Council of the European Union Reaches an Agreement on the ePrivacy Regulation

On February 10, 2021, Council of the European Union agreed on a negotiated mandate for revised rules on the protection of privacy and confidentiality in the use of electronic communications services (ePrivacy Regulation). The agreement will allow the Council and the European Parliament to negotiate the terms of the final text of the Regulation.

The development is a major step in the EU’s four-year effort to replace the existing ePrivacy Directive of 2002 to bring regulation of electronic communications in line with the GDPR and to address new technological and market developments, such as the widespread use of Voice over IP, web-based email and messaging services, and the emergence of new techniques for tracking users’ online behavior.

Pursuant to the Council mandate, the ePrivacy Regulation will cover electronic communications content transmitted using publicly available services and networks, and metadata related to the communication, such as location and the time and recipient of communication. The Regulations will also cover machine-to-machine data transmitted via a public network.

While the new rules will apply when the end-users are in the EU, they will cover cases where the processing takes place outside the EU or the service provider is established or located outside the EU.

The Regulation will require that the end-users have a genuine choice on whether to accept cookies or similar identifiers. To avoid cookie consent fatigue, however, an end-user will be able to give consent to the use of certain types of cookies by whitelisting one or several providers in their browser settings. Software providers will be encouraged to make it easy for users to set up and amend whitelists on their browsers and withdraw consent at any moment.

Improve customer trust with Clarip’s privacy governance platform.  Schedule a demo of the Clarip data mapping software for Privacy Compliance by calling 1-888-252-5653.