ePrivacy Regulation

The so-called ePrivacy Regulation (Regulation on privacy and electronic communications) is currently still in the legislative process and was originally intended to enter into force together with the Basic Data Protection Regulation (GDPR).

The purpose of this regulation is to supplement the GDPR and, above all, to replace the ePrivacy Directive adopted in 2002 and the so-called "Cookie Directive" of 2009.

New special law

The new ePrivacy Regulation represents a special law (lex specialis) on the general GDPR, which is intended to supplement and clarify it, particularly in the field of electronic communications.

 

The ePrivacy Regulation is thus intended to replace the German regulations on data protection in the Telemedia Act (TMG), the Telecommunications Act (TKG) and the regulations on advertising in the Unfair Competition Act (UWG).

Operators of web­sites also affected

Although the regulation is primarily aimed at providers of electronic (online) communication services such as Skype or WhatsApp, it will also affect operators of websites, e-mail services and WiFi hotspots.

 

This is because the Regulation also contains provisions on the security of communication services and the tracking of user activities, including cookies.

Entry into force delayed

Although the EU Commission published the first draft of the ePrivacy Regulation in January 2017, the legislative process has not yet been completed.

 

When the regulation will finally be adopted is still uncertain, as there is still no concrete deadline. The trilogue negotiations (EU Commission, EU Parliament and the Council of the European Union must agree on a final version) were originally supposed to start at the beginning of 2019, but in the meantime a new draft under the Austrian Presidency has led to a new need for discussion and thus to further delays.

Conclusion

Due to the far-reaching and potentially incisive regulations of the ePrivacy Regulation in all areas of electronic communications and online activities, it is advisable to remain at the current stage of the legislative process in order to identify the need for change within its own company at an early stage.

 

Contact us!

Contact

Lawyer Norbert Geyer

 

Specialized IT lawyer

Data protection officer

 

Norbert.Geyer@rdp-law.de