EU ePrivacy Regulation
In January 2017, the European Commission published a draft ePrivacy Regulation as part of a process to replace the current ePrivacy Directive, aiming to consolidate member state implementation and align with the General Data Protection Regulation, which comes into force in May 2018. While there is quite a bit of work left to do before the draft is finalized, there is plenty to be learned from digging into this first iteration.
Notably, the EU is moving from a directive to a regulation — echoing the move from the Data Protection Directive to the GDPR — in an effort to harmonize data protection laws across the EU. Additionally, the scope has been extended to apply to any company processing personal data in the context of delivering electronic communications and files, including so-called “over-the-top” providers like Gmail, WhatsApp, and Netflix, not just traditional telecommunication providers.
On this page, IAPP members will find the latest developments in the creation of the ePrivacy Regulation. We will update this page to reflect the status of the draft as it moves closer to becoming law.