🇪🇺 Live Privacy & Data Protection

EU ePrivacy Directive (Directive 2002/58/EC)

Regulates privacy in electronic communications, including cookies, direct marketing, and traffic data in the EU.

View official source document

Rules extracted

137

Obligations decomposed

7.2x

Avg obligations per rule

🇪🇺 European Union

Jurisdiction

About this regulation

Directive 2002/58/EC concerns the processing of personal data and the protection of privacy in the electronic communications sector. It supplements Directive 95/46/EC (now GDPR) with sector-specific rules on confidentiality of communications, traffic data, location data, calling line identification, directories, unsolicited communications (spam), cookies and tracking technologies, and breach notification. Amended by Directive 2006/24/EC and Directive 2009/136/EC (Cookie Directive). Applies to providers of publicly available electronic communications services and networks in the EU.

What AuditDSS covers

Source

Regulation

Extracted

Rules

Decomposed

137

Obligations

7.2x

Decomposition ratio

Each rule is decomposed into an average of 7.2 atomic obligations — the smallest testable units that can be independently violated.

Fully extracted & scored

All 137 obligations have been decomposed, titled, risk-scored, and embedded for semantic matching.

Risk scoring

Every obligation in ePrivacy Directive is scored across independent risk dimensions:

Obligation Weight

How critical within the regulatory framework

Violation Likelihood

How often breached in practice

Enforcement Evidence

Regulator enforcement history and penalties

Cascade Dependency

How many obligations depend on this one

Regulatory details

Full title: EU ePrivacy Directive (Directive 2002/58/EC)
Regulatory body: European Parliament and Council
Jurisdiction: 🇪🇺 European Union
Document type: directive
Effective date: October 31, 2003
Issuing authority: European Parliament and Council of the European Union
Industry: Privacy & Data Protection
Official source: View source document ↗

Who this applies to

electronic communications providersnetwork operatorsinformation society service providersdirect marketersdirectory providers

Key requirements

confidentiality of communications
cookie consent
traffic data erasure
location data consent
opt-in for direct marketing
breach notification
subscriber directories consent

Frequently asked questions about ePrivacy Directive

What is ePrivacy Directive?

Who does ePrivacy Directive apply to?

ePrivacy Directive applies to electronic communications providers, network operators, information society service providers, direct marketers, directory providers.

How many obligations does ePrivacy Directive contain?

AuditDSS has decomposed ePrivacy Directive into 137 atomic obligations from 19 rules. Each obligation is independently testable and risk-scored.

What are the key requirements of ePrivacy Directive?

The key requirements include: confidentiality of communications, cookie consent, traffic data erasure, location data consent, opt-in for direct marketing, breach notification, subscriber directories consent.

How can I assess my ePrivacy Directive compliance?

Upload your compliance policy to AuditDSS. The platform maps your document against all 137 ePrivacy Directive obligations using deterministic AI scoring — not checklists or LLM summaries. You get a risk-scored gap analysis showing exactly which obligations are covered, partially covered, or missing.

Which jurisdiction enforces ePrivacy Directive?

ePrivacy Directive is enforced in European Union by European Parliament and Council.

When did ePrivacy Directive come into effect?

ePrivacy Directive became effective on October 31, 2003.

What industry does ePrivacy Directive apply to?

ePrivacy Directive is primarily relevant to the Privacy & Data Protection industry. AuditDSS covers 71 regulations in this industry sector.

Build a ePrivacy Directive compliance pack

Don't have a compliance policy yet? AuditDSS generates a complete compliance pack for ePrivacy Directive — alone or combined with other regulations your business needs. Every clause is mapped to specific obligations.

Policy

High-level commitments and governance framework covering ePrivacy Directive requirements.

Procedures

Step-by-step operational procedures to implement each policy commitment.

Forms & checklists

Ready-to-use forms, registers, and checklists for day-to-day compliance operations.

Multi-regulation

Combine ePrivacy Directive with other regulations into a single unified compliance pack for your business.

Build ePrivacy Directive compliance pack

Already have a policy? Assess it against ePrivacy Directive

Upload your document

Upload your compliance policy, program manual, or operational document. AuditDSS accepts any text-based document.

AI maps against 137 obligations

Your document is scored against every obligation in ePrivacy Directive. Each claim is mapped to the obligation tree and evaluated for coverage.

Risk-scored gap report

Receive every gap ranked by risk priority with remediation guidance, enforcement evidence, and cascade impact analysis.