PrivacyEuropean Union
EU ePrivacy Directive (2002/58/EC)
Directive 2002/58/EC (the ePrivacy Directive) is the EU sectoral lex specialis on privacy in the electronic communications sector, alongside the GDPR (which is the lex generalis for personal data). The 2009/136/EC amendment introduced the prior-consent rule for cookies and similar storage-of-information technologies (Article 5(3)) and the security and personal-data-breach-notification regime (Article 4).
Domains
ePrivacy - Implementation, Enforcement and Final (Articles 14-21)
ePrivacy - Unsolicited Communications (Article 13)
ePrivacy - Security and Confidentiality (Articles 4-5)
ePrivacy - Scope and Definitions (Articles 1-3)
ePrivacy - Traffic, Billing, CLI, Location and Directories (Articles 6-12)
Compare EU ePrivacy Directive (2002/58/EC)
EU ePrivacy Directive (2002/58/EC) vs ISO 27001:2022View comparison →EU ePrivacy Directive (2002/58/EC) vs SOC 2View comparison →EU ePrivacy Directive (2002/58/EC) vs NIST CSF 2.0View comparison →EU ePrivacy Directive (2002/58/EC) vs GDPRView comparison →EU ePrivacy Directive (2002/58/EC) vs HIPAAView comparison →EU ePrivacy Directive (2002/58/EC) vs PCI DSS 4.0View comparison →
EU ePrivacy Directive (2002/58/EC) by Industry
EU ePrivacy Directive (2002/58/EC) for Healthcare→EU ePrivacy Directive (2002/58/EC) for Financial Services→EU ePrivacy Directive (2002/58/EC) for Technology→EU ePrivacy Directive (2002/58/EC) for Government→EU ePrivacy Directive (2002/58/EC) for Manufacturing→EU ePrivacy Directive (2002/58/EC) for Energy→EU ePrivacy Directive (2002/58/EC) for Retail→EU ePrivacy Directive (2002/58/EC) for Education→
EU ePrivacy Directive (2002/58/EC) by Role
EU ePrivacy Directive (2002/58/EC) for CISOs→EU ePrivacy Directive (2002/58/EC) for Compliance Officers→EU ePrivacy Directive (2002/58/EC) for Risk Managers→EU ePrivacy Directive (2002/58/EC) for IT Directors→EU ePrivacy Directive (2002/58/EC) for DPOs→EU ePrivacy Directive (2002/58/EC) for Auditors→
Frequently Asked Questions
What is EU ePrivacy Directive?
Directive 2002/58/EC (the ePrivacy Directive) is the EU sectoral lex specialis on privacy in the electronic communications sector, alongside the GDPR (which is the lex generalis for personal data). The 2009/136/EC amendment introduced the prior-consent rule for cookies and similar storage-of-information technologies (Article 5(3)) and the security and personal-data-breach-notification regime (Article 4).
How many controls does EU ePrivacy Directive have?
EU ePrivacy Directive contains 15 controls organized across 5 domains.
Where does EU ePrivacy Directive apply?
EU ePrivacy Directive is applicable in European Union. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
What frameworks does EU ePrivacy Directive map to?
EU ePrivacy Directive has control-to-control mappings with 2 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.
How do I get started with EU ePrivacy Directive compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for EU ePrivacy Directive (2002/58/EC)?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.