The Commission has published a draft Regulation to replace the
What's the issue?
Having completed the GDPR and NISD, the Commission is rounding
off its overhaul of the EU privacy regime with an update of the
What's the development?
The EC has published a draft Regulation which it is urging the
Council and Parliament to complete by 25 May 2018 when the GDPR
comes into effect.
As expected, the draft Regulation on Privacy and Electronic
applies to 'over the top' service providers such as
WhatsApp, Facebook, Gmail and Skype and not just to
telecommunications service providers;
takes the form of a Regulation rather than a Directive;
covers both content and metadata derived from electronic
communications – both will need to be anonymised or deleted
if users have not given consent, unless required for billing
gives traditional telecommunications providers more scope to
use data and provide additional services, subject to obtaining
streamlines rules on cookies – consent to cookies will be
able to be given through browser settings and consent will not be
needed for non-privacy intrusive cookies improving internet
experience and cookies set to count visitors to a website;
bans unsolicited electronic communication by any means
including phone calls if users have not given consent;
allows Member States to require that marketing callers display
their phone number or use a special prefix; and
enhances enforcement, including by bringing penalties for
non-compliance in line with those under the GDPR.
What does this mean for you?
This legislation is going to be of enormous significance to OTT
providers who come within its scope for the first time. For
traditional telecommunications providers, there is some extension
of scope in terms of what can be done with data and there is also a
relaxation of cookie rules with the recognition that consent can be
provided using browser settings. Individuals are likely to welcome
further restrictions on unsolicited marketing, not least through
the vastly increased sanctions for non-compliance which are brought
in line with those under the GDPR.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).