How ePrivacy Regulation Has Changed Things Over the Past Year
July 9, 2019 –
In 2017, the first draft of the ePrivacy Regulation was created by the European Commission as a part of an effort to replace the now outdated ePrivacy Directive (2002). Although it has not yet been put in place, the ePrivacy Regulation is already making waves amongst businesses and technology companies.
Essentially, the ePrivacy Regulation draft will pair with the General Data Protection Regulation (GDPR) to apply new rules to any company that processes personal data. Whether we’re talking about Netflix or Gmail, every company will need to ensure that they’re in compliance with these regulations when handling customer information. This has made some changes across the globe in the last year, and we can expect to see more as the draft becomes permanent.
Let’s go over some of the big implications of the ePrivacy Regulation.
Every National Data Protection Authority Is Reviewing Guidelines
Dubbed the “next big thing in data privacy,” the ePrivacy Regulation is making many companies within the European Union (and without) re-evaluate their consumer data guidelines, especially when it comes to machine-to-machine communications. What many people don’t realize is that it’s not only EU businesses that will be impacted – any business that targets EU citizens will be subject to the new regulations. In the United States alone, it’s estimated that more than half of the companies possess information on EU citizens that falls under the jurisdiction of this new policy.
The ePrivacy Regulation changes things on a global scale, not just within European countries.
Countries around the world are taking another look at how their businesses transmit data via communications like email, text messaging, and social media platforms. The ePrivacy Regulation terms will be binding throughout the EU and enforceable by its own merit, meaning that it won’t be up to local jurisdictions when the terms are violated. This is a strong, widespread regulation, and its repercussions will be felt by governments and businesses alike.
Companies That Use Technology Are Preparing for Changes
Predominantly, this new regulation targets OTT (over-the-top) services like Skype, WhatsApp, Facebook Messenger, etc. The directive hopes to bind these companies under the same confidentiality regulations as traditional telecommunications providers. There will be new privacy controls in regards to consumer “metadata,” including what time people make calls, where they call from, etc.
Another big change is that unsolicited communication through channels like SMS, instant messaging, Bluetooth, and automated calling machines will be banned. Even targeted ads on social media could be impacted, which means that the nature of digital marketing will change. If companies want to gather detailed information from customers, they will be better off asking for in-depth reviews. If they breach the regulations that will be set by this new draft, they could face a penalty of €10,000,000 or more.
As a result, many companies are now preparing safer ways to gather data from consumers. Surveys and reviews are a popular source of customer data. For instance, take a look at how much information can be gathered from this review of Trustpilot.
Another great example is AirBnB. Whenever a person reviews their accommodations, they’re asked to provide a variety of information including why they traveled, whether the AirBnB met their expectations, and what kind of facilities the lodging offered. AirBnB learns a great deal about their renters and customers through a short series of questions – without having to request personal data.
The ePrivacy Regulation hopes to make the internet a more enjoyable, safe place for users to browse. As it implements regulations on how companies can (or can’t) bother them with messages and requests, more and more companies will turn to detailed reviews for their customer data. We can expect to see an influx in respectful, valid requests from companies while spam messages and pop-up queries decrease.
Some Debates Are Settling Down
When the draft of the ePrivacy Regulation was first announced, controversy abounded. The original proposals scared publishers and brands with widespread change and intense barriers to data-based innovations. Now, after much lobbying, the draft is less intense and has been mostly accepted as a move toward a friendlier, safer internet for all.
However, the debates have not been completely silenced. The draft is still being tweaked, and some businesses continue to ask for revisions to the initial requirements. For instance, many are opposed to the browser-level do-not-track default that will be applied across the board. Additionally, some lobbyists have argued that the draft’s line on “cookie walls” should be softened.
The final results of the draft remain to be seen, but most businesses doubt that the draft will change much in the next year. The core of the draft is fairly settled. Still, minor draft changes could have big ramifications, so we can expect to see debates continue for a while yet.
It’s Scheduled to Go into Effect This Year, But Will It?
Some sources say that the ePrivacy Regulation legislation could go into effect by the end of the summer, but most believe that the debates and controversy will keep revisions coming for many more months. The draft will need to first be finalized by the EU Council, then the EU Parliament, and then the European Commission.
There are a lot of hoops the draft still needs to jump through, so we’re not quite sure when the regulation will become permanent. Some people estimate next year, others go as far as 2021.
Although the ePrivacy Regulation proposal has not been firmly enacted yet, debates and controversy highlight how impactful its reach may be someday. Artificial intelligence, manufacturing, medical technology, and many other kinds of companies are preparing for a big change in data innovation. Over the past year, we’ve seen extensive lobbying and revisions to the regulation, as well as changes in how businesses gather and store their data.
In the end, most people are in favor of an enjoyable, safe internet for all users. We may not see the draft regulation finalized for three or more years, but negotiations make it obvious that data privacy is a big topic for many industries.