What is the ePrivacy Regulation?
The ePrivacy Regulation is a law currently being constructed by the EU Commission. The ePrivacy Regulation complements the GDPR with a heavier focus on personal privacy, personal data, and confidentiality, specifically in electronic communication. Once applied, the ePrivacy Regulation will replace the 2002 ePrivacy Directive, also known as the Cookie Law. The EU cookie law, or ePrivacy Directive, is an older legal act, passed in 2002 and updated in 2009, which deals mainly with cookies, data retention, and unsolicited e-mailing.
- Scan your website to detect and categorize cookies and other tracking technologies on your website.
- Customize a cookie banner and preference center to provide visitors with the ability to provide consent to cookies.
- Generate a detailed list of cookies, categories, and descriptions in dynamic cookie list.
- Automate the intake and fulfillment of data subject requests.
Who will the ePrivacy Regulation Affect?
The territorial scope of the ePrivacy Regulation will apply to any business that provides any form of online communication service, uses online tracking technologies, or engages in online electronic marketing. Penalties for noncompliance can be up to €20 million.
From the latest draft, here's a list of of requirements:
Inform and allow visitors to opt-out of the collection of their personal data when they visit your website.
- Scan your website to identify and categorize cookies and tracking technologies on your website
Providers of electronic communications services should allow users to access their held data and establish an internal workflow to respond to requests.
Intake and fulfill data subject requests for personal information access requests:
- Build a GDPR-specific request intake web form linked directly from your company’s website
- Centralize all subject access requests into a single queue
- Define an automated triage workflow for fulfilling requests