Search This Blog

Friday, 18 May 2018

Had Enough of GDPR? Then Try The ePrivacy Regulation!

My radio silence of late has been mainly due to reviewing a flurry of privacy policies and data sharing agreements in anticipation of the General Data Protection Regulation taking effect on 25 May 2018 ("GDPR Day"). But the noose is tightening further on the data hungry social network services with additional regulations to cover e-communications and the data on your device, regardless of whether it's personal or non-personal.

As the European Commission has recently explained in a handy "factsheet", the Regulation on Privacy and Electronic Communications ("ePrivacy Regulation") is also wending its way through the EU legislative process (latest text here). 

This will extend current ePrivacy rules to cover not only cover traditional telecoms providers but also internet-based voice and messaging services, such as Skype, WhatsApp, Facebook Messenger, Gmail, iMessage and Viber. 

The new regulation covers electronic communications and the integrity of the information on your device, regardless of whether it's personal data or non-personal data. It creates a right to the privacy and confidentiality of communications, and dictates that mobile apps or internet services through which you communicate cannot intercept, record, listen into, or tap in your communications. 

Meanwhile, the GDPR covers all personal data independently of how it is transmitted and defines rights for personal data protection.  So there is overlap with the ePrivacy Regulation. 

This means when communications include personal data, the general rules of the GDPR apply, unless the ePrivacy Regulation lays down more specific rules.