In
2017, the first draft of the ePrivacy Regulation was created by the European
Commission as a part of an effort to replace the now outdated ePrivacy
Directive (2002). Although it has not yet been put in place, the ePrivacy
Regulation is already making waves amongst businesses and technology companies.
But
why?
Essentially,
the ePrivacy Regulation draft will pair with the General Data Protection
Regulation (GDPR) to apply new rules to any company that processes personal
data. Whether we’re talking about Netflix or Gmail, every company will need to
ensure that they’re in compliance with these regulations when handling customer
information. This has made some changes across the globe in the last year, and
we can expect to see more as the draft becomes permanent.
Let’s go over some of the big implications of the ePrivacy Regulation.
Every National Data Protection Authority Is Reviewing Guidelines
Dubbed
the “next big thing in data privacy,”
the ePrivacy Regulation is making many companies within the European Union (and
without) re-evaluate their consumer data guidelines, especially when it comes
to machine-to-machine communications. What many people don’t realize is that
it’s not only EU businesses that will be impacted – any business that targets
EU citizens will be subject to the new regulations. In the United States alone,
it’s estimated that more than half of the companies possess information on EU citizens
that falls under the jurisdiction of this new policy.
The
ePrivacy Regulation changes things on a global scale, not just within European
countries.
Countries around the world are taking another look at how their businesses transmit data via communications like email, text messaging, and social media platforms. The ePrivacy Regulation terms will be binding throughout the EU and enforceable by its own merit, meaning that it won’t be up to local jurisdictions when the terms are violated. This is a strong, widespread regulation, and its repercussions will be felt by governments and businesses alike.
Companies That Use Technology Are Preparing for Changes
Predominantly,
this new regulation targets OTT (over-the-top) services like Skype, WhatsApp,
Facebook Messenger, etc. The directive hopes to bind these companies under the
same confidentiality regulations as traditional telecommunications providers.
There will be new privacy controls in regards to consumer “metadata,” including
what time people make calls, where they call from, etc.
The regulation will also majorly affect how companies use information
from cookies. There are too many requests
for cookie consent on websites now, and the regulation will now
allow people to give a blanket yes or no answer to the use of cookies.
Therefore, many companies will now lack the option to use cookies if consumers
outright refuse the initial request.
Another
big change is that unsolicited communication through channels like SMS, instant
messaging, Bluetooth, and automated calling machines will be banned. Even
targeted ads on social media could be impacted, which means that the nature of digital marketing will change. If
companies want to gather detailed information from customers, they will be
better off asking for in-depth reviews. If they breach the regulations that
will be set by this new draft, they could face a penalty of €10,000,000 or more.
As a result, many companies are now preparing safer ways to gather data from consumers. Surveys and reviews are a popular source of customer data. For instance, take a look at how much information can be gathered from this review of Trustpilot.
Another great example is AirBnB. Whenever a person reviews their accommodations, they’re asked to provide a variety of information including why they traveled, whether the AirBnB met their expectations, and what kind of facilities the lodging offered. AirBnB learns a great deal about their renters and customers through a short series of questions – without having to request personal data.
The ePrivacy Regulation hopes to make the internet a more enjoyable, safe place for users to browse. As it implements regulations on how companies can (or can’t) bother them with messages and requests, more and more companies will turn to detailed reviews for their customer data. We can expect to see an influx in respectful, valid requests from companies while spam messages and pop-up queries decrease.
Some Debates Are Settling Down
When
the draft of the ePrivacy Regulation was first announced, controversy abounded.
The original proposals scared publishers and brands with widespread change and
intense barriers to data-based innovations. Now, after much lobbying, the draft
is less intense and has been mostly accepted as a move toward a friendlier,
safer internet for all.
However, the debates have not been completely silenced. The draft is still being tweaked, and some businesses continue to ask for revisions to the initial requirements. For instance, many are opposed to the browser-level do-not-track default that will be applied across the board. Additionally, some lobbyists have argued that the draft’s line on “cookie walls” should be softened.
The final results of the draft remain to be seen, but most businesses doubt that the draft will change much in the next year. The core of the draft is fairly settled. Still, minor draft changes could have big ramifications, so we can expect to see debates continue for a while yet.
It’s Scheduled to Go into Effect This Year, But Will It?
Some
sources say that the ePrivacy Regulation legislation could go into effect by
the end of the summer, but most believe that the debates and controversy will
keep revisions coming for many more months. The draft will need to first be
finalized by the EU Council, then the EU Parliament, and then the European
Commission.
There are a lot of hoops the draft still needs to jump through, so we’re not quite sure when the regulation will become permanent. Some people estimate next year, others go as far as 2021.
In Summary
Although
the ePrivacy Regulation proposal has not been firmly enacted yet, debates and
controversy highlight how impactful its reach may be someday. Artificial
intelligence, manufacturing, medical technology, and many other kinds of companies
are preparing for a big change in data innovation. Over the past year, we’ve
seen extensive lobbying and revisions to the regulation, as well as changes in
how businesses gather and store their data.
In the end, most people are in favor of an enjoyable, safe internet for all users. We may not see the draft regulation finalized for three or more years, but negotiations make it obvious that data privacy is a big topic for many industries.
