What businesses need to know about the proposed E-Privacy Regulation
04 August 2017
There has been a lot of talk recently about the General Data Protection Regulation (GDPR), but not so much about the new proposed E-Privacy Regulation (EPR), the breach of which will carry the same significant fines as that of the GDPR.
The EPR is intended to replace the existing E-Privacy Directive, which deals with the protection of personal data in electronic communications, for example when using cookies, sending unsolicited marketing emails, and online monitoring. It is intended to bring this area of law up-to-date with the e-privacy laws contained in the GDPR.
The European Commission is planning for the EPR to be implemented on 25 May 2018 (alongside the GDPR). As we will still be a part of Europe then, it will apply directly to the UK. The regulation is in draft form, so it may change before being implemented. It may also be delayed, however if the implementation date is after Brexit, the UK will no doubt adopt very similar laws.
The new EPR will carry the same maximum fines as under the GDPR, which can be up to 4% of annual worldwide turnover of the preceding financial year or 20 million euros (whichever is greater). Businesses that use such electronic communications should therefore be aware of the new proposed regulations and start preparing for them now.
So what are the key changes in the draft E-Privacy Regulation?
The regulation will have a wider scope than the existing directive and includes all types of electronic communications service providers such as Skype and WhatsApp.
All electronic communications must be confidential, and user consent is required for the listening, intercepting, scanning and storing of electronic communications.
Content and metadata will need to be anonymised or deleted if users have not given consent, unless they are required for certain purposes such as billing.
Users must give their consent before any unsolicited commercial communications can be sent to them. However, the current ‘soft opt-in’ rule for electronic mail is maintained.
The regulation requires providers of browsers and similar software to offer built-in settings which mean that the use of cookie banners may no longer be needed. Cookies that enhance the website user’s experience and ensure that it functions properly will not require consent.
Our corporate & commercial department has wide experience of mergers & acquisitions, business start-ups, reconstructions, joint ventures, corporate finance and corporate governance. They are praised for reacting “admirably quickly” and “give very relevant advice” by leading national legal guides. To speak to any of them please contact anyone in the team.
Our legal experts have been busy sharing valuable expertise in their first series of free webinars for employers, and businesses across the county who missed the live events can now…
The Coronavirus Business Interruption Loan Scheme (CBILS) has thrown a much-needed lifeline to businesses experiencing cashflow difficulties as a result of the coronavirus outbreak. 17 December 2020 Today, Rishi Sunak…
The global outbreak of coronavirus (COVID-19) and the government’s resulting emergency measures have had severe implications for many businesses. Read on for answers to some frequently-asked questions on corporate &…
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL cookies.
This website uses cookies to improve your experience while you navigate through our website. Out of these cookies, the cookies that are categorised as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyse and understand how you use our website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies but it may affect your browsing experience on our website. You can find our cookie policy here.
Necessary cookies are absolutely essential for our website to function and enable core functionality such as security and accessibility. These cookies do not store any personal information. You can block these cookies by changing your browser settings, but this may affect how the website functions.
We use performance cookies such as Google Analytics to help us count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. The cookies collect information in a way that does not directly identify anyone. For more information on how these cookies work, please see our cookie policy.