What businesses need to know about the proposed E-Privacy Regulation
04 August 2017
There has been a lot of talk recently about the General Data Protection Regulation (GDPR), but not so much about the new proposed E-Privacy Regulation (EPR), the breach of which will carry the same significant fines as that of the GDPR.
The EPR is intended to replace the existing E-Privacy Directive, which deals with the protection of personal data in electronic communications, for example when using cookies, sending unsolicited marketing emails, and online monitoring. It is intended to bring this area of law up-to-date with the e-privacy laws contained in the GDPR.
The European Commission is planning for the EPR to be implemented on 25 May 2018 (alongside the GDPR). As we will still be a part of Europe then, it will apply directly to the UK. The regulation is in draft form, so it may change before being implemented. It may also be delayed, however if the implementation date is after Brexit, the UK will no doubt adopt very similar laws.
The new EPR will carry the same maximum fines as under the GDPR, which can be up to 4% of annual worldwide turnover of the preceding financial year or 20 million euros (whichever is greater). Businesses that use such electronic communications should therefore be aware of the new proposed regulations and start preparing for them now.
So what are the key changes in the draft E-Privacy Regulation?
The regulation will have a wider scope than the existing directive and includes all types of electronic communications service providers such as Skype and WhatsApp.
All electronic communications must be confidential, and user consent is required for the listening, intercepting, scanning and storing of electronic communications.
Content and metadata will need to be anonymised or deleted if users have not given consent, unless they are required for certain purposes such as billing.
Users must give their consent before any unsolicited commercial communications can be sent to them. However, the current ‘soft opt-in’ rule for electronic mail is maintained.
The regulation requires providers of browsers and similar software to offer built-in settings which mean that the use of cookie banners may no longer be needed. Cookies that enhance the website user’s experience and ensure that it functions properly will not require consent.
Our corporate & commercial department has wide experience of mergers & acquisitions, business start-ups, reconstructions, joint ventures, corporate finance and corporate governance. They are praised for reacting “admirably quickly” and “give very relevant advice” by leading national legal guides. To speak to any of them please contact anyone in the team.
A recent CIPD Health and Wellbeing at work survey has reported that most organisations are taking additional measures to support employee health and wellbeing, in response to COVID-19. Three quarters…
This September brings change to the use of standard contractual clauses (SCCs) governing data transfers from the EU and EEA. In June this year, the European Commission published two sets…
Our legal experts have been busy sharing valuable expertise in their first series of free webinars for employers, and businesses across the county who missed the live events can now…
Our website uses cookies to improve your experience while you navigate through our website. Out of these cookies, the cookies that are categorised as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyse and understand how you use our website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies but it may affect your browsing experience on our website. You can find our cookie policy here.
Necessary cookies are absolutely essential for our website to function and enable core functionality such as security and accessibility. These cookies do not store any personal information. You can block these cookies by changing your browser settings, but this may affect how the website functions.
We use performance cookies such as Google Analytics to help us count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. The cookies collect information in a way that does not directly identify anyone. For more information on how these cookies work, please see our cookie policy.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Cookie
Duration
Description
__cf_bm
30 minutes
This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-562889-3
1 minute
A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
vuid
2 years
Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
