ePrivacy Regulation Q&A: everything you need to know

What is the ePrivacy Regulation?

The ePrivacy Regulation, or ePR, is a proposal by the European Union designed to impose greater regulation on the use of electronic communications for member states. It is designed to provide greater control and privacy to individuals and entities, as well as make it clearer for businesses working within the EU.

How does the ePrivacy Regulation differ from the General Data Protection Regulation (GDPR)?

The GDPR is a general rule for how companies should handle an individual’s personal data, including how it is stored and for how long, be that online or offline information.

ePrivacy Regulation is more specific, as its primary role is to govern the way in which personal data is handled with regards to electronic communications.

You can find out more in our article: GDPR vs. ePrivacy Regulation: what’s the difference?

When does the ePrivacy Regulation come into force?

You tell me. As with many laws originating from the EU, this one has been in the works for some time. The topic was originally broached in April 2016, and was meant to come into force on 25 May 2018, the same day as the GDPR.

In November 2019, member states again failed to reach an agreement on the terms for the new regulation. The regulation is now expected to go live in late 2020, although there is a strong likelihood that this timeframe will also be missed.

However, reports by IT Governance suggest that the regulations may not go live until 2022.

Does the ePrivacy Regulation overrule GDPR?

In a word: Yes.

The ePrivacy Regulation exists to complement the GDPR, but should there be a conflict, the ePrivacy Regulation will be lex specialis. In other words, the ePR trumps the GDPR.

Will the need to comply be affected by Brexit?

No. At least not as it stands.

The current terms of the UK’s future relationship will be worked out during the current transition period. Unless things change, you will need to comply with the ePrivacy Regulation.

Does the ePrivacy Regulation apply to businesses outside of the EU?

Yes and no.

If you do business with a company-based in the EU, then you will need to comply with the ePrivacy Regulation.

If you are based outside of the EU and are doing business with a fellow company outside of the EU, then ePrivacy Regulation does not apply.

Not got the answer you were looking for?

Don't worry, we are not done. We will be answering more questions and adding them here. To get the answers first, sign up for our dedicated ePrivacy Regulation alerts below.

If you have a question you want answered on ePR, tweet us @themarketingeye using the hashtag #ePRquestion

Subscribe to updates on the ePrivacy Regulation