Following on from GDPR is the ePrivacy regulation, which looks to broaden the scope of the current ePrivacy Directive and align various online privacy rules that exist across EU member states.
Initially supposed to arrive alongside the GDPR on the 25th of May, the ePrivacy regulation was postponed as a result of delays in negotiations.
The Transport, Telecommunications and Energy Council of the European Union will meet to discuss the regulation on June the 8th at the European Convention Centre in Luxembourg. Part of this meeting will also be to agree upon on a general approach to a new cybersecurity regulation.
Who ePrivacy will impact
Looking at current drafts and literature from the European Parliament, the ePrivacy Regulation aims to provide high-level privacy protection for users of electronic communication services and to level the playing field for all market players.
>See also: Proposal for new ePrivacy Regulation: what’s different?
While GDPR is focused on personal data, ePrivacy is concerned more broadly with the confidentiality of communications – “which may also contain non-personal data and data related to a legal person.”
Often referred to as the “cookie law” ePrivacy looks to add new clarifications and simplifications to consent rules before an organisation can track an internet user with cookies.
This will add pressure to many advertisers and ultimately, any organisation that collects and uses consumer data.
Online companies like WhatsApp and Facebook Messenger, who offer communications will be subject to the same strict confidentiality rules that more traditional telecommunication operators are.
The Regulation also takes into account the Internet of Things as it also ensures the privacy of machine-to-machine communications.
Support of ePrivacy
Prior to this meeting, CEOs from some of the EU’s leading privacy-focused services have shared an open letter with Ministers highlighting the need for the reinforcement of trust in online services following scandals such as Cambridge Analytica and why we need to set a higher standard for all players.
>See also: Can programmatic survive GDPR?
In the open letter, they say: “We believe the Regulation will create an opportunity for EU businesses and spark innovation. It will force data-driven companies to rethink their business model and bring the emergence of a service-led economy in which users increasingly share their data with companies who respect their rights and handle their data with care.”
“However, we also believe it is incomplete without provisions requiring a privacy by design and by default approach to software development. In this regard, we would like to bring one particular element to the Ministers’ attention: the indispensable role end-to-end encryption plays in protecting individuals’ data online and in increasing their trust in the security of digital services.”