Privacy and data protection


GSMA has launched a report entitled A new regulatory framework for the digital ecosystem. With the report, GSMA hopes to 'contribute to the current debate about the implications of technological and economic convergence for the regulation of the digital ecosystem.' The report focuses on six areas of regulatory policy: access regulation, barriers to entry and exit, privacy and data protection, merger review, spectrum management, and universal availability and access.


James Clapper, US Director of National Intelligence, has declared that government agencies might use Internet of Things devices for surveillance purposes, including 'identification, surveillance, monitoring, location tracking and targeting for recruitment, or to gain access to networks or user credentials.' Apart from using the Internet for intelligence gathering, Clapper has also posited 'online threats' on the top of his global threats list. 

The Commission Nationale de l’Informatique et des Libertés (CNIL) has given Facebook three months to comply with a formal notice. The notice requests Facebook to stop tracking the browsing activity of Internet users who do not have a Facebook account, and to provide account holders with the means to object to the compiling of their data for advertising purposes, among other measures. The French data protection authority may fine the company if it fails to comply.

In an editorial published by Bloomberg, the US senator John McCain calls for legislation that would require technology companies to design their technologies in such a way that they can comply with legal requests from authorities for access to content. McCain argues that terrorist and common criminals take advantage of available encryption technologies to achieve their goals 'beyond the reach of intelligence agency tools and law enforcement capabilities’. He says that this situation is unacceptable and that the users’ rights to private communications must be balanced with concerns over national security.

In the first significant action against a company for transferring European citizen's data to the USA after the Safe Harbour pact was ruled illegal last year, the French data protection authority has given Facebook three months to stop tracking non-users' web activity without their consent, and ordered it to stop some transfers of personal data to the USA. While Facebook felt it had complied with EU data protection laws, cookies and profiling were considered non-compliant wit the regulations. 

The Brazilian Ministry of Justice opened a new public consultation on the draft Internet Decree ('the Draft Decree') which seeks to regulate the Civil Rights Framework for the Internet 2014, on 25 January 2016. The draft decree  includes sections on net neutrality, online privacy and data retention which companies must embrace when dealing with user's data. In relation to the Draft Decree, the Minister of Justice, Jose Eduardo Cardozo, highlighted, 'Given the great impact that the Framework has over the lives of all Internet users, the participation of society is extremely important in order to have effective regulation.' Read the complete analysis from Data Guidance.



The GIP Digital Watch observatory is provided by



and members of the GIP Steering Committee


GIP Digital Watch is operated by

Scroll to Top