International Institute of Communications

Tel:+44 (0)20 8544 8076
Fax:+44 (0)20 8544 8077

social twitter sm  social linkedin sm  social youtube sm  social facebook sm

GDPR or ePrivacy, that is the question?


Tuesday, 5th march 2019
hosted by the Institute squire patton boggs, London

Last time the IIC UK discussed GDPR implementation we looked at the uncertainty created by Brexit. 

While that uncertainty remains, there is wider uncertainty: on the application of ePrivacy rules – whether in the UK or the EU, and beyond – particularly when it comes to the communications sector. 

Many have suggested that the proposal to update the ePrivacy Directive in the form of a regulation -- in light of the GDPR and the new Electronic Communications Code (EECC) -- is unlikely to be adopted before mid-2019, when the mandate of the sitting European Parliament comes to an end.  Nonetheless, the current Romanian presidency is driving an ambitious calendar that could see the proposal being agreed by the Council within weeks of this event.  Trilogues with the European Parliament could start as early as end of March and final agreement could be reached by the end of 2019.

Whether or not the proposed ePrivacy Regulation is passed, there is a flurry of questions concerning exactly how (or even which) EU privacy legislation now applies to communications providers. Take sanctions, for example.  Is failure to obtain consent under the ePrivacy Directive subject to GDPR sanctions?  Are GDPR Article 28 agreements (and the Standard Contractual Clauses for international transfers) applicable to communications data passed from one operator to another?  

Additional questions surround the changes that will be coming when the EECC becomes applicable in 2020, classifying online communications providers as ECS and thus, in principle, fully subjecting ‘OTTs’ to the ePrivacy rules. 

For all sector participants, there is the additional conundrum of how the new provisions of the ePrivacy Regulation will be interpreted and how they will interoperate with the GDPR. 

Our panel of experts discussed the application and interpretation of this complex and fast-evolving legal framework.



Squire Patton Boggs UK LLP


Chris Hutchins

Chris Hutchins

Managing Director for Public Policy EMEA, McAfee

Jeremy Rollison

Jeremy Rollison

Director of EU Government Affairs, Microsoft Corporation

Malcolm Harbour (CBE)

Malcolm Harbour (CBE)

Director, Digital Policy Alliance;
former Chair of the Internal Market Committee, European Parliament

Mikko Niva

Mikko Niva

Group Privacy Officer, Vodafone

photo gallery

IMG 6181
IMG 6191
IMG 6192
IMG 6194
IMG 6198
IMG 6202
IMG 6211
IMG 6213
IMG 6216

Stay up to date with the IIC

Tell us how you'd like to stay informed about events, interviews and more from the IIC. 

My IIC Preferences