The European Commission (EC) announced Thursday that it would refer the UK [press release] to the European Court of Justice (ECJ) [official website] for not fully complying with EU regulations that protect the privacy of electronic communications. The EU has found UK law in breach of the ePrivacy Directive 2002/58/EC and the Data Protection Directive 95/46/EC [texts], regulations regarding consent to interception and the role of enforcement and supervisory committees. Specifically, current UK law does not provide for an independent national authority to supervise the interception of some communications, it allows for communications to be received without fulfilling the EU definition of consent and it does not have a mechanism that ensures sanctions for unlawful unintentional interception, as required by EU law.
The EC formally notified [JURIST report] the UK in April 2009 that it was starting infringement proceedings [EC backgrounder] for failure to follow EU Internet privacy and data protection rules [text]. The commission specifically referred to "Phorm" [BBC report], an Internet technology used by UK Internet service providers (ISPs) to monitor user web-surfing habits and deliver personalized advertising without the user's consent. The program was stopped after public outrage, but the EC said it was unsatisfied with the official response to "Phorm" and pointed that out weak UK laws meant that the authorities could do little to actively protect user privacy. The EC called for an overhaul of UK laws, giving the government two months to respond.