Welcome to Cookie Watch, One North’s new blog series for tracking developments in the EU privacy directive. Note: This article does not constitute legal advice. If you have questions about the applicability of these laws and directives for your business, contact a legal expert for help.
Starting off the first post in a series by questioning the existence of the very topic that the series covers may seem curious, but then again, so are the EU cookie laws.
Before diving in on this first post, let me provide a little background:
As the web has evolved, so have the ways in which website operators can track you. This potentially leads to privacy issues. The EU started looking to address issues with data privacy as early as 1995, and in 2009 came out with additional clarifications aimed largely at the usage of cookies.
The EU’s current directive in a nutshell states: Visitors to your website need to know what you are tracking. To address its concerns, the EU has directed its member states to pass laws aimed at informing visitors of the presence of cookies. This has become commonly known as the EU Cookie Directive. Though not every EU member has yet passed laws to address the concerns, the UK’s version came into law this year. Many have questions about the directive and the UK’s implementation, but few have done much about it. This series is here to help you find information, but should not be seen as specific advice for how you handle the cookie laws. That’s up to you and your legal advisors.
Back to today’s topic: Are the cookie laws dead?
The answer, simply, is no. However, you’d never know that if you just happened to read this post from UK development company, Silktide. The post is the denouement of its valiant attempt at getting sued. A few weeks ago, the company launched the fantastically humorous nocookielaw.com with a clear message for the ICO (the group overseeing the implementation of the EU directive in the UK). The message: we think the law is silly and confusing, we’ve tried to violate the law, please sue us so we can get this figured out.
Unfortunately, or fortunately, the campaign “failed.” The ICO did not sue the company, and instead decided to tweet: “You know what cookies you’re using and you told people you’re using them... Well done.”
From that, Silktide concludes that the cookie laws, at least in the UK, are more or less meaningless. We conclude a bit differently, but love the gumption.
The cookie laws are not dead, but continue to be clarified. We can take away the following from this exercise:
- Communication is key. Your visitors must know what they are getting into.
- The UK is okay with implied consent in many instances (we already knew that, but now we kind of believe it).
- The UK may be a bit more lenient than other members of the EU.
- Depending on your location, it may be illegal to eat a mince pie on Christmas.
As the cookie laws continue to develop, we’ll keep you updated, both here on our blog and through a curated collection of bookmarks to relevant sites and articles that we’ll post to delicious. You can find that collection here and subscribe to the RSS feed.