The ePrivacy Regulation : the new EU legislation and why it’s important

The central administrative organs of the European Union have been taking serious measures regarding data protection and privacy measures recently, obliging all companies and organizations to comply with the new norms. However, another EU Regulation, that has been in the stage of drafting since 2017 requires everyone’s attention: the EU ePrivacy Regulation on the Respect for private life and the protection of personal data in electronic communications.

While this new Regulation was published back in January of 2017 as a proposal text, it is currently in the works in order to replace the existing European Directive on Privacy and Electronic Communications 2002/58/EC.
The problem that arose within the boarders of the EU was that the gradual implementation of the Directive has been quite inconsistent, creating differences and legal voids within the national legislations of the Member States.

The new legal text is still in the works, as the EU legislative organs aim to create a Directive that shall not only concern the use of cookies, but electronic communications in general, covering rights such as confidentiality, as well as personal data and privacy protection.

But what is the difference between this new Regulation and the GDPR? The ePrivacy Regulation will cover the Internet use in general; in other words, it includes email, applications, telephone, instant messages and all types of websites and communications that are performed online. Moreover, it will apply to telecommunication firms, all types of spam, direct marketing, mobile application developers, advertising networks etc.

The new EU ePrivacy Regulation is a legal statement for a variety of reasons; first and foremost, the term used by the legislator changes from Directive to Regulation, meaning that this legal text is self-executing and is by nature legally binging for all Member States of the EU. Then, its’ broad application to various platforms reinforces security and uniformity along one common digital market.

The ePrivacy Regulation targets the simplification of the rules concerning website cookies and their consent policies by withdrawing the need of the consent pop-ups at the entry of every website.
The legislators are working to draft a user friendly proposal, where no consent will be needed for non-privacy intrusive cookies, in order to improve internet experience.

What has already been set clear is that this new Regulation is expected to be extremely important to comply with, as the fines for breaches are expected to be as high as those set by the GDPR.

By N. Kalifatidou
Advocate – Legal Consultant
Arsen Theofanidis LLC