The Privacy Directive emerged out of the European Commission's 1999 review of the electronic communications regulatory regime and its provisions are intended to complement those of the Telecoms Data Protection Directive.
The objective of the Privacy Directive is to ensure that the rules which currently apply to phone and fax services will be extended to email and SMS and that privacy will be respected when individuals use electronic networks and services.
What are Cookies?
Cookies are small text files used by most commercial websites. The files are sent from a web server to a website user's computer and are stored on the user's hard drive, so that when the user visits the site again, the site will remember the user.
How will the new Directive affect me?
The new law requires that a website operator clearly indicates to visitors that the site uses cookies or other tracking technologies and gives users the opportunity to reject them.
The new e-rules for marketers
Rule 1: Visitors MUST sign the visitors' book
From October 2003, all visitors to your website will have to have given consent in the form of an opt-in before you can send commercial email and SMS messages. Visitors must opt-in to receive a Cookie.
Rule 2: Visitors must have the option to opt out
The regulations as currently drafted do provide that in the context of an existing customer relationship, brand owners may email or text such customers providing that they are marketing their own similar products and the customer can easily opt-out of receiving such communications in the future.
What is meant by "similar products" is likely to be interpreted by the courts when the first offenders are brought before the bench for breach of the regulations.
Rule 3: Cookie recipe must be revealed to visitors
Cookies and other similar software tracking devices (sometimes referred to as "spyware") will be subject to a requirement for greater transparency and if you use these on your own website you must provide information about them to subscribers or visitors and offer an opportunity to refuse them.
Rule 4: Subscribers have the right to refuse to be listed in a directory
Subscribers must be given clear information about the directories and must be informed of any reverse search capabilities -- these allow directory users to identify names/addresses by searching against numbers rather than the other way around.
Rule 5: Value added services can be added
This is a positive development for marketers and will cover activities such as location-based advertising to mobile phones, for example. The caveat is that subscribers must give their consent and are informed of the data processing implications (the Data Protection Act 1998 applies).
What should you do now?
Marketers should start to clean up their databases and contact subscribers and seek permission now rather than waiting for October to come. That way they can be compliant rather than face their marketing campaigns being pulled for failure to comply with the new rules.
Ardi Kolah is author of 'Essential Law for Marketers' (Butterworth Heinemann, £25.00). Read the review of the book on Brand Republic and order your copy online
If you have an opinion on this or any other issue raised on Brand Republic, join the debate in the .