ePrivacy Regulation—timeline
ePrivacy Regulation—timeline

The following Commercial guidance note provides comprehensive and up to date legal information covering:

  • ePrivacy Regulation—timeline
  • Latest position
  • Key developments

This timeline sets out key dates and information relating to the draft ePrivacy Regulation as it progresses through the EU legislative procedure. It includes consultations, discussion drafts, progress reports and opinions.

Once in force, the ePrivacy Regulation will replace Directive 2002/58/EC (the ePrivacy Directive). It covers privacy and related aspects of online communications, direct marketing, analytics, spamming and cookies. Its scope is wider than the ePrivacy Directive and it will apply to all electronic communications service providers in the EU, as well as non-EU providers providing such services to EU residents. That includes ‘over-the-top’ communications providers (such as WhatsApp or Facebook Messenger), as well as organisations providing customer wi-fi access and machine-to-machine communications.

Latest position

After years of negotiations in the Council of the EU, the draft regulation was rejected at the end of November 2019 by the Committee of Permanent Representatives (the body responsible for preparing the Council’s business).

While some progress had been made on keys areas, Member States failed to overcome differences on how the proposal fits with the GDPR, how to handle cookie walls—pop-up windows that block access to websites until a user gives consent to advertising cookies—and whether an exception should be granted to allow tech companies to scan billions of images for child sexual abuse.

Discussions continued at a slower pace in early 2020 and then stalled