The EU parliament has been discussing ePrivacy Directive and regulations around people’s activities and behaviour being tracked online the past years. On May 25th 2011 the EU Cookie Directive went into force.
The EU Cookie Directive is amended privacy legislation designed to increase consumer protection. The EU Cookie Directive requires websites to obtain informed consent from visitors before they store information on a computer or any web connected device. This is storage is mostly done by cookies, which can then be used for tracking visitors to a site.
The previous privacy legislation required websites to give users information on how they could remove or opt-out of cookies, which was commonly placed in privacy policies that went mostly unread. With the EU Cookie Directive the user of a site will now be required to opt-in when using a website containing cookies. So the website has to block cookies, until visitors have given their informed consent to their use.
The EU Cookie Directive (Directive 2009/136/EC of the European Parliament and of the Council) is an amendment of the Directive 2002/58/EC, which concerns the protection of data and privacy on the web. The most important paragraph in the Directive 2009/136/EC, mentioning the regulations regarding cookies you will find below:
“Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia, about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service.;”