In light of the latest GDPR regulations, Europe seems to be on a roll when it comes to privacy legislation and the European Union ePrivacy regulation (ePR) proposal is yet another example. Broadening the scope of the current ePrivacy Directive, it refers to unsolicited marketing, cookies and confidentiality in particular while emphasizing user consent. If the GDPR served to align the data privacy laws across all EU countries, then ePR’s main focus is to ensure a person’s right to privacy at every stage of every online interaction.Companies like WhatsApp, Facebook Messenger and Skype will all be required to uphold the same privacy standards on human communication as do the telecom companies serving EU citizens.
It’s not only data on human communication that the ePR wishes to regulate. For example, under the new regulation drivers using live traffic information may be required to read, understand and consent to their data being transmitted from their car to the road sensors in each new area they enter, all while driving- making the whole process impractical and inconvenient. The ePR does not make a distinction between M2M communication which does and doesn’t involve interpersonal communication, or devices and services which do not use the data collected for human communication purposes (such as fitness tracking).The new regulation is a possible hurdle for IoT implementation, which is why an amendment was proposed before the Council of the European Union to exclude M2M services from the ePR, except where they enable “interpersonal and interactive communication.” Whether the amendment will be accepted and what will be the final version of the law passed remains to be seen.