What is PECR ( Privacy and Electronic Communications Regulation )?

Swami Nathan Mon, 05/17/2021 - 02:57

With headline-making fines and daily news updates on the ongoing impacts of data security post-Brexit, it's difficult to disregard the GDPR these days. Most companies will be aware of what they need to do in order to comply with the GDPR, and an increasing number will be taking action. However, UK companies must adhere to another privacy regulation. It might not get as much attention as the GDPR, but it is still in effect, and the Information Commissioner's Office (ICO) continues to levy fines for data breaches caused by non-compliance.

The Privacy and Electronic Communications Regulation, or PECR, is the other piece of legislation.

What’s PECR?

PECR stands for Privacy and Electronic Communications Regulation which is a part of the European Union's ePrivacy Directive, which is currently being revised to become the dreaded ePrivacy Regulation, which would place a greater emphasis on limiting the use of cookies for monitoring purposes. PECR is a law that regulates marketing calls, messages, and emails. It also has to do with the use of online cookies, which are used to track information about users on the internet. It also governs how telecommunication companies and other communications networks and providers use location data.

If a company offers these services, including email marketing and the use of cookies, it must comply with both PECR and GDPR. PECR will be replaced by the ePrivacy Regulation until it is implemented.

What is the difference between GDPR and PECR?

PECR and the UK's introduction of the GDPR are both derived from separate European privacy measures, and organizations must comply with both. To make compliance with both sets of regulations simpler, PECR has adopted the GDPR's concept of valid consent. PECR was last revised in early 2019 to address some of the GDPR's grey and incomplete areas.

Despite the fact that the two regulations are meant to complement each other, there are a few main differences between the GDPR and the PECR:

  1. PECR, unlike the GDPR, refers to other organizations in addition to individuals.
  2. Even if you are not processing personal data, PECR applies, and marketing guidelines apply even if you are unable to identify the person you are contacting.
  3. A violation must be reported within 72 hours under the GDPR. PECR has a much shorter time limit, just 24 hours.

Who is Required to Follow the PECR?

If you're a non-UK or non-EU company doing business in the UK, you may be wondering if you have to follow the UK's privacy laws. In a nutshell, the PECR refers to non-UK and non-EU companies that do business in the United Kingdom.

If your goods, services, or ads are directed at citizens in the United Kingdom, you must comply with the PECR and GDPR.

This is applicable even if the organisation has no physical presence in the United Kingdom or the European Union. It's part of the GDPR's data security laws, which are outlined in Article 3.

You may also need to nominate an EU Representative if you're based outside of the UK.

What will the ICO do to enforce the PECR?

The ICO has a number of options for changing the behavior of someone who violates the PECR. Crime investigation, non-criminal compliance, and audit are among them. The Information Commissioner may also give a monetary penalty notice to the organisation or its directors, which can carry a fine of up to £500,000.

These abilities do not conflict with one another. ICO uses them in addition when the situation calls for it.

How Teceze will assist you in achieving compliance?

With our independent PECR Audit service, you will find out how compliant you are with the PECR.

  1. PECR knowledge within the organisation; how risks are handled and the documentation that goes with it.
  2. Access restriction is one of the security procedures in operation.
  3. Data subjects' privileges and privacy notifications are handled properly.
  4. Staff education.
  5. Mechanisms for data transfer and third-party processors.
  6. Your ISMS (Information Security Management System), which includes testing, and frameworks, as well as your breach response procedures.

We will recognize areas of non-compliance and provide you with a report to assist you in taking corrective action.

PECR stands for Privacy and Electronic Communications Regulation which is a part of the European Union's ePrivacy Directive.....

Recent Post

Ideas for Buying Computers for Your Business

Aravindhan Mon, 02/07/2022 - 10:10

PCs are now popular. PC sales increased during the epidemic, reaching their highest level since 2014. Over the course of a single year, global revenues climbed by 32%! It's hardly unexpected, given that many organizations needed to purchase computers that improved remote working capabilities. And all the homes that have installed computers for remote study and pleasure.

What is SOC and Benefits of SOC

Aravindhan Pasupathy Thu, 01/27/2022 - 13:02

A Security Operations Center (SOC) is a command center comprised of trained security resources, process, and technology that are constantly monitoring for hostile behaviour while preventing, detecting, and responding to cyber events.

What questions should you ask before signing up for NOC services

Aravindhan Pasupathy Wed, 01/26/2022 - 13:32

Enquire specifically about the location of the NOC. It has been common practise among NOC providers supporting MSPs to hide the fact because the NOC is not located in the same geographic area as their headquarters.

7 Different Types of Cyber Security Threats

Aravindhan Pasupathy Sat, 01/22/2022 - 13:17

When it comes to protecting your organisation against cybercrime and cyber-attacks, it can be tough to know where to start. There's so much information out there that it's easy to get overwhelmed, especially if it's conflicting.

What is NOC and Advantage of NOC Services

Aravindhan Pasupathy Tue, 01/18/2022 - 12:16

A NOC, or network operations centre, is a centralised facility where IT support technicians’ control, monitor, and maintaining customer connections. The overall goal of a NOC is to keep the network going smoothly and without interruptions.