(Adds EU Commission comment, background)
By Julia Fioretti
BRUSSELS, Aug 15 (Reuters) - The European Union is planningto extend telecom rules covering security and confidentiality ofcommunications to web services such as Microsoft's Skype and Facebook's WhatsApp which could restrict howthey use encryption.
The rules currently only apply to telecoms providers such asVodafone and Orange.
According to an internal European Commission document seenby Reuters, the EU executive wants to extend some of the rulesto web companies offering calls and messages over the Internet.
Telecoms companies have long complained that web groups suchas Alphabet Inc's Google, Microsoft and Facebook aremore lightly regulated despite offering similar services andhave called for the EU's telecoms-specific rules to be repealed.
They have also said that companies such as Google andFacebook can make money from the use of customer data.
"Unlike telcos, OTT (web-based) are global players that areallowed to commercially exploit the traffic data and thelocation data they collect," telecoms group Orange said in aresponse to the EU's public consultation on the reformproposals.
Under the existing "ePrivacy Directive", telecoms operatorshave to protect users' communications and ensure the security oftheir networks and may not keep customers' location and trafficdata.
The EU rules also allow national governments to restrict theright to confidentiality for national security and lawenforcement purposes.
Many tech companies such as Facebook and Google alreadyoffer end-to-end encryption on their messaging and emailservices.
They argue there is no need to extend the telecoms rules toweb services and that the EU should not dictate how they protecttheir users' communications.
Facebook, which uses full-scale encryption on WhatsApp, saidin its response to the Commission's public consultation thatextending the rules to online messaging services would mean theycould in effect "no longer be able to guarantee the security andconfidentiality of the communication through encryption" becausegovernments would have the option of restricting theconfidentiality right for national security purposes.
"Therefore, any expansion of the current ePD (ePrivacyDirective) should not have the undesired consequence ofundermining the very privacy it is seeking to protect," thecompany said.
Tech companies have been at loggerheads with nationalgovernments and police agencies over the use of encryption.Advocates of strong encryption argue the technology is vital forprotecting the privacy of consumers and businesses.
EU Commission Vice-President Andrus Ansip has spoken out inthe past in favour of encryption.
The EU document said that the exact confidentialityobligations for web firms would still have to be defined.
The Commission could also force the companies to allow theirusers to take a copy of their content, for example emails, withthem when they switch providers, according to the document.
The EU executive will propose a reform of the ePrivacy ruleslater this year, while a broader overhaul of the EU's telecomsrules will come in September.
The Commission said it was considering whether the scope ofthe current rules needed to be adapted needs "to ensure adequatelevels of consumer protection and ensure that regulation doesnot distort competition."
"This does not necessarily mean treating all communicationsservices the same for all purposes," Commission spokeswomanNathalie Vandystadt said. (Editing by Jane Merriman)