It is time for organisations to prepare in advance of the new ePrivacy Regulation coming into force.
In January 2017, the European Commission proposed a new Regulation on Privacy and Electronic Communications. This new ePrivacy Regulation (ePR) will replace the 2002 ePrivacy Directive, known as the ‘cookies law’. The new ePR regulation aims to ensure privacy in all electronic communications which will have implications for all businesses that have a website once brought into force.
The regulation will cover:
The regulation will make rules around cookies and consent clearer and more user friendly. Responsibility for obtaining consent and penalties will now be with the entity that collects, processes and stores end user information.
End user consent will be required for all direct marketing communications including online behavioural advertising and withdrawal of consent should be as easy as consenting.
The regulation will cover rules around electronic communications metadata which is used by most organisations’ websites. The metadata may hold, the source and destination of a communication, the location of the device being used as well as the date, time, duration and type of communication.