privacy Directive 2002/58/EC. It is crucial that during the process of revision European legislators will recognize the important role that electronic communications and data-driven marketing play in the business model of online merchants. Also, Ecommerce Europe asks European policy makers to maintain an integrated approach towards data protection and privacy to ensure to avoid double regulation, as some rules related to E-Privacy will already be included in the GDPR, once adopted. In addition, the position paper explains more in detail how an easy (electronic) communication between merchants and consumers would benefit both parties, also when this communication – under certain circumstances – happens in an unsolicited way.
Processing personal data,profiling and data-driven marketing: essential elements for merchants!
Online merchants call for unambiguous consent
Ecommerce Europe emphasizes that the privacy impact of personal data processing is context-dependent. A risk-based consent rule, depending on the specific circumstances and the context of the personal data collection, is therefore the most suitable approach. Ecommerce Europe supports the notion of “unambiguous” consent for processing non-sensitive data of consumers. Ecommerce Europe urges European legislators not to impose the requirement of explicit consent for the processing of non-sensitive data as this would have a negative effect for the sector.
In its position paper, Ecommerce Europe covers also other key aspects of the future GDPR important for online merchants, such as a clearer and less burdensome right to data portability, as well as a case-to-case, flexible approach when applying the Right to be forgotten and to erasure of personal data. The obligation to have a Data Protection Officer, the enforcement by national supervising authorities and the one-stop-shop are also key elements that require the attention of European policy makers, in order to avoid excessive burdens on the industry.
For a detailed overview of Ecommerce Europe’s recommendations on consumer policies, please click here to read the full position paper.