Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Privacy and Electronic Communications Regulation - Elaine McKinney
1. RETHINKING ELECTRONIC
COMMUNICATIONS: EUROPE
AND THE OTHERS
Florence School of Regulation, Communications
and media
May 27, 2016
AVG public
Elaine McKinney Compliance & Privacy Director for AVG
3. AVG Confidential3
• They are derived from
European law. They implement
European Directive 2002/58/EC,
also known as ‘the e-privacy
Directive’
• The e-privacy Directive
complements the existing data
protection regime and sets out
more-specific privacy rights on
electronic communications.
PECR
4. AVG Confidential4
What does it cover?
• Marketing by electronic means, including marketing calls, texts, emails and
faxes.
• The use of cookies or similar technologies that track information about
people accessing a website or other electronic service.
• Security of public electronic communications services.
• Privacy of customers using communications networks or services as regards
traffic and location data, itemised billing, line identification services (eg caller
ID and call return), and directory listings.
5. AVG Confidential5
How does this apply to AVG?
Some of the rules only apply to organisations that provide a public electronic
communications network or service. But even if you are not a network or
service provider, PECR will apply if your company :
• markets by phone, email, text or fax;
• uses cookies or a similar technology on your website; or
• compile a telephone directory (or a similar public directory).
6. AVG Confidential6
Business impact
• Global company – businesses worldwide
• Restrictions on business due to regulation
• Opt in versus opt out – pre ticked
• Unsubscribe
• Cookie notice
• Placing of cookies.
• Impact
• Application to companies not in EU if they sell in the
EU
• Resource cost – time and opportunity
• Supplier due diligence
• On potential for revenue generation from analytics
• User experience.
7. AVG Confidential7
Data Protection Authorities and enforcement
• Can include:
• criminal prosecution
• non-criminal enforcement
• regulator assessment/audit
• monetary penalties - example UK ICO
can fine up to £500,000 and other
country DPA up to €900,000.
• Review:
• Consultation of PECR is in progress.