what is privacy in e commerce

Cookies | Seers Article

The implementation of the GDPR ePrivacy Regulation with the pain and vexation leading up to the dreaded day reached hysteria levels. And, also an overwhelming expectancy of doom and gloom to businesses. Business leaders did one of two things, buried their heads in the sand with the hope that the regulation would sail over them leaving them unscathed, or they took action, updated their organisational policies and procedures, hired a DPO, and tightened their internet security, remaining proactive, formulating a plan and sticking to it. Both camp leaders might think that the time has now come to relax and sit back, surely, GDPR has sailed, and the future is looking rosy again. How wrong could they be?

Charging down that runway soon after GDPR take-off is the ePrivacy Regulation chasing on the GDPR wheels for even stricter compliance in 2019. The ePrivacy Regulation aims to protect the privacy and confidentiality of communications.

ePrivacy as an Extension to the GDPR

Initially, the ePrivacy Regulation intended to act as an extension to the GDPR, and the two would run simultaneously, but the ePrivacy Regulations and the extra rules and complications involved in its formulation have required some tweaking, and the updating and gathering of extra privacy-related add-ons to go into this particular chapter of the privacy compliance rulebook.

Role of ePrivacy in Communication Data

The starring role of the ePrivacy Regulation is communication data. It covers every aspect of communication, from WhatsApp, Cookies, Skype to Alexa. It does it so by gathering explicit consent and transparency about how businesses use this data. The EU ePrivacy 2019 is a new addendum to the rulebook. It is an ever-growing movement towards giving greater powers to consumers on the handling of their online privacy and data.

The first concept of the ePrivacy Regulation came in 2002, along with the birth of the ePrivacy Directive. The ePrivacy Regulation 2019 will repeal the earlier ePrivacy Directive of 2002. The ePrivacy Directive came about initially as a reaction to internet browsing cookies, its pseudonym being the “cookie law”. It had developed since its inception 14 years ago, naturally in line with technology. Back in 2002, nobody envisaged how technology would change the way we communicate; today iPhones are standard with landlines becoming extinct. The evolution in technology and data-driven business is alarming to many privacy activists. And obviously, privacy rules have to come into play to protect the incredible bulk of personal information gathered on consumers.

The EU ePrivacy Regulation 2019 combined with the GDPR incorporates a multidisciplinary approach to privacy. It will enhance the privileges enshrined in the European Charter of Human Rights, in particular, Article 7 and the correlation with the Charter’s respect for privacy with regulation. The EU ePrivacy Regulation demands specific requirements for consent, the use of cookies and opt-in/opt-out preferences for internet users and online consumers. Article 8 of the Charter relates to the right to data protection as implemented by the GDPR. Hence, the side-by-side nature of the GDPR and the EU ePrivacy Regulations in going the extra mile in protecting data and privacy. You can conduct the PECR audit for your website.

The issue for businesses is that 2019 is going to be another headache. After GDPR, the ePrivacy Regulation 2019 has brought a list of new rules to set out for the sake of electronic communication data protection. The regulation will apply in particular to all aspects of marketing concerning ePrivacy cookies, instant messaging apps and any interacting through the Internet of Things. The ePrivacy Regulation will only harm organisations (and inadvertently individuals) if they choose to ignore or fail to invest in the necessary compliance requirements.

eprHard facts include the cessation of all cold calling, whether this is by phone, email or text. The trend of unsolicited digital communication is going to over. Similarly, marketers will have to make sure about this message from the EU concerning EU ePrivacy. Explicit consent and transparent online privacy policies will be all-encompassing for most businesses. It may appear more of a challenge than it needs to be, as those companies already in the proactive camp will have in place measures to ensure GDPR compliance, the ePrivacy Regulation is merely an extension of this to apply to communications.

In the same vein, where GDPR has enhanced the trust aspect between a compliant company and its customers, the ePrivacy Regulations need embracing. Proactive companies, and marketers in particular, who ensure they show transparency about the consumer data they collect or track will surely gain the trust of their customers.

Areas for more stringent restrictions are those concerning Cookies. Cookies are fundamental for marketing companies who driven explicitly by display advertising, retargeting and paid search campaigns. As they provide invaluable information on what products consumers are looking at and buying cookie-based advertising accounts for 43% of marketers with this figure likely to drop due to the EU’s ePrivacy cookies restrictions. Ultimately, the ePrivacy Regulations work to give individuals more choice as to specific cookie preferences through the requirement for consent.

The digital era has impacted profoundly on how people communicate with each other. Statistics show that communicating via app-based software such as Facebook Messenger and WhatsApp has increased dramatically over the past five years. The EU via the ePrivacy Regulation will put the same stringent requirements and standards of care as that placed upon the giant telecommunication providers. As a result, any data collected via these apps including telephone numbers, location information, IP addresses, require the exact level of protection as afforded by the conglomerates, including obtaining consent to retain data no longer needed. Without consent, data is deleted or anonymized.

Technological advances are on the rise with AI machine learning and communications collecting, storing and sharing valuable information. Therefore, it is crucial to ensure the safekeeping of that data and ensure compliance with regulations.

The multidisciplinary approach imposed by the European ePrivacy Regulations will greatly address the growing risks of cybercrime. The regulations say that organisations must ensure their systems are secure, utilizing preventative and detective diligence. Thereby, they build trust with their users and set a benchmark and a competitive advantage.

Businesses who have not already done so should immediately implement an internal ePrivacy compliant Communications Policy. They must also include ongoing monitoring to improve internal functions. And also processes to ensure enhanced legal compliance with the EU ePrivacy Regulation. The policy should include actionable procedures across the board in the event of a cyber attack.

There are considerable benefits in data analysis, data collection and data sharing. Data is gold to marketers. GDPR and ePrivacy Regulations are the brakes to prevent the careless and illegal treatment of this precious resource. Compliance may appear elusive. But, burying one’s head in the sand will only damage an organisation, both its reputation and its finances. However, the real danger is risking the privacy of individuals, which every organisation will avoid.

Listen to Article

Tags: , , , , , , , , , , , , , , , , , ,