The first concept of the ePrivacy Regulation was in 2002 with the birth of the ePrivacy Directive. The ePrivacy Regulation 2019 and will repeal the earlier ePrivacy Directive of 2002. The ePrivacy Directive came about initially as a reaction to internet browsing cookies, its pseudonym being the “cookie law”. It had developed since its inception 14 years ago, naturally in line with technology. Back in 2002, nobody envisaged how technology would change the way we communicate; today iPhones are standard with landlines becoming extinct. The evolution in technology and data-driven business is alarming to many privacy activists, and obviously, privacy rules have to come into play to protect the incredible bulk of personal information gathered on consumers, including location data, relationships, and interests.
The issue for businesses is that 2019 is going to be another headache. After just getting over the shock of the GDPR, the ePrivacy Regulation 2019 sets out an entirely new list of rules on the safeguarding of electronic communication data. The regulation will apply in particular to all aspects of marketing concerning ePrivacy cookies, instant messaging apps and any interacting through the Internet of Things. The ePrivacy Regulation will only harm organisations (and inadvertently individuals) if they choose to ignore or fail to invest in the necessary compliance requirements.
Hard facts include the cessation of all cold calling, whether this is by phone, email or text. The era of unsolicited digital communication will soon be over, and marketers will need to ensure they take on board this clear message from the EU concerning EU ePrivacy. Explicit consent and transparent online privacy policies will be all-encompassing for most businesses. It may appear more of a challenge than it needs to be, as those companies already in the proactive camp will have in place measures to ensure GDPR compliance, the ePrivacy Regulation is merely an extension of this to apply to communications.
In the same vein, where GDPR has enhanced the trust aspect between a compliant company and their customers, the ePrivacy Regulations need embracing. Proactive companies, and marketers in particular, who ensure they show transparency about the consumer data they collect or track will surely gain the trust of their customers.
Areas for more stringent restrictions are those concerning Cookies. Cookies are fundamental for marketing companies who driven explicitly by display advertising, retargeting and paid search campaigns. As they provide invaluable information on what products consumers are looking at and buying cookie-based advertising accounts for 43% of marketers with this figure likely to drop due to the EU’s ePrivacy cookies restrictions. Ultimately, the ePrivacy Regulations work to give individuals more choice as to specific cookie preferences through the requirement for consent.
The digital era has impacted profoundly on how people communicate with each other. Statistics show that communicating via app-based software such as Facebook Messenger and WhatsApp has increased dramatically over the past five years. The EU via the ePrivacy Regulation will put the same stringent requirements and standards of care as that placed upon the giant telecommunication providers. As a result, any data collected via these apps including telephone numbers, location information, IP addresses, require the exact level of protection as afforded by the conglomerates, including obtaining consent to retain data no longer needed. Without consent, data is deleted or anonymised.
Technological advances are on the rise with AI machine learning and communications collecting, storing and sharing valuable information. Therefore, it is crucial to ensure the safekeeping of that data and ensure compliance with regulations.
The multidisciplinary approach imposed by the European ePrivacy Regulations will do a great deal to address the growing risks of cybercrime. The regulations impose an obligation upon organisations to go that extra mile to ensure their systems are secure, utilising preventative and detective diligence when it comes to security measures thereby creating trust with their users and setting a benchmark and a competitive advantage.
Businesses who have not already done so should immediately implement an internal ePrivacy compliant Communications Policy, including ongoing monitoring to improve internal functions and processes to ensure enhanced legal compliance with the EU ePrivacy Regulation. The policy should include actionable procedures across the board in the event of a cyber attack.
There are considerable benefits in data analysis, data collection and data sharing. Data is gold to marketers. GDPR and ePrivacy Regulations are the brakes to prevent careless and illegal treatment of this precious resource. Compliance may appear elusive, but burying one’s head in the sand will only damage an organisation, both its reputation and its finances. However, the real danger is risking the privacy of individuals and not a situation any organisation should be willing to take.