• news-banner

    Expert Insights

ePrivacy Update

The draft ePrivacy Regulation has been talked about for almost as long as the GDPR itself. Initially, there was even consideration of it entering into force at the same time as the GDPR (back in May 2018). Those timings have obviously slipped. There are various sticking points, but the overall issue is that any new law that looks to impact the European digital economy (a key potential source of economic growth across the block) is always going to be sensitive for Member States (and other stakeholders). As such, it is no surprise that draft remains in stalemate within the European Council (the body that comprises Member State government representatives).

By way of update on where things currently sit, on 5 January 2021, the Council of the European Union, under the 6 month Council presidency of Portugal (which lasts from 1 January 2021 until 1 July 2021, when it will pass to Slovenia) released a new, draft version of the ePrivacy Regulation – the 14th draft to date!

One key theme to address is what the text says about businesses’ ability to rely on a lawful basis other than consent in order to process electronic communications’ metadata and place cookies, or similar technologies, on end-user’s terminals (i.e. devices).

The law as it stands (under the ePrivacy Directive and implementing national legislation) is fairly restrictive, requiring the end user’s GDPR compliant consent subject to a few exemptions (generally where the activity is strictly necessary) in order to place a cookie. By way of reminder, this is why we see so many cookie banners on websites these days!

Various drafts of the ePrivacy Regulation since 2017 have gone backwards and forwards loosening or tightening these restrictions. Critics of the consent approach have long argued that the mechanism does not achieve its aim of protecting the privacy of individuals and instead creates frustration and ‘consent fatigue’ amongst individuals. They maintain that other lawful bases should also be made valid.

An earlier draft of the regulation had inserted legitimate interest as a lawful basis to process data, however, this was largely withdrawn during the recent German presidency (which lasted from 1 July 2020 until 1 December 2020) and remains absent from this draft. The current draft does, however, introduce the prospect of relying on the lawful basis of “performance of a contract”.

There are various other amendments which will be considered in detail by the Council over the next 6 months, although it is too early to tell whether this draft will be any more likely to secure the support of the other Members States. Of course, it remains a further open question as to whether the UK would seek to mirror the ePrivacy Regulation under UK law post-Brexit, or whether this will be one of the first areas where we see real divergence.

We will keep you posted.

Our thinking

  • Doing business in the UAE & Israel

    William Reichert

    Events

  • Charles Russell Speechlys expands commercial offering with the appointment of Rebecca Steer

    Rebecca Steer

    News

  • The Times quotes Gareth Mills on the CMA’s preliminary approval of the Activision Blizzard-Microsoft deal

    Gareth Mills

    In the Press

  • City AM quotes Gareth Mills on the CMA’s new set of principles for regulating AI

    Gareth Mills

    In the Press

  • Silicon quotes Gareth Mills on the UK consumer lawsuit against Google

    Gareth Mills

    In the Press

  • Bloomberg and The Washington Post quote Richard Davies on multiclub ownership in world sports

    Richard Davies

    In the Press

  • Product compliance and Brexit - UK Government concedes to CE markings indefinite recognition

    Jamie Cartwright

    Quick Reads

  • UAE and the Grey List: Brief Update

    Karl Masi

    Insights

  • A Summer of Sport - Top 5 Legal Considerations

    Anna Sowerby

    Insights

  • Has the Orpéa plan impaired shareholder's consent? - Le plan de sauvegarde d'Orpéa n'a-t-il pas vicié le consentement des actionnaires historiques ?

    Dimitri-André Sonier

    Quick Reads

  • The Express quotes Gareth Mills on the CMA’s report on competition in the groceries sector

    Gareth Mills

    In the Press

  • Reuters quotes Gareth Mills on the CMA’s deadline extension of the Microsoft Activision Blizzard deal

    Gareth Mills

    In the Press

  • Will the downturn in the Paris region property market lead property companies to turn to ad hoc proceedings, as they did in the 1990s?

    Dimitri-André Sonier

    Quick Reads

  • Les défaillances en France proches de leur niveau de 2019 - French insolvencies close to 2019 levels

    Dimitri-André Sonier

    Quick Reads

  • Law.com International quotes Simon Ridpath on the use of AI in the legal sector

    Simon Ridpath

    In the Press

  • Casino Group: An agreement with investors and debt holders is expected at the end of July

    Dimitri-André Sonier

    Quick Reads

  • Raconteur quotes Caroline Swain on misleading pricing practices

    Caroline Swain

    In the Press

  • DIAC Issues First Annual Report

    Georgia Fullarton

    Quick Reads

  • PE Hub quotes Richard Davies on private equity interest in football and sports

    Richard Davies

    In the Press

  • Payment Expert quotes Janine Regan on the record £1bn fine against Meta over EU data protection violations

    Janine Regan

    In the Press

  • The Guardian quotes Gareth Mills on Microsoft lodging an appeal against the CMA’s decision to block its Activision Blizzard deal

    Gareth Mills

    In the Press

  • The Times quotes Gareth Mills on the EU’s approval of the Microsoft-Activision deal

    Gareth Mills

    In the Press

  • One year on: "Influencer Culture: lights, camera, inaction" remains astonishingly accurate

    Caroline Swain

    Quick Reads

  • UKTN quotes Gareth Mills on the CMA's review of the UK AI market

    Gareth Mills

    In the Press

  • Saudi Center for Commercial Arbitration publishes new Arbitration Rules

    Peter Smith

    Quick Reads

  • The Financial Times quotes Nick White on risks to content creators promoting counterfeits

    Nick White

    In the Press

  • The Daily Telegraph quotes Nick White on AI and 'workplace displacement'

    Nick White

    In the Press

  • Charles Russell Speechlys achieves record success in The Legal 500 2023 EMEA directory

    Patrick Gearon FCIArb

    News

  • WhatsAppGate - Should businesses be reviewing their social media policies?

    Anna Rogers

    Quick Reads

  • Missed deadline for registering on the overseas entity register

    Sarah Morley

    Quick Reads

  • Dubai announces its plan to streamline the enforcement of civil judgments and arbitral awards

    Peter Smith

    Quick Reads

  • Sign of the times - the British record football transfer which very nearly didn't happen

    Pei Li Kew

    Quick Reads

  • No love (island) lost for the #muffboss – #ad is great but don’t forget the other ad rules

    Caroline Swain

    Quick Reads

  • Is it really against the law to share your Netflix password?

    Quick Reads

  • Commercial service charges: "pay now, argue later"!

    Samuel Lear

    Quick Reads

  • Omnichannel innovation essential in the face of outlet decline

    Caroline Swain

    Quick Reads

  • Brand owners now required to police influencers

    Katie Bewick

    Quick Reads

  • Ten Years Since The 2012 Saudi Arbitration Law: Where Are We Now?

    Peter Smith

    Quick Reads

  • Strike a Pose - Usain Bolt files legendary victory celebration as a trademark

    Henry Cuthbert

    Quick Reads

  • ITV takes the plunge and “couples up” with Ebay to dress love island contestants in pre-loved clothing

    Natalie Batra

    Quick Reads

Back to top