Hot on the heels of the EU General Data Protection Regulation comes an announcement that the EU will soon have major changes to the E-Privacy Directive, which is implemented in the UK as the Privacy and Electronic Communications Regulations (PECR).

Currently the Directive requires network communication providers to protect the privacy rights of individuals in relation to their location and to notify affected individuals in the event of a data breach. However the same rules do not apply to companies that provide content over networks such as Facebook or LinkedIn. It is anticipated that the EU will amend the law to apply to content providers.

Other changes may be made to make the so called “Cookies law” easier to comply with by only requiring a cookie opt-in where personal data will be collected by invasive technology and used for purposes unconnected with the initial use of a website by an individual.