UK Legal Documents and Forms

Privacy and Electronic Communications (EC Directive) Regulations 2003

        Contents
 

  Related documents and pages                          

  1. privacy policy and ecommerce agreements

  2. Business terms and conditions

  3. Privacy surveillance

  4. Website privacy policy agreement, website privacy policy contract

  5. Privacy policy for Pure Clients

  6. Distance selling 02: an update since changes in April 2005

  7. Commerce contracts & trade agreements

  8. Ecommerce - General matters

  9. Employment - for employers

  10. Government, local and central
Net Lawman services   Net Lawman Services
 
Free Information Pages
 
Other Important Pages
 
Home  |  Legal Documents  |  Legal advice   |  Free Legal Information  |  Make payment  |  Log in
  Privacy and Electronic Communications (EC Directive) Regulations 2003 List of UK acts
 
  
  Crown Copyright Acknowledged
 

Made         18th September 2003
Laid before Parliament         18th September 2003
Coming into force         11th December 2003

The Secretary of State, being a Minister designated( ) for the purposes of  section 2(2)
of the European Communities Act 1972( ) in respect of matters relating to electronic
communications, in exercise of the powers conferred upon her by that section, hereby makes
the following Regulations:

Citation and commencement

 


 
 

      These Regulations may be cited as the Privacy and Electronic Communications
      (EC Directive) Regulations 2003 and shall come into force on 11th December 2003.
 

Top

Interpretation

 
 

  1. -
    In these Regulations- "bill" includes an invoice, account, statement or other
    document of similar character and "billing" shall be construed accordingly;
    "call" means a connection established by means of a telephone service
    available to the public allowing two-way communication in real time;
    "communication" means any information exchanged or conveyed
    between a finite number of parties by means of a public electronic
    communications service, but does not include information conveyed as
    part of a programme service, except to the extent that such information
    can be related to the identifiable subscriber or user receiving the
    information;"communications provider" has the meaning given by
    section 405 of the Communications Act 2003( );"corporate subscriber"
    means a subscriber who is-
    1. a company within the meaning of section 735(1) of the
      Companies Act 1985( );
    2. a company incorporated in pursuance of a royal charter or letters patent;
    3. a partnership in Scotland;
    4. a corporation sole; or
    5. any other body corporate or entity which is a legal person distinct from
      its members;
    "the Directive" means Directive 2002/58/EC of the European Parliament and
    of the Council of 12 July 2002 concerning the processing of personal data and
    the protection of privacy in the electronic communications sector (Directive
    on privacy and electronic communications)( );"electronic communications
    network" has the meaning given by section 32 of the Communications
    Act 2003( );"electronic communications service" has the meaning given by
    section 32 of the Communications Act 2003;"electronic mail" means any
    text, voice, sound or image message sent over a public electronic
    communications network which can be stored in the network or in the
    recipient's terminal equipment until it is collected by the recipient and
    includes messages sent using a short message service;"enactment"
    includes an enactment comprised in, or in an instrument made under,
    an Act of the Scottish Parliament;"individual" means a living individual
    and includes an unincorporated body of such individuals;"the Information
    Commissioner" and "the Commissioner" both mean the Commissioner
    appointed under section 6 of theData Protection Act 1998( );"information
    society service" has the meaning given in regulation 2(1) of the Electronic
    Commerce (EC Directive) Regulations 2002( );"location data" means any
    data processed in an electronic communications network indicating the
    geographical position of the terminal equipment of a user of a public
    electronic communications service, including data relating to-
    1. the latitude, longitude or altitude of the terminal equipment;
    2. the direction of travel of the user; or
    3. the time the location information was recorded;
    "OFCOM" means the Office of Communications as established by section
    1 of the Office of Communications Act 2002( );"programme service" has
    the meaning given in section 201 of the Broadcasting Act 1990( );"public
    communications provider" means a provider of a public electronic
    communications network or a public electronic communications service;
    "public electronic communications network" has the meaning given in
    section 151 of the Communications Act 2003( );"public electronic
    communications service" has the meaning given in section 151 of the
    Communications Act 2003;"subscriber" means a person who is a party
    to a contract with a provider of public electronic communications services
    for the supply of such services;"traffic data" means any data processed
    for the purpose of the conveyance of a communication on an electronic
    communications network or for the billing in respect of that communication
    and includes data relating to the routing, duration or time of a communication;
    "user" means any individual using a public electronic communications
    service; and "value added service" means any service which requires the
    processing of traffic data or location data beyond that which is necessary
    for the transmission of a communication or the billing in respect of that
    communication.

  2. Expressions used in these Regulations that are not defined in paragraph (1)
    and are defined in the Data Protection Act 1998 shall have the same meaning
    as in that Act.

  3. Expressions used in these Regulations that are not defined in paragraph (1) or
    the Data Protection Act 1998 and are defined in the Directive shall have the
    same meaning as in the Directive.

  4. Any reference in these Regulations to a line shall, without prejudice to
    paragraph (3), be construed as including a reference to anything that performs
    the function of a line, and "connected", in relation to a line, is to be construed
    accordingly.

Top

Revocation of the Telecommunications (Data Protection and Privacy) Regulations 1999

 
 

     The Telecommunications (Data Protection and Privacy) Regulations 1999( ) and the
     Telecommunications (Data Protection and Privacy) (Amendment) Regulations
     2000( ) are  hereby revoked.

Relationship between these Regulations and the Data Protection Act 1998

 


 
 

      Nothing in these Regulations shall relieve a person of his obligations under the Data
      Protection Act 1998 in relation to the processing of personal data.

