The European Union could be planning to extend the rules covering security and confidentiality of telecommunicatuions to web services including Skype and WhatsApp, according to an internal European Commission document seen by Reuters.

The current ePrivacy Directive requires telecoms operators to protect users’ communications and ensure the security of their networks, without them being able to keep customers’ location and traffic data. Some in the industry were hoping to repeal the law entirely, however it now looks like the EU could be extending its reach. The plan could be be presented in September.

The privacy directive

WhatsApp Logo
– WhatsApp

“The Commission is indeed working on an update of EU telecoms rules under its Digital Single Market strategy,” Nathalie Vandystadt, a spokesperson for the EU’s Digital Single Market, said in a statement.

“The upcoming reform of the EU telecoms framework should incentivize and leverage more private investment in next-generation networks, provide regulatory predictability and the right conditions for all operators to invest.

“The Commission is looking into to what extent people can consider OTT services like WhatsApp and Skype to be functional substitutes for services provided by traditional telecoms operators, and is considering whether [the] scope of the current EU rules needs to be adapted, to ensure adequate levels of consumer protection and ensure that regulation does not distort competition.”

Vandystadt added that “this does not necessarily mean treating all communications services the same for all purposes.” 

Facebook told Reuters that extending the rules to online messaging services could impact WhatsApp’s end-to-end encryption and may mean the company could “no longer be able to guarantee the security and confidentiality of the communication through encryption” as governments could restrict the confidentiality right for national security purposes.

“Therefore, any expansion of the current ePD (ePrivacy Directive) should not have the undesired consequence of undermining the very privacy it is seeking to protect,” the company said.

Earlier this month, mobile operator lobbying group GSMA released an open letter co-signed by groups such as DigitalEurope, ECTA and CableEurope asking for the end of the ePrivacy Directive: “The tech and telecom industries call for the ePrivacy Directive to be repealed. We believe that simplifying and streamlining regulation will benefit consumers by ensuring they are provided with a simple, consistent and meaningful set of rules designed to protect their personal data.”