Support Centre

You have out of 10 free articles left for the week

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

EU: Council agrees position on ePrivacy Regulation, final text to be agreed with Parliament

The Council of the European Union announced, on 10 February 2021, that its Member States had agreed on a negotiating mandate for the revised rules on the protection of protection of privacy and confidentiality in the use of electronic communications services. In particular, the Council noted that further to this agreement, the Portuguese Presidency of the Council will commence negotiations with the European Parliament on the final text of the Regulation concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications and Repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), which will repeal the Directive on Privacy and Electronic Communications (2002/58/EC) (as amended). More specifically, the Council outlined that, under its mandate, the ePrivacy Regulation will cover electronic communications content and related metadata transmitted via publicly available services and networks, as well as ensure secure use of the Internet of Things.

In addition, the Council highlighted the rules applicable to cookies, noting in particular that the end-user should have a genuine choice on whether to accept cookies or similar identifiers, as well as be able to give consent to the use of certain cookie types by whitelisting certain providers in their browser settings. Moreover, the Council noted that the processing of electronic communications data without the users' consent may be permitted in cases where the aim of the processing is to, among other things, ensure the integrity of communications services and check for the presence of malware or viruses. Furthermore, the Council stated that the final text of the ePrivacy Regulation includes specific rules on online identification and public directories, as well as unsolicited and direct marketing. Lastly, the Council recalled that the final text would enter into force 20 days after its publication in the EU Official Journal, and would start to apply two years later.  

You can read the press release here and the agreed text here.