Privacy and Electronic Communications Directive (Directive 2002/58 on Privacy and Electronic Communications aka the e-Privacy Directive) / EC Directive 2009/136/EC amended by Directive 2009/ 136/EC (“Cookie Directive”).
There was a widespread concern that the internet posed a multitude of threats relating to privacy (e.g. cookies and spyware), and these concerns resulted in the European Union adopting a replacement directive. On 31 July 2002 the EU adopted the Privacy and Electronic Communications Directive (Directive Concerning the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector 2002/58/EC). While the directive reiterates provisions that are relevant to telecommunication companies (i.e. itemised billing; directories of subscribers), it also widens the previous directive to apply to new technologies. The Privacy and Electronic Communications Directive contains controversial provisions that affect cookies, spam (unsolicited e-mail) and data retention. The passing of this Directive completed the ‘telecoms package’, which is a set of EU Directives that established a regulatory framework for communication services.