PECR applies to
- Marketing
- Cookies or similar technology on your website
- Security of communications services
- Customer privacy
Breach of PECR can result in a fine of up to £500,000
Europe is in the process of drafting an e-privacy directive – this is not yet in force
Direct marketing includes:
- advertising goods or services
- promotions of aims and ideals
- by any method of communication
- directed to particular individuals
- including all processing that
- and send direct marketing
Electronic communication includes:
— Table goes here
Cookies and similar technologies
A cookie is a small text file that downloads onto a computer or smartphone when the user accesses a website. It allows for communication between computer or smartphone and the website concerned: They are commonly used to:
- Track browsing behaviour in order to target advertise
- Analyse traffic to a website or part of a website
- Help the user to log in
- Record the contents of a shopping basket and pay for goods
Cookies may be:
- Session or persistent
- session cookies last the length of the browsing session concerned, whereas persistent cookies will record details for a future visit
- First and third party cookies.
- First party cookies relate to the website concerned, third party cookies relate to elements belonging to a third party on the website
- Essential and non-essential.
- Non-essential are those not required to run the website. Essential cookies are those that are either strictly necessary to run the website or assist in the actual communication across the electronic network
Users of websites must ensure that:
- Users are provided with transparent, clear and comprehensive information concerning all cookies
- Users must provide consent (to GDPR standard) to all non-essential cookies before cookies are BIT MISSING HERE FROM JANE’S DRAFT
- If essential cookies process personal data, that processing must be GDPR compliant (ie principles, lawful basis of processing, rights etc)
- If consent is denied or not given, the relevant cookies cannot be downloaded
References:
- PECR 2003 https://www.legislation.gov.uk/uksi/2003/2426/contents/made/data.htm
- ICO guidance
https://ico.org.uk/for-organisations/guide-to-pecr/what-are-pecr/
https://ico.org.uk/for-organisations/guide-to-pecr/electronic-and-telephone-marketing/using- marketing-lists/
https://ico.org.uk/media/for-organisations/documents/1555/direct-marketing-guidance.pdf