EU ePrivacy Official Texts

ePrivacy Directive (ePD) [2009]

Member States shall ensure that the use of electronic communications networks to store information or to gain access to information stored in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned is provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing, and is offered the right to refuse such processing by the data controller. This shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or as strictly necessary in order to provide an information society service explicitly requested by the subscriber or user.

Article 5.3 of ePD

Member State Implementations of the ePD

ePrivacy Regulation (ePR) [Currently in Draft]

Cookies: Article 8, Recitals 20, 21, 24 (varies due to draft changes)

WP29 / EDPB Texts

Images in this post have been kindly provided by:

unsplash-logoAnnie Spratt

Carl Gottlieb

Carl Gottlieb is the privacy lead and Data Protection Officer for a select group of leading tech companies. Carl’s consultancy company Cognition provides a range of privacy and security services including virtual DPO and virtual CISO.