Home » Policy Landscape » Privacy » ePrivacy Directive

ePrivacy Directive

The proposal for a Regulation on Privacy and Electronic Communications was adopted by the Commission in January 2017. The proposal reviews Directive 2002/58/EC, that was previously reviewed by Directive 2009/136/EC.
The main objectives of the proposal for a Regulation on Privacy and Electronic Communications are to ensure the confidentiality of all electronic communications for endusers (e.g., the content of a phone call, SMS, instant message, VoiP call, e-mail, and the related metadata, such as time, duration and location of the communication); protection of the terminal equipment information of end-users (e.g., access to photos stored in a phone or the storage of tracking cookies when visiting a website); transparency and end-user empowerment regarding software privacy settings (e.g., browser privacy settings); and consistency with Regulation (EU) 2016/679 ("GDPR") via inter alia the repeal of the provisions regarding personal data breach notifications and alignment of the comptences of
the supervisory authorities.
Challenges:

  1. the purposes for which electronic communications data can be processed without the consent of the end-user;
  2. whether the use of ‘cookie walls’ is allowed;
  3. whether software providers must provide options for privacy settings and inform the end-user thereof;
  4. which public interests may justify restrictions to certain rights and obligations under the Regulation, including issues of data retention;
  5. which authorities are appointed as supervisory authorities (data protection authorities or others).

News

The pandemic has shown the importance of international supply chains and how dependent we are. Attacks in the virtual space may have an increasing impact on supplies in our analogue world.