PECR is the Privacy and Electronic Communications Regulations. Their full title is The Privacy and Electronic Communications (EC Directive) Regulations 2003.
They are derived from European law. They implement European Directive 2002/58/EC, also known as ‘the e-privacy Directive’.
The e-privacy Directive complements the general data protection regime and sets out more specific privacy rights on electronic communications. It recognises that widespread public access to digital mobile networks and the internet opens up new possibilities for businesses and users, but also new risks to their privacy.
There are specific rules on:
- marketing calls, emails, texts and faxes;
- cookies (and similar technologies);
- keeping communications services secure; and
- customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.
The (UK) GDPR does not replace PECR, although it changes the underlying definition of consent. Existing PECR rules continue to apply, but using the new GDPR standard of consent.
Naturally, there is some overlap, given that both aim to protect people’s privacy. Complying with PECR will help you comply with the (UK) GDPR, and vice versa – but there are some differences and you must make sure you comply with both. Complianz Premium can help you with that!