[reposted from my LinkedIn account]
The ePrivacy Regulation is dead (as is – also very notably – the AI Liability Directive). The former has been a long time dying: it was first proposed in 2017, and then was subject to almost unprecedented lobbying by tech interests, which lobbying seems to have finally prevailed.
For the time being at least, then, the EU will continue to operate under a crucial law dealing with privacy of online (and telephonic) behaviour and communications which emanates from 2002 (Directive 2002/58/EC), an era when the internet as we now know it was unimaginable.
And in the UK, still effectively tied legislatively for reasons of trade and security to the EU, we will similarly (unless there’s a major jolt to our laws) still be working under the PEC Regulations of 2003 (which implemented Directive 2002/58/EC).
A slight irony is that the Data (Use and Access) Bill will almost certainly pass into UK law one of the key planned provisions of the now-shelved ePrivacy Regulation: to bring financial penalties for ePrivacy infringements onto the same level as those for GDPR/UK GDPR infringements.
So, in that regard at least, the UK will be able to say we have a stricter regime than the EU.
The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.
informationrightsandwrongs 