The EU Is at It Again – ePR
The EU is at it again. The ePrivacy Regulation (ePR), which originally should have been finalized on the date of the enforcement of the General Data Protection Regulation GDPR, 25 May 2018, is under review. Its purpose is to specifically protect the confidentiality of electronic communications.
Once applied, the ePrivacy Regulation will replace the ePrivacy Directive from 2002, known by many as the “Cookie Law” – one of its most noticeable impacts being the cookie consent pop-ups, that made their appearance on most websites in its wake. The same authority that is responsible for the GDPR is responsible for the ePR. The regulation takes on board all definitions of privacy and data that were introduced within the GDPR and acts to clarify and enhance it.
The damage? According to an article in the New York Times, “The new European data privacy legislation is so stringent that it could kill off data-driven online services and chill innovations like driverless cars, tech industry groups warn. The American Chamber of Commerce to the European Union called the legislation ‘overly strict.’ The Developers Alliance, a trade group representing Facebook, Google, Intel and dozens of app makers, said it could cost businesses in Europe more than 550 billion euros, or about $640 billion, in annual lost revenue. And DigitalEurope, another tech trade group, said the legislation’s prohibitive approach ‘seriously undermines the development of Europe’s digital economy.’”
The regulation will include any type of communications, including emails and text messages, to be consented to before being used. Marketers will not be able to send emails or text without prior permission from each email or mobile account holder. What is a blessing is those annoying cookies pop-ups will go away and will need to be tracked from within the software and settings.
Part of the scope is that the same level of privacy required for brick and mortar companies will be applied to online communication providers, for example, Gmail, Skype, and Facebook Messenger. The new provisions create the necessity for metadata to be treated in the same way as the actual content of the communication.
How soon? The law was approved by the European Parliament and is under review by the Council of the European Union, a group of government officials representing the 28 member countries. Bloc officials had originally intended for the law to go into effect in 2018, but council negotiations have been slowed by internal disagreements – no kidding. Supposedly, it has now been pushed back to the fall of 2019.
According to Daniel Dalton, a British member of the European Parliament, “Europe will become a digital backwater.” Dalton, who pushed for amendments on the ePrivacy bill, said he had met with Google, Microsoft, video game companies, and trade groups to discuss their objections to the legislation. Who, as we can guess, are very much against it.
Wonder what they’ll think of next? Does this impact your organization more than GDPR? Don’t worry, we had you covered on GDPR, so we’ll keep you covered on this one.