ePrivacy Directive

Summary

ePrivacy Directive is an important legal instrument for privacy in the digital age, and more specifically for the confidentiality of communications and the rules regarding tracking and monitoring. The version used in this section is Directive 2002 58 EC (amended by E-privacy Directive 2009 136 EC).

Definitions

Definition	Requirements
4_1a. Security of processing	083. Avoid logging sensitive data 156. Source code without sensitive information 176. Restrict system objects 177. Avoid caching and temporary files 180. Use mock data 181. Transmit data using secure protocols 183. Delete sensitive data securely 185. Encrypt sensitive information 210. Delete information from mobile devices 261. Avoid exposing sensitive information 265. Restrict access to critical processes 300. Mask sensitive data 320. Avoid client-side control enforcement 329. Keep client-side storage without sensitive data 375. Remove sensitive data from client-side applications
6_1. Traffic data	183. Delete sensitive data securely
6_3. Traffic data	312. Allow user consent revocation
6_4. Traffic data	189. Specify the purpose of data collection 310. Request user consent 315. Provide processed data information 343. Respect the Do Not Track header
9_1. Location data other than traffic data	189. Specify the purpose of data collection 310. Request user consent 315. Provide processed data information 343. Respect the Do Not Track header

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.