What is the e-Privacy Regulation?
The e-Privacy Regulation is set to replace the 2002 Privacy and Electronic Communications Directive (known as the ePrivacy Directive) and has been in the works for quite some time. It was originally proposed as a sister regulation to the General Data Protection Regulation (GDPR) back in 2018. The new privacy regulation aims to protect the personal data of online communications by creating rules for traditional Electronic communication service providers and entities that were not previously covered by the ePrivacy Directive, such as WhatsApp or Facebook Messenger.
The regulation would create stricter rules around not just personal data but also metadata, meaning data describing the other original set of data collected. Most importantly, the ePrivacy Directive and the new e-Privacy Regulation aim to solve consent issues around cookies. The proposed changes to the e-Privacy Regulation would allow users to either accept or deny the usage of cookies on the browser-level and also clarify to websites that they do not need to get consent for “non-privacy intrusive cookies.” These cookies would allow website features like “shopping carts” to keep track of what a user has ordered. It would also require that organizations allow end-users to withdraw their previously-granted consent at least once per year.
How does this affect my business?
The business impact of the e-Privacy Regulation will be significant. The new changes under the e-Privacy Regulation will apply to electronic-communication networks (such as instant messaging apps, Voice over Internet Protocol (VoIP) platforms, and machine-to-machine communications); data stored in or sent from consumers through phones, tablets, and computers (including cookies, device IDs, and other identification software); and practices used to address customers over electronic-communication networks for direct-marketing purposes (such as direct mail, newsletters, emails, Text SMS, social media marketing).
Integrating data privacy and compliance with Bolt
Bolt is a strong advocate for data privacy and compliance. Our products are built with Privacy by Design Principles and we provide resources and tools for our merchants to be able to meet their data privacy and compliance requirements as well, such as our recent GDPR Whitepaper and Compliance e-Book. The Bolt checkout iFrame is fully customizable and allows for consent checkboxes for marketing or newsletter purposes – ensuring that we put individual rights at the forefront of our product and partnership with merchants. Bolt is GDPR compliant and is able to provide assistance to merchants receiving data-related requests from their shoppers. It is important for companies to do an in-depth analysis and keep a repository of all the cookies that are being used on their website and the purposes of each of those cookies in order to be able to comply with the changing regulations around data privacy.