DATA
E-Privacy Regulation
DATA
E-Privacy Regulation
Origin
Proposal for a regulation concerning the respect for private life and protection of personal data in e-communications 2017/0003(COD)
General overview
The e-Privacy Regulation (ePR) was originally intended to take effect alongside the GDPR in May 2018. The proposal has been subject to a lengthy negotiation process and the final text has yet to be agreed. If enacted, the ePR will replace the e-Privacy Directive 2002/58/EC (ePD) and thus the Irish implementing regulations (S.I. No. 336/2011).
The ePR aims to complement the GDPR’s general rules on personal data processing by providing specific rules governing electronic communications.
The updates under the ePR would address user confidentiality in some of the technologies which have proliferated since the ePD came into force in 2002. These include voice over IP (VoIP), web-based email and messaging services, machine-to-machine communications communications between individuals on publicly accessible networks, and new techniques for tracking an individual's online behaviour.
The proposed ePR has a broad territorial scope. The rules will apply when end-users are in the EU, even if the processing takes place outside the EU or the service provider is established or located outside the EU. In addition many ePR provisions will apply to both natural and legal persons.
Status
Interinstitutional negotiations ongoing since 2017, but stalled since 2022
No further progress reported
PROPOSED REGULATION
(in the pipeline since 2017)