On May 25, 2011, Directive 2009/136/EC, an amendment to a similar 2002 privacy directive, went into effect in the European Unions, requiring websites to seek permission from website users to place cookies on their browser.
Cookies are small text files which are saved on a user’s browser and track where users go on the internet, whether they are searching on Google or filling out a form. Most users are oblivious to this technology, but marketers count on them--as well as other tracking tools and software—to gather valuable data about who their users are and how they are behaving on a given website .
Hence, the directive seeks to make users aware of what types of information are being tracked so that the user can choose to give their permission, or not. How this should be done is under a lot of debate for many reasons. And, one of the most talked-about solutions—the pop-up message window—is cumbersome. How many questions does a user need to be asked for permission and how many times will the user need to be asked these questions to protect their privacy?
Fortunately for UK organizations, the UK Communications minister, Ed Vaizey and the Information Commissioner’s Office (ICO) have come to an agreement to give website owners more time to implement the directive. According to an article on guardian.co.uk titled “Ed Vaizey and ICO come to truce over EU directive on ‘cookies,’” UK website operators now have until May 25, 2012 to ‘get their house in order,’ recognizing that a viable solution and its implementation will not be easy.
EU website operators can rest a little easier for the time being, but some retailers may feel pressure from their non-EU competitors and regulators who may levy stiff fines for non-compliance.
If you work for a global company and are not sure if your website is considered to be an EU-operated website, contact your legal counsel for more information. The information in this blog is certainly not a substitute for legal advice.
- The now-in-effect EU privacy directive 2009/136/EC requires websites to gain approval from users before placing cookies on the user’s browser.
- Website owners operating in the UK have been given until May 25, 2012 to comply.