If you thought navigating online privacy was already a labyrinth, hold onto your hats because the EU is taking things to a new level with the ePrivacy Regulation! This legislation is all about regulating electronic communications’ privacy and confidentiality, ensuring sensitive information is not carelessly being tossed around the digital sphere.
What is the ePrivacy Regulation?
The ePrivacy Regulation is a proposed law in the European Union that aims to protect the rights of internet users. It is an updated version of the existing ePrivacy Directive from 2002, which covers privacy and electronic communications rules. If approved, the ePrivacy Regulation will establish data protection standards for various forms of digital communication, including text messages, emails, WhatsApp messages, and other electronic exchanges. It will cover the content of communications, metadata (like location tracking), and cookies (used for online tracking). The ePrivacy Regulation was scheduled to effect on May 25, 2018, the same day as the GDPR.
GDPR versus ePrivacy
The General Data Protection Regulation (GDPR) and the ePrivacy Regulation are both about data protection in Europe. The GDPR is mainly about personal information, while the ePrivacy Regulation is about privacy in online communication. These laws complement each other, so you don’t need to change your GDPR processes. The ePrivacy Regulation will expand the privacy rules in the EU.
Does the ePrivacy Regulation apply to me?
The ePrivacy Regulation applies to businesses and individuals who send information through electronic communication services in the EU. This includes emails, text messages, chat apps like WhatsApp, and videoconferencing tools like Skype or Zoom. The Regulation also applies to non-EU organizations that handle data of EU residents.
What is wrong with the ePrivacy Regulation?
The ePrivacy Regulation has been in the works for years, but it seems stuck in Brussels with no end in sight. The bill contains specific rules on electronic communications and personal data, covering telemarketing, sending emails, and even anonymous cookie usage.
However, disagreements among EU member states, particularly France and Germany, have plagued the legislative process. The ePrivacy Regulation has significant implications for online advertising, media, and telecommunications; no wonder it takes so long to finalize.
Critical Elements of the ePrivacy Regulation
New privacy rules:
The future of electronic communication services, such as WhatsApp, Facebook Messenger, and Skype, will undergo a significant shift. New privacy rules will be applied to these popular platforms, ensuring users receive the same level of confidentiality in their communications as traditional telecom operators.
Stricter rules:
All individuals and businesses in the EU will soon enjoy the same level of protection for their electronic communications. This directly applicable Regulation will provide a single set of rules across the entire EU, making it easier for businesses to comply.
Communications content and metadata:
The privacy of communications content and metadata is critical. Metadata, such as author, date created, and location, contains sensitive information that should be anonymized or deleted if users do not consent, except for billing purposes.
New business opportunities with user consent:
Once consent is granted for processing communications data, traditional telecom operators can offer new services and grow their businesses. For example, they could create heat maps showing individuals’ presence, providing valuable insights to public authorities and transport companies for new infrastructure projects.
More straightforward rules for cookies:
The cookie provision, which previously resulted in an overwhelming number of consent requests for internet users, will be streamlined. The new rule will be more user-friendly, with browser settings offering an easy way to accept or reject tracking cookies and other identifiers. The proposal also clarifies that consent is not required for non-intrusive cookies that enhance the internet experience, such as remembering shopping cart history or counting website visitors.
Spam protection:
This proposal will ban unwanted electronic communications, including email, SMS, and automated calling machines. Depending on national law, individuals will be protected by default or can use a do-not-call list to stop marketing phone calls. Marketing callers must display their phone number or use a unique prefix indicating a marketing call.
Effective enforcement of confidentiality rules:
The enforcement of the confidentiality rules in this Regulation will be the responsibility of data protection authorities, who are already in charge of the regulations under the GDPR. This will ensure these rules are effectively enforced to protect all EU residents.
Consent, Consent, Consent
Consent will become even more critical once the ePrivacy Regulation is fully passed. Users must be allowed to accept cookies, following the GDPR designation requiring consent before collecting, storing, or processing users’ data.
In conclusion, the battle for online privacy in Europe continues with the ePrivacy Regulation and the stalled bill. While it may take some time for the ePrivacy Regulation to be published, it is essential to know that it will simply broaden the privacy rules of the EU, working in conjunction with the GDPR. And remember, consent will always be crucial. At Nixon Digital, we understand the importance of compliance with the ePrivacy Regulation, particularly concerning cookie usage. That’s why we offer comprehensive solutions to help you stay compliant.
Our team evaluates various factors such as scope, compatibility, privacy, different types of cookies, cookie management, GTM access, and 3rd party technology to ensure the effectiveness of your website’s cookie management system. With Nixon Digital, you can rest assured that your website is in good hands.