ePrivacy Regulations

In their 2016 US Consumer privacy research, TRUSTe/NCSA found that 92 percent of US Internet users worry about their privacy online, 44 percent have withheld personal information for fear of inappropriate use, and 89 percent avoid doing business with companies that do not take steps to protect their privacy (1).

In response, regulators and legislators around the globe are moving quickly to enhance privacy protections and address widespread consumer concerns about data and identity theft, unwanted communications and behavior tracking.

What is ePrivacy?

In a general context, ePrivacy includes the need for affirmative consent for all electronic communication (such as emails and texts) and the rights of data and privacy protection. It affects cookie consent (use of certain cookies must now be explicitly approved by the site visitor), and it affects confidentiality of any identifying information about the consumer.

Why is new regulation needed for ePrivacy?

With the implementation of the GDPR in May 2018, the anticipated passage of the new ePrivacy Regulation is meant to complement the GDPR to achieve uniformity across the EU in regard to consumer privacy. The regulation is an escalation from the former ePrivacy directive, with the intent of standardizing and enforcing the definition of "ePrivacy."

Previous directives were loosely enforced with inconsistent consequences for violations. Each member country was able to decide how best to reach the goals stated by the directive. Once finalized, the ePrivacy Regulation will provide a common definition with clearly stated consequences. The potential fines for violation are the same as non-compliance with GDPR: up to 20 million Euros or 4% of total global revenue.

Will the ePrivacy Regulation impact my company?

Very likely, yes. If you are currently communicating with EU natural persons (either as a data controller or data processor), your company will be held to the standards set by the pending ePrivacy Regulation and the GDPR. For every EU natural person that provides their contact information, you will need to also capture their express consent prior to sending them marketing communications.

Handle the unique ePrivacy and consent requirements with PossibleNOW's MyPreferences®

• Future-proof your communications due to ever-changing privacy regulations with MyPreferences, which was built with Privacy by Design
• Require an affirmative opt-in by the user for all electronic communications, such as email and text
• Ensure that consent for sensitive data is explicit and recorded for future reporting
• Capture cookie consent prior to placing cookies on users’ computers