e-Communications directive: MEPs vote on cookie compromise

Marc Dautlich, Olswang ZDNet.co.uk

Published: 11 Jun 2002 16:02 BST

Spam e-mail and SMS: in relation to unsolicited marketing communications, the debate has centred on whether the approach should be "opt-in" (meaning that marketers may only target those individuals who have given express prior consent) or "opt-out" (whereby marketers would be free to target individuals unless they had registered their wish not to be contacted, e.g. by signing up to an opt out register).

Thursday's vote means that all EU Member States must implement opt-in legislation. Different EU countries currently have a variety of regimes, the UK being opt-out. The opt-in approach is softened somewhat by a provision which allows companies to target customers who have bought products or services from them in the past. This is, however, subject to a number of provisos:

Firstly, the customer's details must have been collected in the context of a "sale" -- on a strict interpretation, this could rule out the use of contact details of potential customers who have merely registered an interest in a service or product. Just how much scope there is to lobby the UK government for a flexible approach on this issue remains to be seen.

Secondly, the customer must have been told about the possible use of his or her data for future marketing at the time it was collected -- i.e. at the time of the initial purchase -- and given the chance to object. The opportunity to opt-out must then be given with each subsequent marketing message.

Thirdly, the customer's details may only be used by the same entity to whom they were given originally. This clearly has implications for transfers of customer lists between group companies and trading partners (although these restrictions already apply under the UK's existing data protection regime.)