BIG NEWS ALERT!
The final version of the EDPB guidelines on the interpretation of Article 5(3) ePrivacy just dropped. And the bad news is... they seem mostly just as bewildering as the first version.
Here’s just a sample of the most difficult issues that remain:
- Pixels and hyperlink decoration still very much in-scope.
- Use of caching mechanism on the client side is still considered “storage”, even if only temporary.
- No minimum length of time for information to persist to count as “already stored”, meaning that ephemeral storage is still caught.
- Gaining access to an IP address is still in scope, where the IP address originates from the terminal equipment.
- Information entered by a user (e.g. in a form) still in scope, as this is stored temporarily on the device before being collected.
The most substantive change is a few references to the exemptions thrown in, presumably in attempt to reassure the (many!) organisations who responded to the consultation, explaining just how problematic these positions are…
/Passle/5f3d6e345354880e28b1fb63/SearchServiceImages/2024-11-19-13-33-35-541-673c93af3578d9951b12158b.jpg)
/Passle/5f3d6e345354880e28b1fb63/SearchServiceImages/2024-11-19-11-16-25-788-673c738925126ee9da09e654.jpg)
/Passle/5f3d6e345354880e28b1fb63/MediaLibrary/Images/2024-08-01-13-11-10-549-66ab896ee543bf94f9636c73.png)