It is fair to say the European data protection and privacy framework is currently undergoing a full overhaul.
The European General Data Protection Regulation (“GDPR“) and the current proposed reforms to the e-privacy regime have been firmly in the spotlight – with both initiatives supporting the European Commission’s Digital Single Market Strategy for “reinforcing trust and security in digital services and in the handling of personal data”.
The GDPR entered into force on 25 May 2016, with a two year implementation period before it applies from 25 May 2018. However, the scrutiny and debate is set to continue, with the Commission’s long awaited first draft of the ePrivacy Regulation (the “Draft Regulation”) published earlier this year. The Draft Regulation is expected to replace the existing Privacy and Electronic Communications Directive (the “ePrivacy Directive“) – focusing on the processing of personal data and protection of privacy in electronic communications (compared with the more general application of the GDPR to the processing of personal data). Among other areas, it covers direct marketing, cookies and other forms of online tracking.
Click here for the full briefing.