What You Need To Know About The New EPrivacy Laws


What the new ePrivacy directive means.

What to expect from the new ePrivacy directive.

The European Commission has released a new set of proposals to replace the ePrivacy Directive (Directive 2002/58/EC). The proposals seek to update the directive which deals with privacy protection and users of electronic communication services.

The proposals are aimed at increasing trust in the digital single market and aligning ePrivacy laws with the more stringent rules under the General Data Protection Regulation (GDPR) going into effect May 2018.  

The Directive is designed to harmonise the privacy regime so all individuals and businesses in the EU are subject to a unanimous high level of protection.

What to expect 

There are two key changes with the new ePrivacy Directive.

  • Certain privacy rules will extend in scope from traditional telecommunications operators to over-the-top (OTT) web services such as Facebook, imessage, WhatsApp, Viber and Gmail.
  • Cookies laws will be streamlined and simplify the overload of consent requests.

Unsolicited electronic communications

These will be banned to the extent that a user has not provided consent. The caveat being that marketers can continue using electronic details obtained on the sale of a product to notify the consumer of a similar product, if they were given the opportunity to opt out, but did not. Finally, all marketers will be obliged to display their phone number when calling.


Users will continue to be able to accept or refuse cookies tracking them. Requirements for browsers will be modified slightly. Rather than blocking cookies by default, on installment, browsers must provide consent options to select for future use.

The proposals also clarify that non-privacy intrusive cookie services that improve internet experience for example, storing shopping-cart history, do not require consent by users.

The concept of privacy by design is also introduced. This provides that each new service or business process that makes use of personal data must take the protection of such data into consideration and allow users to opt for higher or lower level of privacy.

Steps for Compliance

These new regulations haven’t been approved by the European Parliament and the European Council to date, but the industry assumes that the ePrivacy Directive will come into force at the same time as the GDPR in May 2018.

Provisions in the ePrivacy Directive indicate that penalties for breaching will be consistent with the GDPR and expose business to fines of up to €20 million or 4% of annual turnover. With that in mind, businesses should ensure they make steps toward adequate preparation for compliance.

Here are a few tips for UK businesses to get started on compliance.

  • Assess any collected information and ensure that users are notified if you’re monitoring or storing location data.
  • Amend cookie policies where necessary to provide for consent. Users must be given an option to opt out, by positive action rather than a pre-ticked box. If the user refuses, you can’t prevent them from using the website. This language derives from the GDPR which states that the ‘user must not suffer disadvantages’.
  • Users of software for electronic communications should also be given an option to prevent third parties from storing their information upon installation of the software.
  • If you’re a business that doesn’t have a physical presence in the EU, you’re still subject to the regulation and are required to appoint a representative in a member state.
  • Review your marketing practises for all business affected.

The information in this blog post is provided for general informational purposes only and may not reflect the current law in your jurisdiction. No information contained in this post should be construed as legal advice from JAG Shaw Baker or the individual author, nor is it intended to be a substitute for legal counsel on any subject.

A cookie is a small file of letters and numbers that we store on your browser or computer, phone or tablet hard drive if you agree. more information

INFORMATION ABOUT OUR USE OF COOKIES Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience and also allows us to improve our website. By continuing to browse the website, you are agreeing to our use of cookies. A cookie is a small file of letters and numbers that we store on your browser or computer, phone or tablet hard drive if you agree. We use the following cookies: • Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to return to a previous page. • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. The analytical/performance cookies are provided on our behalf by Google Inc. to aid with reporting of user behaviour, market research and improving website functionality. This user behaviour is analysed in order to improve this website. To see how this applies to Google Analytics, visit http://www.google.co.uk/intl/en/analytics/privacyoverview.html. You can stop tracking by Google Analytics by visiting https://tools.google.com/dlpage/gaoptout?hl=en-GB. COOKIE DURATION The strictly necessary session cookies are a temporary cookie which remains in the cookie file of your browser until you close the browser. The other cookies will remain in the cookie file of your browser after the closing of the browser, and will become active again when you reopen this website. The different cookies have different expiration dates. Following expiry of a cookie, a new version of that cookie will be downloaded when you next visit this website, unless you have withdrawn your consent in the meantime. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website. Contact If you have any queries regarding this cookie policy please contact us at info@jagshawbaker.com.