ePrivacy Regulation: concern over lack of focus on data & marketing

Filter By

Show All

Connect to


ePrivacy Regulation: growing concern over the lack of focus on data and marketing


The Austrian Presidency has published the latest ePrivacy Regulation text.

The DMA has been pressing the UK Government to ensure that the EU Council dedicate enough time to data and marketing during discussions over the proposed ePrivacy Regulation.

The Council has been making slow but positive progress with most of their suggested amendments being positive for the marketing sector.

The latest text has followed this trend. While it has suggested amendments that improve the situation for businesses, many substantive issues have not been addressed. Chief among them is the requirement for B2B marketers to gain a GDPR level consent in order to contact prospects over electronic marketing channels.

The DMA will continue to speak with Government and ensure that direct marketing is the focus of future discussions.

But what does the latest text change?

  • The original text required organisations to remind people at least every 6 months that they could withdraw their consent. The Council have proposed to make it 12 months. It is standard practice for marketers to offer an opt-out or unsubscribe link in their marketing but the change does give marketers more flexibility.
  • A concern for the DMA had been the imposition of a time limit on the existing customer soft opt-in. This time limit was arbitrary and whether it was 6 or 12 months did not take account of the product lifecycle or individual context. For example, car insurance is bought on a yearly basis, which means an insurance broker may wait longer before marketing to an existing customer. Perhaps waiting until their renewal date is coming up. The new text allows member states to decide whether they want to have a time limit or not. It is a positive move that it will not be a requirement but devolving to member states does mean businesses may have to deal with varying rules around the EU.
  • A huge concern for the telemarketing community was the notion of direct marketing code or prefix. Essentially, all telemarketing calls would be required to display a number that would identify the call as a direct marketing call to consumers. Combine this with call blocking technology and many calls would simply be blocked by consumers. A potentially disastrous outcome for the UK in terms of jobs as 100,000’s of people work in contact centres. The new text would allow member states to decide whether to implement this measure or not. Derogating to members is a sign that the Council has struggled to reach a consensus on this issue but it is a positive move from the point of view of UK telemarketers.
  • Amendments to recital 20 would mean that a website owner could restrict access to content subject to someone giving consent to cookies. The new wording states: “Making access to the website content provided without direct monetary payment conditional to the consent of the end user to the storage and reading of cookies for additional purposes would normally not be considered disproportionate” This is a positive move for the data and marketing sector and would hand greater flexibility to online content providers. However, it will need to be clarified how this new rule would interact with GDPR and its strict consent definition.

In summary, these amendments largely give organisations greater flexibility and devolve more power to member states. Overall, this is positive for the UK as the original text would severely hamper marketers and their ability to communicate with consumers.

There is a risk that with more power being devolved to member states that businesses end up dealing with a patchwork of different regulations throughout the EU. This would fly in the face of one of the key justifications for the ePrivacy Regulation, to harmonise rules throughout the EU.

The DMA will continue to work with the Government and our counterparts in the EU to achieve an ePrivacy Regulation that strikes the right balance between the data protection rights of consumers and the legitimate interests of businesses all over the UK.

Hear more from the DMA

Please login to comment.