That's the question that my colleague, Bryony Long, and I looked at when we hosted our ePrivacy seminar at Lewis Silkin’s offices this week. Judging by the great attendance and lots of insightful comments and remarks, this is clearly a question on a lot of peoples’ minds!

During the session, we looked at how the GDPR has impacted the current ePrivacy regime with a particular focus on direct marketing and cookies. We also explored some of the challenges faced by the adtech industry which arises from the large volume of personal data (including special category data) being processed over a complex data supply chain.

We ended the session by looking at what we can expect from the proposed ePrivacy Regulation. We mentioned that we are waiting for movement and, as it happens, the Finnish Presidency of the Council of the EU has just issued an updated draft of the proposed Regulation. We are still digesting this proposal, which you can find here, but as an initial comment we (and no doubt marketers up and down the country) are relieved to see that the words “or presented” haven’t made their way back in to the definition of “direct marketing communication”, as any inclusion of that could have far reaching implications for targeted and online behavioural advertising. But we are still a long way off from a final text, so watch this space.

While regulation might not be killing the sector, it is certainly trying to shine a light through a very murky ecosystem and give control back to users. While there remain many shades of grey, particularly around use of analytics cookies, we are now becoming clearer on what the regulator expects so it will be interesting to see what level of risk, if any, organisations are willing to take.

If you are interested in seeing a copy of our slides, please contact me or Bryony.