Beyond GDPR: A First Look at the New EU ePrivacy Regulation

Forthcoming ePrivacy Regulation, hot on the heels of GDPR, means companies have even more to think about as they manage people’s digital information. The good news is that a flexible, systematic, and centralised platform for managing data allows companies to comply with both, says Consentric’s Karen Watson

The dust has barely settled on the EU’s General Data Protection Regulation (GDPR), with many companies still perfecting their plans for managing this, and already a further-reaching EU data privacy shake-up is looming. A substantially updated EU ePrivacy Regulation (ePR) is expected to hit the market in 2019.

The new Regulation on Privacy and Electronic Communications, part of the EU’s digital single market strategy, is designed to shore up privacy across all forms of electronic communications – from online messaging, phone and conferencing apps to devices connected over the Internet of Things (IoT).

The good news is that those organisations that opted for a flexible, systematic, and centralised approach to managing data for GDPR compliance need not start again. They should be able to absorb the latest developments within the same stream of work.

ePrivacy’s remit

So how does ePR fit with GDPR? Whereas the latter is concerned with people’s personal data, the new ePrivacy Regulation, proposed in January 2017 and now navigating the EU legislative process, safeguards the confidentiality of any data involved in electronic communications – and the devices it came from. It will protect the integrity of information, even if this isn’t personal data, ensuring that communications-based mobile apps or internet services, such as Skype, WhatsApp and iMessage, cannot be tapped into or recorded – certainly not without explicit permission from the individuals concerned.

Discover More