Browse Definitions :
Definition

Privacy and Electronic Communications Regulations (PECR)

Privacy and Electronic Communications Regulations (PECR) is an implementation of the European Union (EU) e-Privacy Directive in the United Kingtom. 

PECR regulations restrict the processing and sharing of personal traffic data and location data and provide for access to users’ personal data in the interest of national security. The information commissioner has the power to audit the measures taken by a provider of public electronic communications services to comply with personal data breach notification and recording requirements.

The main changes for the 2012 revision relate to new rules for websites using cookies, or similar technologies, as well as new powers that allow the information commissioner to fine organizations up to £500,000 for serious breaches of the regulations. The PECR cookie rules now demand website owners get consent from visitors before using cookies. This is in addition to the existing requirement for websites to provide information about their cookie usage. The cookie rules apply to any means of storing information or gaining access to information stored on a user’s device, except for where the storage or access is vital for a service requested by the user. The latest PECR rules also require communications providers to set up procedures for responding to requests for access to users’ personal data for national security and law enforcement purposes.

This was last updated in April 2012

Continue Reading About Privacy and Electronic Communications Regulations (PECR)

SearchCompliance
  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • race condition

    A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at ...

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

Close