Sorry but epd (ePrivacy Directive)[0] is from 2002 with last amendments in 2009 and has nothing to do with this.
There's a draft for "ePrivacy Regulation"[1][2] introduced in 2017 that looks to replace ePrivacy Directive, but it's still in a draft and discussions stage. There's no guarantee it'll become a law.
Sorry but you’re mistaken. The original ePD applied to messaging services, ie, SMS providers. What changed this year is that a few months ago the EU decided that providers like Messenger should be covered by the regulation too.
But I don't understand how ePD with no changes from 2009 can suddenly include Facebook and others? Unless there have been other regulations passed?
I can't find anything about ePD changes that forces Facebook to do this, all I can find is the upcoming ePR (ePrivacy Regulation) that will affect Facebook and others, but it hasn't been passed yet.
I haven't heard of any privacy/GDPR/ePD changes recently other than the EU-US Privacy Shield invalidation.
Is there anything I can read on the changes you're talking about?
> ...lawyers spoke to the EU and were told this needs to happen right away
Sorry but this is not how EU works and it doesn't make any sense at all.
You can't "speak with the EU", in the same way you can't "speak with the United States of America".
You can speak with a data regulator in a specific country if you wish so. But each one of them is also part of the European Data Protection Board, which ensures the consistent application of data protection rules throughout the EU.
I can understand lawyers speaking with one of the regulators, and been told about the ePR "ePrivacy Regulation" proposal that looks to repeal the ePD "ePrivacy Directive".
But we live in a sane world (at least here in the EU) where impactful regulations and directives don't change overnight without any notice and implementation period. The ePR "ePrivacy Regulation" draft suggests a 24-month transition period, similar what happened with GDPR which was agreed in 2016 and went live in 2018. So the earliest ePR will take effect as of today is 2023.
Having some "lawyers speak with the EU" about some unannounced "internal material" that "need to happen right away" doesn't make sense.
So no, I don't see how your or Facebook changes were influenced by ePD "ePrivacy Directive" from 2002/2009.
There's a draft for "ePrivacy Regulation"[1][2] introduced in 2017 that looks to replace ePrivacy Directive, but it's still in a draft and discussions stage. There's no guarantee it'll become a law.
[0] - https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32...
[1] - https://www.mckinsey.com/business-functions/risk/our-insight...
[2] - https://en.wikipedia.org/wiki/EPrivacy_Regulation