EU ePrivacy Regulation


On this topic page, you can find the latest developments in the creation of the ePrivacy Regulation.

Subscribe to the IAPP Europe Data Protection Digest
Be in-the-know on EU privacy news (think the GDPR, Privacy Shield, and the PNR Directive, to name a few) by subscribing to the IAPP Europe Data Protection Digest.

Featured Resources

UK DPDI Bill: Comparison with GDPR and ePrivacy

In July 2022, the U.K. government introduced the Data Protection and Digital Information Bill. This comparative analysis considers the changes proposed by the DPDI Bill by reference to the relevant EU law provisions.
Read More

ePrivacy Regulation — Q&A on
select topics

IAPP Senior Westin Research Fellows Jetty Tielemans and Müge Fazlioglu, CIPP/E, CIPP/US, offer an overview of key provisions of the text approved by the Council of Ministers earlier this year.
Read More

Next-gen privacy: Examining the EU’s ePrivacy Regulation

IAPP Senior Westin Research Fellow Müge Fazlioglu, CIPP/E, CIPP/US, takes a deep dive into the ePrivacy Regulation, including its evolution, scope and how it handles consent and cookies.
Read More

Latest News and Resources

CNIL's ePrivacy fines reveal potential enforcement trend

The new year for EU data protection enforcement has rung in with an early bang courtesy of the France's data protection authority, the Commission nationale de l'informatique et des libertés. The CNIL fined Google and Facebook up to a combined 210 million euros for alleged cookie violations under the ePrivacy Directive. Allegations against the companies focus on French users' inability to easily decline tracking via cookies. Google's U.S. and Irish operations received penalties of up to 90 and 6... Read More

CIPL releases recommendations on e-Privacy Regulation

The Centre for Information Policy Leadership released recommendations on the draft e-Privacy Regulation as part of trilogue discussions. Among its comments, CIPL said the regulation should be consistent with the EU General Data Protection Regulation, fill in gaps of the GDPR related to electronic communication data and designate data protection authorities as sole regulators. It also notes a ban on cookie walls and consent for cookies at the browser level should be removed. CIPL also published a... Read More

Google supports temporary ePrivacy derogation to fight child exploitation online

In documents submitted to the European Commission, Google said it supports a temporary derogation from the ePrivacy Directive to combat the "sexual exploitation of children online," Euractiv reports. In its comments on the commission's consultation on the topic, Google also supports the creation of a center to help with law enforcement and prevention on an EU level. ZDNet reports Google voiced its support for a new security standard for smartphone virtual private network applications.Full Story... Read More

EU Council ambassadors agree to negotiating position on ePrivacy Regulation

After years of legislative limbo, the draft ePrivacy Regulation is alive and kicking after ambassadors from the Council of the European Union agreed on a negotiating mandate. The move, led by the Portuguese Presidency in the Council, allows negotiations with the European Parliament to move forward, as part of the "trilogue" process.  "The path to the Council position has not been easy," Portuguese Minister for Infrastructure and Housing and President of the Council Pedro Nuno Santos said, "but ... Read More

New ePrivacy draft covers metadata processing, removes legitimate interest provision
(IAPP, November 2020)
ePrivacy and Data Protection: The Complex Web of Data Privacy and its Influence on AI Ethics, Competition and Tech Evolution
(Citi GPS, July 2020)
Critics on Croatia’s ePrivacy proposal: Legitimate interest provisions not legitimate
(IAPP, February 2020)
Croatian Presidency tempers expectations on ePrivacy progress
(IAPP, January 2020)
EU Council to make ePrivacy pitch to Parliament
(IAPP, January 2020)
How the ePrivacy Regulation talks failed … again
(IAPP, November 2019)
Latest ePrivacy draft arrives following WP TELE meetings
(IAPP, November 2019)
The Privacy Advisor Podcast: Debrief on ePrivacy Regulation, Schrems II case
(IAPP, July 2019)
Tracking under the ePrivacy Regulation
(CMS Law, July 2019)
What happens to ePrivacy under the Romanian presidency?
(IAPP, January 2019)
Inside the ePrivacy Regulation’s furious lobbying war
(IAPP, October 2017)
LIBE votes to push Lauristin’s ePrivacy Regulation forward
(IAPP, October 2017)
Council of the EU releases first proposed revisions of ePrivacy Regulation
(IAPP, September 2017)
MEPs debate ePrivacy Regulation’s merits ahead of July 10 deadline
(IAPP, June 2017)
Introducing: The ePrivacy Regulation’s key player
(IAPP, May 2017)
Will the ePrivacy Reg overshadow the GDPR in the age of IoT?
(IAPP, February 2017)
The ePrivacy Regulation: It’s not just about cookies anymore
(IAPP, February 2017)
European Commission proposes formal ePrivacy Regulation
(IAPP, January 2017)
View More Resources