From Third-Party to First-Party: Adapting to ePrivacy Directive Guidelines 02/2023

Jun 25, 202403 minute read

From Third-Party to First-Party: Adapting to ePrivacy Directive Guidelines 02/2023

blogdetail image
From Third-Party to First-Party: Adapting to ePrivacy Directive Guidelines 02/2023

Did you know that under the latest ePrivacy Directive Guidelines 02/2023, released on November 14th, 2023, all third-party consent solutions are now deemed non-compliant? This significant update has reshaped the landscape of digital privacy, compelling businesses to rethink their approach to user consent and data protection.

Ensuring Compliance for First-Party Analytics

Many website owners are unaware that consent is also required for first-party analytics. This misconception can lead to unintentional non-compliance with privacy regulations. It's crucial to understand that whether data is collected by a third-party service or directly by your site, obtaining explicit user consent is mandatory.

Empowering Users Against Big Tech Data Abuse

The ePrivacy Directive Article 5(3) is a cornerstone in the fight against data abuse by Big Tech. This provision mandates that users must give informed consent before any data can be collected from their devices. It places the power back into the hands of the users, ensuring they are aware of and agree to the data collection practices of websites and apps they interact with. By enforcing this legal framework, the directive aims to curb the invasive data collection practices commonly employed by large technology companies, promoting greater transparency and user autonomy in the digital landscape.

A notable example of this impact is Meta's recent decision to cease using data collected from users in the EU for training its AI models. This move underscores the power of the ePrivacy Directive, which ensures that users in the EU have robust protections and the right to informed consent. In contrast, users outside the EU often lack such stringent protections, highlighting the importance of similar regulatory frameworks globally to prevent data misuse and enhance user privacy.

However; this makes little difference if 97% of the website- and e-commerce store owners are rampantly collecting and sharing data with BigTech, without informed due consent.

Navigating GDPR and the ePrivacy Directive

Over the past few months, I have dedicated my articles to dissecting the ePrivacy Framework to aid business owners and industry professionals in navigating the new requirements introduced with Guidelines 02/2023. These articles stemmed from my coverage of the Danish E-Commerce Awards, where privacy scans of nominees and winners revealed a widespread lack of compliance with the new guidelines.

AesirX also offers a free Privacy Advisor AI Assistant that helps to explain the scanned results from the EDPS Inspection Tool and offers concrete recommendations on what is needed to resolve compliance issues found in the scan result.

The Need for Awareness and Tools

The findings from scanning the Danish E-Commerce Awards nominees and winners showed a critical lack of awareness regarding data protection and privacy. This gap in compliance led us to release the AesirX Privacy Scanner and the world's first Privacy Advisor AI earlier this year.

We also launched our AesirX First-Party Foundation as our Open Source and Free 1 click installable seamless compliant analytics and consent platform for WordPress/Woo, Joomla! and Drupal as well as implementation through JS in various forms covering up to 95% of all sites online today.

These tools are designed to empower business owners and industry professionals by providing the technical resources and knowledge needed to stay compliant as well as access to open-source solutions that make it possible for everyone, without consideration of budget, to be compliant.

I hope this series of articles increases awareness and provides concrete knowledge and access to tools and solutions to reduce the 97% of websites currently at high risk. Together, we can make the web a safer place for everyone, ensuring that visiting a website or an e-commerce store doesn't mean having your personal data collected, shared, and abused without your consent.

Ronni K. Gothard Christiansen // VikingTechGuy


Do you want to learn more about AesirX?

Join our community and catch up with all the latest information and news on Telegram

Enjoyed this read? Share the blog!