We use cookies to ensure that we give you the best experience on our website. You can change your cookie settings at any time. Otherwise, we'll assume you're OK to continue.

Durham University

Information Governance

Privacy and Electronic Communications Regulations (PECR)

The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) sit alongside data protection legislation. All processing of personal data is governed by data protection legislation but when this processing involves electronic communications, some additional rules apply in the form of the PECR. The PECR give individuals specific privacy rights and apply to:

  • Marketing by electronic means, including marketing calls, texts, SMS, emails and faxes
  • The use of cookies or similar technologies that track information about individuals who access a website or other electronic service
  • The security of public electronic communications services.
  • Privacy of customers using communications networks or services as regards traffic and location data, itemised billing, line identification services (e.g. caller ID and return call) and directory listings.

Some of the individual regulations only apply to organisations that provide a public electronic communications network or service. However, even when not a network or service provider, the PECR wil apply to an organisation if it does any of the following:

  • Markets by telephone, email, text, SMS or fax
  • Uses cookies or similar technologies on its websites
  • Compiles a telephone directory (or a similar public directory).

For further information please read the ICO's Guide to PECR.