ePrivacy Regulation
Purpose: The purpose of the ePrivacy Regulation is to ensure effective and robust protection of confidentiality in electronic communications. The regulation is intended to replace the ePrivacy Directive 2002/58/EU with new rules that align with market and technological developments. Its aim is to complement the General Data Protection Regulation with specific rules for digital communication, but with the same supervisory authority and enforcement mechanisms as the General Data Protection Regulation.
Scope: The regulation will be particularly relevant for providers of electronic communications, providers of digital internet-based communication services, businesses engaged in digital marketing, and all the businesses that use cookies on their websites and apps.
Core obligations: The proposed regulation contains rules to ensure confidentiality in electronic communications, including rules for processing, storing, and deleting communication data. It also proposes rules for the use of cookies, where the main rule is the requirement for opt-in consent from the user. The proposal also covers rules on directory services and direct marketing in digital channels.
- Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications, and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications).
- Original proposal from the EU Commission: EUR-Lex – 52017PC0010 – EN – EUR-Lex
- Overview of legislative process (European Parliament): Carriages preview | Legislative Train Schedule
- Proposal from the Parliament dated October 19, 2017
- The proposal is currently in trilogue negotiations between the EU Commission, the Parliament, and the Council