You should read this section if you are currently required to comply with the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).

If you are not required to comply with PECR, this section does not apply to you.

See our Guide to PECR for more information.

Parts of PECR apply to you if you are a provider of a public electronic communications service.

Other parts of PECR apply to you if you:

  • market by phone, email, text or fax;
  • use cookies or a similar technology; or
  • compile a telephone directory (or a similar public directory).

What are the key points?

PECR brings into UK law the EU Directive on Privacy and Electronic Communications (ePrivacy Directive). It complements the GDPR and sets out more specific privacy rights regarding electronic communications.

The EU is replacing the ePrivacy Directive with a new ePrivacy Regulation to sit alongside the GDPR. The new regulation is not yet agreed, and is unlikely to be until after exit date. This means it will not form part of UK law by virtue of the EU (Withdrawal) Act 2018.

How can we prepare?

PECR will continue to apply and no specific preparations are needed for exit date.