incl. also interesting links to other EU papers (e.g. on cloud)
Sadly from Nov 2016, so with GDPR in mind, but not in force, yet.
Covered technologies include
Web caching mechanisms
HTML5 local storage
“Canvas fingerprinting” and “Evercookies”
Enforcement actions by ICO on cookies
Detail of the e-privacy regulation is still being debated, but a default for all consumer marketing to be opt-in is in the current draft.
Until the e-privacy regulation comes into force, PECR will sit along side the GDPR.
That means electronic marketing will require consent. Yes, there is potential to use legitmate interests as a legal basis for processing in some circumstances, but you must be confident that you can rely on it.
It seems to me that a lot of energy and effort is being spent on trying to find a way to avoid consent. That energy and effort would be much better spent establishing informed, active, unambiguous consent.
You say you will lose customers. I say you will have better engagement with them and be better able to direct more targeted marketing to them. You will have complete confidence that your customers have given informed consent.
Good article by Phil Lee that summarizes the current discussions.