What is a Cookie?
Cookies are small text files that the website stores on a visitor's computer. The website or a third-party places cookie for various purposes. The cookies monitor the user activity on the site and deliver personalized content.
Some cookies are necessary for a website to function properly. Hence, they are called strictly necessary cookies. Other types of cookies collect user data and record online user behavior. They are mostly known as tracking cookies, and they are often third-party cookies. These are the ones that raise privacy concerns among the users because the monitoring and data collection often happen without the user’s knowledge.
Read more about how cookies track here.
This article focuses on the clause that gave the ePrivacy Directive its title "EU Cookie Law."
EU Cookie Law
ePrivacy Directive (ePD), introduced in 2002 and later, amended in 2009, is an EU directive on data protection and privacy. There is a specific clause concerning cookies. That is why the Directive came to be known as the EU Cookie Law. It gave the EU member states a framework to make their own laws to implement the Directive. All EU member states since adopted the Directive in 2011 and implemented their laws.
The Cookie Law’s key takeaway is the prior consent for using cookies. It mandates that the websites must obtain user consent before placing any cookie on the user's device. The law exempts strictly necessary cookies from this. The Directive agrees that cookie is a useful technology; however, it can also affect user privacy. It mandates that a website must:
- Provide clear and precise information about the cookies (including strictly necessary ones) and their purpose when users visit a website.
- Get prior consent from users to store the cookies on their device.
- Make available an option for users to deny consent to use the cookies.
- Make the means of providing cookie information, opt-out option, and requesting consent as user-friendly as possible.
- Allow access to website content that may not use the cookie denied by the users.
How to Comply with Cookie Law
To comply with the EU cookie law, a website owner must ensure:
- Reviewing all the cookies your website uses and be aware of their purpose.
- Implementing a cookie banner to let users notify about the usage of cookies on the site.
- Asking prior consent from users.
- Providing a link to the website policy on the cookie banner where users can manage their consent.
In 2017, the EU proposed a regulation known as ePrivacy Regulation (ePR), which will soon repeal ePD. Unlike the Directive, it will become a mandatory law across all member states once it comes into effect. The final draft is expected to address some concerns regarding cookie consent.
CookieYes offers cloud-based cookie consent solutions for your website. You can choose between various consent types and implement a cookie banner that complies with both the cookie law and GDPR. Read this article to know more about it.
|Disclaimer: The purpose of this article is to share general information only. Therefore, for any legal help with compliance, please contact a lawyer specialized in the area.|