3 Questions About the Impacts of the ePrivacy Regulation to Prof. Dr. Christoph Bauer

The advertising industry has sharply criticized the proposal of the European Commission for the ePrivacy Regulation which is meant to improve online data protection. What do you think about the legislative proposal?

Christoph Bauer: The proposed text for the ePrivacy Regulation is a specification of the General Data Protection Regulation (GDPR), but which goes in a different direction than expected from the GDPR. So far, legislation pursued the objective to enable existing business models of the industry further on. This has changed significantly, as an opt-in by the user is required for third party cookies and other tracking technologies, what has not been the case before. Furthermore, the implementation period will not be two years, but the ePrivacy Regulation shall come into force together with the GDPR in May 2018. As it is so far only a proposal, the implementation period will probably be very short. In total, the procedure oft the Commission is very unusual and thus astonished the impacted industry. Some people as IAB Germany vice president Thomas Duhr are afraid that the internet as we know it today will not exist any more.
The measures impacting the cookies is part of a longer list of legislative proposals for the improvement of data protection in electronic communication. The European Commission presented it as a possibility to simplify the settings of acceptance or denial of cookies that access data on the user's computer or that track the user's online behavior. Which consequences could this text have if it will be accepted unmodified?
CB: From the user's point of view, the big amount of tracking methods would be reduced, because an opt-in would be necessary in the future. Until now, this tracking has been allowed in most countries. Insofar, the business models of the numerous third party tracking providers would be at risk. Furthermore, companies that already have got the user's opt-in (e.g. Google, Facebook) would not be impacted by this regulation, which means that their business model would not be endangered and they would probably take over their competitors' businesses. The reason is that big platforms as Facebook and Google often use first party cookies, but generally have got the user's opt-in for third party cookies, which is part of their large and detailed terms of use that users often accept without proper reading.
If the regulation comes into force unmodified, big shifts are to be expected in the online advertising and technology business, because this regulation actually favors the big players as Facebook and Google that already have got an opt-in. But the consequences for all other players of the online marketing industry would be devastating. That cannot be the interest of the Commission.

The European Commission wants to "guarantee the privacy of online behavior and of the users' devices" and to transfer the control to the user. In your opinion, how can that fundamental principle and the need to finance content with advertising be brought together? In other words, what amendments could be proposed for this law?
CB: It could be an idea to permit anonymous tracking, as neither the GDPR affects anonymous data. Thus, if someone tracks a user without knowing his personal data as name, address, email address, ip address etc, tracking by cookies and other trackers might be allowed. Because the person behind anonymous data cannot be identified by the one who gets the anonymous data.
Besides, there are tracking methods that do not leave traces on the users' devices (as cookie text files in browsers do), but that track the device anyway. Insofar it can happen that third party cookies will be forbidden, but that other technologies will take their place, that actually have got the same effects but are not forbidden. Given that, the legislator would have missed the target.

Read more


The New ePrivacy-Regulation: Overview on the Most Important Changes

On 10th of January, the European Commission has published the official proposal for the ePrivacy Regulation, expected to come into forth with the General Data Protection Regulation in May 2018. Associations and players of the online marketing sector have already strongly criticized the proposal, as it would have serious consequences on the internet industry and on the information society.

What exactly will the ePrivacy Regulation change, if the proposal will be accepted unmodified? Dr. Frank Eickmeier and Prof. Dr. Christoph Bauer have summarized the main changes for you. Please find the detailed statement here.

Read more



d3con 2017

ePrivacy will be at d3con again! We are looking forward to inspiring exchanges on 14 March 2017 in Hamburg.

Read more


Open GDPR seminar at ePrivacy in Hamburg

Open seminar about the challenges of the EU General Data Protection Regulation (GDPR) from 11 am until 3 pm: What are the most important changes due to the new EU legislation? How can data-driven business models be prepared for 2018? 

ePrivacy GmbH
Große Bleichen 21
20354 Hamburg

Read more


Press images may be used free of any rights and royalty costs in the course of reporting on ePrivacy.

For further questions please don't hesitate to contact us.


Erste Schweizer Firma mit ePrivacyseal CH zertifiziert

ePrivacy hat in Kooperation mit der Schweizer Kanzlei MME und dem Schweizer Cybersecurity-Unternehmen InfoGuard das erste schweizerische Unternehmen mit dem Gütesiegel „ePrivacyseal – geprüfter Datenschutz CH“ ausgezeichnet. Zertifiziert wurde im Februar 2017 die Secure-Messaging-Plattform PrivaSphere.

Sie können die ganze Pressemitteilung als PDF downloaden.

Read more


ePrivacy Extends the Inspections Scope of the ePrivacyseal to the New GDPR and Publishes Free GDPR App

ePrivacy GmbH has integrated the new General Data Protection Regulation, published in May 2016 and operative in May 2018, into the criteria catalogue of the ePrivacyseal. Furthermore, the free app “ePrivacy GDPR” brings the law text on smartphones. 

Please find the complete press release here.

Read more

Do you have questions or recommendations for us?

We are glad to receive your comments.