Tim Stevens
Friday, February 26, 2021

ePrivacy Regulations: An Agreement is Reached in Europe

The ePrivacy Regulation (ePR) is a proposed new regulation to oversee various privacy-related topics, primarily regarding electronic communications within the European Union.

ePrivacy Regulations: An Agreement is Reached in Europe

This new regulation is to replace the Privacy and Electronic Communications Directive 2002 (ePrivacy Directive) to take into account technological advancements across websites, electronic communications and social media.

Discussions are still in progress despite plans for the new ePR to initially come into force alongside the GDPR in May 2018.

Key aspects remained undecided such as the confidentiality of communications, privacy controls, and cookies. How to apply the new regulations also remained under review.

Should ePR apply to all businesses that process data in relation to any form of online communication, use online tracking technology, or carry out direct marketing activity online? Or does it need to apply less broadly…?

Well, the EU member states have now come to an agreement and the Council of the European Union has also confirmed its position.

What exactly has changed?

On 10th February 2021, the EU member states agreed on a proposal that allows the Council of the European Union to start discussions with the European Parliament on the final text of the planned new ePR.

These updated ePrivacy rules will define how service providers are allowed to process electronic communications data or have access to data stored by end users’.

What happens next?

Despite this very welcome progress there’s still a long way to go before the new regulations come into force.

It’s important to note that the agreed proposal is essentially a gateway to further negotiations which will take place between the Council of the European Union, the European Parliament and the European Commission. This could be a fairly lengthy process until all parties agree the final text of the ePR. It’s likely during these negotiations that the parties will make some changes to the current proposal.

Once they eventually agree on the final text, there will then be an implementation period (currently proposed at two years) to give organisations the time they need to prepare for the introduction of the ePR.

The impact on UK businesses

As the UK is no longer part of the European Union, the new regulations will not directly apply in the UK.

However, UK businesses may still be in scope if they provide electronic communications services to end users in the EU or send direct marketing communications to end users in the EU. The same applies for organisations in other non-EU countries carrying out the same activities.

As with the GDPR, it may be that the UK will reform its Privacy and Electronic Communications Regulations 2003 in line with the new European regulations.

The UK government has already committed to new laws to protect privacy and is currently seeking an adequacy decision from the European Commission post-Brexit. This points to the likelihood that the UK will look to align to the new ePR, at least to some extent. Again, any such changes will take time to come to fruition.

The impact on i-4business

As you can see we’ve still got a fair way to go before the new ePR will apply. It took the parties involved in the upcoming negotiations nearly a year to agree the final form of the GDPR.

There’s still a gap to close considering the European Parliament has previously demonstrated a fairly pro-privacy stance and many commentators see the current proposal as more pro-business.

Once the parties have agreed the final text we will also have to wait to see how the UK chooses to react and how UK legislation may then change.

For now we are keeping a close eye on all developments to make sure our data continues to remain compliant. We have consent and opt ins and this will always be the case. There will be no change in how you can use our data and we will do what’s required in line with the new ePR and any eventual changes in UK legislation as this progresses.

It’s important to note too that consent is already a requirement in many EU countries, including:

·         Iceland
·         Germany
·         Spain
·         Italy
·         Greece
·         Bulgaria
·         Romania
·         Austria
·         Czech Republic
·         Slovakia
·         Belgium
·         Poland
·         Lithuania
·         Norway
·         Denmark
·         Netherlands
·         Luxembourg

So make sure any existing data you have is compliant with the current regulations.

Open a free account with us

If you’re looking to purchase new data, it’s never been so important to make sure the data you buy is legal, compliant and effective.

To help we’re now offering a free account for 30 days. Sign up here today.

Our enterprise B2B contact database for tech vendors has contact records of over 100 job roles and consists of:

·         300 verticals

·         Enterprise and public sector organisations

·         Data guarantees for accuracy, completeness, and recency

To find out more and to make sure you get the most from your free account, you can call the team on 01252 367400 or email support@i4b.com.