by Karolin Koestler, Marketing Manager EMEA
It feels like just yesterday that the EU implemented the General Data Protection Regulation (GDPR) to govern data . Yet recently, another act, the ePrivacy Regulation, is currently being proposed. Also from the EU, and in fact created by the same governing body, the ePrivacy Regulation’s aim is to align the online standard of with what’s covered by the .
Needless to say, this impacts virtually every business everywhere, asand also the apply to you if you do business with EU citizens, regardless of which country you operate in.
In a nutshell, thewill complement the and spells out the specifics for personal data safety and privacy. Here’s how.
What the GDPR does
The GDPR aligns data privacy laws across all EU countries. If you’re a retailer anywhere in the world doing business with EU citizens, both laws apply to you. Under the GDPR, any EU citizens’ information is protected, regardless of whether you process their information within the EU or not, and regardless of where your company is located.
This applies to all metadata that’s created as a result, too. The GDPR also strengthens the area of consent as to how you can use an EU customer’s personal information or whether you can share it. Further, if you take any information from EU customers, you must maintain it and make it available to the user, if requested.
There’s also a critical ‘right to be forgotten’ under the GDPR—an important development in the Internet age, where almost everything that’s ever been published about people remains accessible forever.
What ePrivacy regulations do
The European Union ePrivacy regulation specifically will cover electronic communications, aligning all the different online privacy rules that exist across EU member states. While the GDPR specifies protection of personal data, the ePrivacy regulation will cover theof communications.
The regulation will take on all definitions of privacy and data that were introduced in the GDPR, and will clarify and enhance them, especially when it comes to unsolicited marketing (aka, no spam), use of(you must obtain consent, use clear language in your description of what your do, and other requirements yet to be detailed), and .
Ultimately, both laws will work together to ensure that internet users have control over their data and that the onus is on all website creators and operators to maintain all user data in a way that guarantees that their information is safe.