The Privacy and Electronic Communications (EC Directive) Regulations 2003

The Privacy and Electronic Communications (EC Directive) Regulations 2003 are part of a series of laws and regulations that implement the EU telecoms framework into UK law.

They deal with a person's privacy rights when an organisation uses electronic communications to provide products and services to them.

The Privacy and Electronic Communications (EC Directive) Regulations 2003 implement Articles 2, 4, 5(3), 6 to 13, 15 and 16 of Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). The Regulations revoke the Telecommunications (Data Protection and Privacy) Regulations 1999.

Main points

  • Sending unsolicited marketing by phone, fax, email, SMS text, picture messaging, or any other electronic means is strictly regulated. This also includes telesales calls, automated calls and spamming.
  • Individuals have the right to refuse unsolicited marketing messages by fax, phone, email and text message. Companies or organisations have the right to refuse marketing by phone and fax.
  • Unsolicited marketing material by electronic mail should only be sent if the individual has consented to receive them, unless the individual's details were obtained in the context of a commercial relationship and the marketing is for similar products or services. The individual should always be given the opportunity to opt out in every message
  • The Information Commissioner's Office (ICO) has legal powers to ensure that organisations comply with the requirements of the Privacy and Electronic Communications (EC Directive) Regulations.

Guidance

Reference

The Privacy and Electronic Communications (EC Directive) Regulations 2003

UK/2003/SI/2426