ePrivacy Rules Set to Change

The next couple of months are expected to bring a number of key changes – especially following the surprise announcement of a general election taking place on the 8th June. One change, though, has come with a little bit more warning, which means businesses should take the necessary steps to ensure that they are ready for them. Pleading ignorance will not be an excuse!

This particular change is in regards to the ePrivacy Directive, and will come into effect on the 25th May 2018, giving companies just over a year to make sure they comply with new rules.

It follows a proposal from the EU Commission earlier this year for a new Regulation on Privacy and Electronic Communications, which the Commission hopes will replace the ePrivacy Directive. This new Regulation is said to have a focus on confidentiality and privacy of electronic communication. This will include guidelines for Voice over Internet Protocol, telemarketing and cold calling, online tracking of third party websites, and marketing carried out over SMS. As these represent some of the most powerful marketing tools available to companies, familiarising yourself with the new rules will be decidedly important for everybody with an interest in reaching their customer base legally and ethically.

One particular area which businesses should approach with caution is the collection of individuals’ data, for the purposes of marketing. Of course, this practice can be really helpful for businesses, allowing them to reach new customers. But it can be great for the individual too, as they get to hear about relevant and interesting products and services, which might be useful to them. The key thing is to protect everybody’s right to privacy, and to make sure that – regardless of the law – you are keeping potential customers’ wellbeing as your priority. You don’t want to harass people who have no interest in whatever you are trying to sell them; that does’t help anybody.

Another feature which the new regulations are expected to have an impact upon is online messaging and calling. Voice over Internet Protocol (VoIP) makes it possible for users to hold voice conversations over the internet, rather than over analog phone lines (as with traditional landlines and mobile phone calls). Some messaging systems and apps like WhatsApp allow you to make use of VoIP to place in-app voice calls, meaning you don’t have to spend money or use up your bundled minutes. However, it is thought that the EU Commission’s proposal might change the way this works.

Telemarketing is also thought to have a great deal of attention in the proposal. It has been said that the EU will make it compulsory for all telemarketers to display the phone number that they are calling from, rather than being able to show up on individuals’ phones as ‘Unknown’ or ‘Withheld’. Alternatively, they might have to use a specific prefix which will alert recipients to the fact that the call is coming from a telemarketer. This will give recipients more power to avoid cold calls and telemarketers altogether, if they so wish. While this could be a great thing for people who have no interest in receiving such calls, it could hit some businesses who rely on telemarketing especially hard.

Still, this does not mean that businesses should lose heart completely. One benefit that will come from these regulations is that your marketing will be much more targeted. The new rulings will make it difficult to find or reach people who have not shown direct interest in your product or service. While that makes it harder to find new customers, it does mean that you could end up saving a great deal of money on marketing, as you will only spend funds on people who are likely to purchase from you. Consequently, the return on investment from telemarketing or SMS campaigns should be higher than when reaching huge amounts of people at random.

However, businesses will need to tread carefully. It has been reported that companies will now be much more liable to be fined, and that the fines will be hefty: over £10 million for making unsolicited marketing ploys or breaching security.

Here are the rules as set out by Article 5:

  • Data must be processed lawfully, transparently, and fairly.
  • Personal data must be collected for an intended, limited, and explicit purpose.
  • Data collected must be minimal to include what is necessary to the purpose.
  • Data must be up to date and accurate.
  • Processing data must have the appropriate level of security.
  • The data controller must be responsible and compliant with these principles.