Posted in Miscellaneous, Privacy

New EU ePrivacy rules in the making Internet services, IoT, cookies and more will be significantly impacted

As already previously covered in my blog, 2002 ePrivacy Directive may be beefed-up, in order to:

  • Extend the scope of ePrivacy rules to VoIP (voice over Internet providers) and OTT (Over the Top), as well as telecommunication providers
  • Apply rules to new tracking and e-marketing technologies.
  • Align privacy concepts (consent, data breaches, territorial scope, fines,…) with the GDPR
  • Amend the rules on secrecy of communication metadata to require record deletion right after the communication has been made, provided no exceptions would apply.

The new proposal will be shaped as a Regulation (hence directly applicable), will involve services provided in EU (regardless of where the process takes place).

The opt-in rule will be bolstered (before consent is granted to third parties) and software device must, by-default, be configured to restrict  these cookies by default (yuppie!). Even Pixel tags across e-mail will be included (yay! x2).

Communications must be erased unless exceptions apply (billing duties, cybersecurity, clearconsent by the user).

Direct marketing will not be permitted and opt-out rights must be clearly granted in case of subscription. Breach notification duties will be aligned to GDPR (72 hours, if I am not wrong).

Regarding the potential fines. a breach could result in 4% of the yearly worldwide revenues.




Contract Manager with a remarkable lust for legal and business knowledge

Share your insights with a comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s