Article 23 of ePrivacy Regulation: General Conditions for Imposing Administrative Fines (Proposed Text)
The proposed text for ePrivacy Regulation Article 23 from the 4th of May, 2018 is below, covering the general conditions for imposing administrative fines. This will likely change in the next month or two as they are meeting to discuss the changes to the current ePrivacy Directive. We will update accordingly. Negotiations continue about the precise text and the current version gives one year from the date of entry into force for implementation. We will post the full text when it is available.
Article 23: General conditions for imposing administrative fines
1. For the purpose of this Article, Chapter VIII of Regulation (EU) 2016/679 shall apply to infringements of this Regulation.
2. Infringements of the following provisions of this Regulation shall, in accordance with paragraph 1, be subject to administrative fines up to EUR 10 000 000, or in the case of an undertaking, up to 2 % of the total worldwide annual turnover of the preceding financial year, whichever is higher:
(a) the obligations of any legal or natural person who process electronic communications data pursuant to Article 8;
(b) the obligations of the provider of software enabling electronic communications, pursuant to Article 10;
(c) the obligations of the providers of publicly available directories pursuant to Article 15;
(d) the obligations of any legal or natural person who uses electronic communications services pursuant to Article 16.
3. Infringements of the principle of confidentiality of communications, permitted processing of electronic communications data, time limits for erasure pursuant to Articles 5, 6, and 7 shall, in accordance with paragraph 1 of this Article, be subject to administrative fines up to 20 000 000 EUR, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.
4. Member States shall lay down the rules on penalties for infringements of Articles 12, 13, and 14.
5. Non-compliance with an order by a supervisory authority as referred to in Article 18, shall be subject to administrative fines up to 20 000 000 EUR, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.
6. Without prejudice to the corrective powers of supervisory authorities pursuant to Article 18, each Member State may lay down rules on whether and to what extent administrative fines may be imposed on public authorities and bodies established in that Member State.
7. The exercise by the supervisory authority of its powers under this Article shall be subject to appropriate procedural safeguards in accordance with Union and Member State law, including effective judicial remedy and due process.
8. Where the legal system of the Member State does not provide for administrative fines, this Article may be applied in such a manner that the fine is initiated by the competent supervisory authority and imposed by competent national courts, while ensuring that those legal remedies are effective and have an equivalent effect to the administrative fines imposed by supervisory authorities. In any event, the fines imposed shall be effective, proportionate and dissuasive. Those Member States shall notify to the Commission the provisions of their laws which they adopt pursuant to this paragraph by [xxx] and, without delay, any subsequent amendment law or amendment affecting them.
Previous (Article 22) | Index | Next (Article 24)
Need help with ePrivacy Directive Article 5.3 compliance for the EU Cookie Law? Call 1-888 for a demo of the Clarip Cookie Consent Manager.
Contact Clarip for CCPA and GDPR Software
The Clarip privacy management software is ready to help improve your organization’s privacy practices. Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo with a member of the Clarip team.
If your immediate need is California Consumer Privacy Act compliance, take a look at our CCPA software. From consent management to powerful DSAR Software, Clarip offers enterprise privacy management at an affordable price.
Still working on GDPR compliance? We understand! Our GDPR software tools offers a range of options from data mapping software, DPIA automation, and cookie management for ePrivacy.
Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo and speak to a member of the Clarip team.