CIPL Issues Factsheet on Key Issues Relating to the Relationship Between the Proposed ePrivacy Regulation and the GDPR
Time 2 Minute Read
Categories: Centre for Information Policy Leadership, European Union, International

On March 20, 2018, the Centre for Information Policy Leadership ("CIPL") at Hunton Andrews Kurth LLP issued a factsheet outlining relevant GDPR provisions for negotiations surrounding the proposed ePrivacy Regulation (the "Factsheet").

The Factsheet is designed for policymakers and other stakeholders involved in the development process of the new ePrivacy Regulation who are not deeply familiar with the GDPR. As the ePrivacy Regulation aims to complement and particularize the GDPR, an understanding of the key concepts and definitions is crucial to ensure the ePrivacy Regulation’s effective development.

The Factsheet explains key GDPR terms and concepts that are pertinent to the ePrivacy Regulation, including:

  • The definitions of fundamental GDPR terms, such as personal data, data processing and the role of controllers and processors;
  • Information on the territorial scope and reach of the GDPR;
  • An outline of the six key data protection principles and the legal bases for processing;
  •  A description of the various rights of data subjects under the GDPR;
  • Information on the risk-based approach and data privacy impact assessments;
  • An explanation of privacy by design and by default, and GDPR security requirements; and
  • Information on the concept of the lead supervisory authority, remedies and sanctions.

Also included is an annex of the most relevant GDPR recitals and provisions.

To read more about the concepts outlined above and the other relevant GDPR provisions relating to the proposed ePrivacy Regulation, view the full Factsheet.

Tags: Compliance, Cross-Border Data Flow, Data Controller, Data Processor, Data Transfer, GDPR, Personal Data, Privacy By Design, Risk-Based Approach
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 3 Minute Read
Connecticut AG Clarifies AI Compliance Obligations Under CTDPA

The Connecticut Attorney General recently issued a legal memorandum regarding the application of existing Connecticut laws, such as the Connecticut Data Privacy Act, to the use of artificial intelligence.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 6 Minute Read
NetChoice Files Suit Challenging South Carolina Age-Appropriate Code Design

On February 9, 2026, trade association NetChoice filed a lawsuit challenging South Carolina’s newly passed Age-Appropriate Code Design (“SC AACD”) on First and Fourteenth Amendment grounds. The SC AACD was signed into law on February 5, 2026, making South Carolina the fifth U.S. state to enact such a law, following California, Maryland, Nebraska and Vermont.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
Congress Extends Cybersecurity Information Sharing Act of 2015 through September 2026

Congress has extended the Cybersecurity Information Sharing Act of 2015 through September 30, 2026 as part of the Consolidated Appropriations Act, a government funding package enacted in early February 2026.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 4 Minute Read
Data Privacy Day 2026: CIPL Fireside Chat with CPPA General Counsel Phil Laird

On January 27, 2026, the Centre for Information Policy Leadership hosted a fireside chat with California Privacy Protection Agency General Counsel Phil Laird in honor of Data Privacy Day.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page