Are you ready for the new ePrivacy Regulation?

Finland is ready to get a final agreement for the ePrivacy Regulation before year’s end. The new regulation will have a hard impact on publishers and the advertising industry. Are you ready for ePrivacy?
Table of Contents

ePrivacy is on its way

There have been a lot of conflicting opinions among EU member states since the European Commission presented its plans to turn the ePrivacy Directive into European law.
Continuous internal disagreement and trade lobbyism appear to have stalled the plans for publication completely.
However, now the Finnish Justice Ministry told The Privacy Advisor that they are looking to find an agreement between the member states before the end of this year, IAPP reports. The European Commission and the European Parliament can begin finalizing a text with an agreement in hand.
But senior counsel at Future of Privacy Forum Gabriela Zanfir-Fortuna expects rough sailing when the actual negotiations between the parties begin.
Especially issues on permitted uses of cookies and cookie walls may trigger delays and the fact that hard lobbyism is trying to alter aspects of the ePrivacy Regulation in favor of the advertising industry.
A new iteration of the ePrivacy text is expected to be ready for the next meeting of the Working Party on Telecommunications and Information Society on November 7.

The ePrivacy Regulation – stricter requirements for the use of cookies

The Regulation will introduce stricter requirements for what is and is not confidential in electronic communications and what defines tracking of internet users.
According to the latest drafts of the Regulation, the ePrivacy Regulation will:
  • Not allow pre-ticked consent boxes for cookies.
  • Require that users can opt-out of cookies.
  • Prohibit cookie walls (no data-no access model).
Especially the last argument could be a huge issue for the advertising industry as it will be harder for websites and bureaus to generate revenue through behavioral advertising, which relies on cookie data.

The ePrivacy Regulation

The new ePrivacy Regulation will repeal and replace the EU’s present ePrivacy Directive (2002/58/EC). The new provisions will cover electronic communication networks; data stored in or sent from end users’ equipment such as computers, smartphones, and tablets (including cookies, device IDs, and other identification software); and methods used to contact customers over electronic-communication networks for direct marketing purposes.

ePrivacy may disrupt the online advertising industry

It does not come as a surprise that the ePrivacy Regulation will disrupt online and advertising businesses’ use of cookies and tracking technologies.
Therefore, the forthcoming Regulation has naturally alarmed the industry. According to a McKinsey report, since the birth of the GDPR has seen a ten percent cut in revenue.
On October 18, the European Publishers Council, together with nine other European publishers and advertising bodies, directed a plea to the European council arguing that:
“The ePrivacy Regulation puts the future financial viability of independent, advertising-funded media at risk”.
The risk is well-defined as, under the current ePrivacy law proposals, publishers and any site owners would need explicit consent to use any form of a cookie.

Planet49 ruling by the EU Court of Justice

A recent ruling by the European Court of Justice (CJEU) may prove a hardline against tracking with cookies.
In the case against the German lottery website Planet49, the CJEU ruled that users must actively choose to let companies store cookies in their browsers. Websites may not assume users want cookies by default. Pre-ticked boxes may therefore be a thing of the past.
Moreover, the Court also clarified that ePrivacy would protect both personal and non-personal data in order to fully protect users’ private spheres and to avoid any misunderstandings of what personal data is.
Many experts believe the ruling provides legal certainty, which will boost the legislative efforts to adopt the ePrivacy Regulation, IAPP reports.
Is your website ready for the ePrivacy Regulation?
We will only know for sure how strict the ePrivacy Regulation will be on collecting consent for cookies when it finally arrives.
In the meantime, we adhere to the ePrivacy Directive for using cookies and the GDPR for collecting and processing personal information (with cookies).
Are you in doubt whether your current cookie consent solution complies with the ePrivacy Directive and the GDPR?
We can provide you with a free and professional assessment of your cookie solution. Request a compliance check below!