Is EU Cookie Law in Disarray?
The EU e-privacy directive came into law last year, 25 May 2011, but in the UK it was deferred for 12 months to give site owners the opportunity to comply with the legislation: Can I have a cookie, please?.
Hypocrisy appears to reign in European Union!
What’s new I heard some murmur.
Very little seems to have been done on any level, by anyone, and if this report European Union Caught With Its Hand In The Cookie Jar is correct it stirs up further confusion and highlights the short-sighted and overbearing imposition of this iniquitous law which will only confuse visitors and do very little in terms of aiding and improving privacy which is supposed to be the purpose of its introduction.
And, it appears that many sites operated by the EU like the European Parliament and the European Commission are still installing cookies without asking for their visitor’s permission. So much for the rule of law, then!
To further confuse the issue, recent comments indicates that the ICO are likely to regard some 3rd party cookies, eg analytics, as less intrusive, although not exempt from enforcement, but will take a more lenient approach to their continued use: Enforcement of cookie consent law for analytics not a priority.
Non EU companies are exempt
Lastly, it only affects companies who operate from within the EU’s borders regardless of where their hosting is based so EU companies cannot simply host their sites in the US or elsewhere to opt-out.
The corollary is that a non-EU company selling into the EU could have their sites hosted in EU but without any requirement to comply with the directive.
How ridiculous is that!
What have you done to comply, probably very little?
It finally came into force on 26 May 2012 but it would appear few businesses have yet taken any steps to comply. Evidenced by the fact that as one goes about their internet browsing, few sites appear to be making any attempt to request visitors to give consent.