About the EU Cookie Law
Also known as the 'Cookie Directive', the instrument that defines the requirements for consent for cookies across the EU is Directive 2009/136/EC of the European Parliament and of the Council.
This is basically an amendment of earlier directive: Directive 2002/58/EC, and is broadly concerned with the protection of data and privacy on the web and in other forms of electronic communication.
The new directive came into effect on 25 May 2011. The text of the directive is about 26 pages long, but the most important paragraph about cookies can be found on page 20:
“Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia, about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service.;”
In short this means before somebody can store or retrieve any information from a computer, mobile phone or other device, the user must give informed consent to do so.
The intention is to increase the privacy of the end user and prevent organisations from obtaining information about people without them knowing about it.
The other directive mentioned in the above paragraph is an earlier EU directive on data protection.
About EU Directives
Directives are not themselves pieces of law. They constitute a requirement for EU member states to put laws in place that meet the requirements of the directive.
If countries do not pass local laws then the EU can issue legal proceedings against the country. It was reported in 2012 that 5 EU states did have proceedings started against them for failing to enact local cookie laws.
For information about laws in local markets, see Cookie Law in the UK, Cookie Laws Across Europe.
