UK Privacy and Electronic Communications Regulations (PECR)

Quick Reference

Question	Answer	Section
Need consent for marketing emails?	Yes	Reg 22
Need consent for cookies?	Yes (with exceptions)	Reg 6
Can email existing customers?	Yes, if soft opt-in met	Reg 22(3)
Applies to B2B?	Yes	Reg 22A
Maximum fine?	£500,000	Reg 31

---

Contents

Part 1: General

• Reg 1: Citation and commencement
• Reg 2: Interpretation

Part 2: Security of Electronic Communications

• Reg 5: Security of public electronic communications services
• Reg 5A: Personal data breach

Part 3: Cookies and Traffic Data

• Reg 6: Confidentiality of communications (Cookies) ← Most referenced
• Reg 7: Restrictions on processing of traffic data
• Reg 8: Itemised billing and call identification

Part 4: Marketing Communications

• Reg 19: Directories of subscribers
• Reg 20: Use of automated calling systems
• Reg 21: Use of fax for direct marketing
• Reg 22: Use of electronic mail for direct marketing ← Most referenced
• Reg 22A: Direct marketing to corporate subscribers
• Reg 23: Telephone calls for direct marketing
• Reg 24: Information requirements

Part 5: Enforcement

• Reg 26: Enforcement - Loss or unauthorised access to data
• Reg 31: Monetary penalties

---

Regulation Map (All Chunks)

Every section of the UK PECR coverage is listed here for full-text lookup and agent navigation.

Core Chunks

• PECR: Citation and Commencement (Regulation 1)
• PECR: Directories of Subscribers (Regulation 19)
• PECR: Interpretation & Definitions (Regulation 2)
• PECR: Automated Calling Systems (Regulation 20)
• PECR: Fax Marketing (Regulation 21)
• PECR: Claims Management & Pensions Cold Calling (Regulations 21A-21B)
• PECR Regulation 22: Marketing Emails, Texts and Electronic Mail
• PECR Regulation 22A: Marketing to Corporate Subscribers
• PECR: Telephone Marketing Calls (Regulation 23)
• PECR: Information Requirements (Regulation 24)
• PECR: TPS Register (Regulation 26)
• PECR: Monetary Penalties (Regulation 31)
• PECR: Security of Communications Services (Regulation 5)
• PECR: Personal Data Breach (Regulation 5A)
• PECR Regulation 6: Cookies and Similar Technologies
• PECR: Traffic Data (Regulation 7)
• PECR: Itemised Billing and Call Identification (Regulation 8)

Full Text — Framework

• PECR: Administrative and Supplementary Provisions

---

Enforcement

Regulator: Information Commissioner’s Office (ICO)

Maximum penalty: £500,000 per breach

Powers: Investigation, enforcement notices, monetary penalties

---

Source

• Full PECR Text (legislation.gov.uk)
• ICO Guide to PECR