Top

Security of public electronic communications services

 
 


  1. Subject to paragraph (2), a provider of a public electronic communications service ("the service provider") shall take appropriate technical and organisational measures to safeguard the security of that service.

  2. If necessary, the measures required by paragraph (1) may be taken by the service provider in conjunction with the provider of the electronic communications network by means of which the service is provided, and that network provider shall comply with any reasonable requests made by the service provider for these purposes.

  3. Where, notwithstanding the taking of measures as required by paragraph (1), there remains a significant risk to the security of the public electronic communications service, the service provider shall inform the subscribers concerned of-
    1. the nature of that risk;
    2. any appropriate measures that the subscriber may take to safeguard against that risk; and
    3. the likely costs to the subscriber involved in the taking of such measures.

  4. For the purposes of paragraph (1), a measure shall only be taken to be appropriate if, having regard to-
    1. the state of technological developments, and
    2. the cost of implementing it,
    it is proportionate to the risks against which it would safeguard.

  5. Information provided for the purposes of paragraph (3) shall be provided to the subscriber free of any charge other than the cost to the subscriber of receiving or collecting the information.

Top

Confidentiality of communications

 
 


  1. Subject to paragraph (4), a person shall not use an electronic communications network to store information, or to gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met.

  2. The requirements are that the subscriber or user of that terminal equipment-
    1. is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and
    2. is given the opportunity to refuse the storage of or access to that information.

  3. Where an electronic communications network is used by the same person to store or access information in the terminal equipment of a subscriber or user on more than one occasion, it is sufficient for the purposes of this regulation that the requirements of paragraph (2) are met in respect of the initial use.

  4. Paragraph (1) shall not apply to the technical storage of, or access to, information-
    1. for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network; or
    2. where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user.

Restrictions on the processing of certain traffic data

 


 
 


  1. Subject to paragraphs (2) and (3),traffic data relating to subscribers or users which are processed and stored by a public communications provider shall, when no longer required for the purpose of the transmission of a communication, be-
    1. erased;
    2. in the case of an individual, modified so that they cease to constitute personal data of that subscriber or user; or
    3. in the case of a corporate subscriber, modified so that they cease to be data that would be personal data if that subscriber was an individual.

  2. Traffic data held by a public communications provider for purposes connected with the payment of charges by a subscriber or in respect of interconnection payments may be processed and stored by that provider until the time specified in paragraph (5).

  3. Traffic data relating to a subscriber or user may be processed and stored by a provider of a public electronic communications service if-
    1. such processing and storage are for the purpose of marketing electronic communications services, or for the provision of value added services to that subscriber or user; and
    2. the subscriber or user to whom the traffic data relate has given his consent to such processing or storage; and
    3. such processing and storage are undertaken only for the duration necessary for the purposes specified in subparagraph (a).

  4. Where a user or subscriber has given his consent in accordance with paragraph (3), he shall be able to withdraw it at any time.

  5. The time referred to in paragraph (2) is the end of the period during which legal proceedings may be brought in respect of payments due or alleged to be due or, where such proceedings are brought within that period, the time when those proceedings are finally determined.

  6. Legal proceedings shall not be taken to be finally determined-
    1. until the conclusion of the ordinary period during which an appeal may be brought by either party (excluding any possibility of an extension of that period, whether by order of a court or otherwise), if no appeal is brought within that period; or
    2. if an appeal is brought, until the conclusion of that appeal.

  7. References in paragraph (6) to an appeal include references to an application for permission to appeal.

Top

Further provisions relating to the processing of traffic data under regulation 7

 
 


  1. Processing of traffic data in accordance with regulation 7(2) or (3) shall not be undertaken by a public communications provider unless the subscriber or user to whom the data relate has been provided with information regarding the types of traffic data which are to be processed and the duration of such processing and, in the case of processing in accordance with regulation 7(3), he has been provided with that information before his consent has been obtained.

  2. Processing of traffic data in accordance with regulation 7 shall be restricted to what is required for the purposes of one or more of the activities listed in paragraph (3) and shall be carried out only by the public communications provider or by a person acting under his authority.

  3. The activities referred to in paragraph (2) are activities relating to-
    1. the management of billing or traffic;
    2. customer enquiries;
    3. the prevention or detection of fraud;
    4. the marketing of electronic communications services; or
    5. the provision of a value added service.

  4. Nothing in these Regulations shall prevent the furnishing of traffic data to a person who is a competent authority for the purposes of any provision relating to the settling of disputes (by way of legal proceedings or otherwise) which is contained in, or made by virtue of, any enactment.

Top

Itemised billing and privacy

 
 


  1. At the request of a subscriber, a provider of a public electronic communications service shall provide that subscriber with bills that are not itemised.

  2. OFCOM shall have a duty, when exercising their functions under Chapter 1 of Part 2 of the Communications Act 2003, to have regard to the need to reconcile the rights of subscribers receiving itemised bills with the rights to privacy of calling users and called subscribers, including the need for sufficient alternative privacy-enhancing methods of communications or payments to be available to such users and subscribers.


    Crown Copyright Acknowledged

Next
 

Legal documents   |   Divorce help   |   Special document drafting   |   Legal advice   |   Wills services  |   Free legal articles  |   County courts   |   Crown courts   |   Magistrate courts   |   Share success as lawyer  |   Net Lawman worldwide network  |   Related law and business services

Contact us   |   Who we are   |   Special sales partners   |   Terms and conditions   |   Privacy policy   |   Sitemap

© 2000 - 2006 Net Lawman Ltd. All rights reserved.