What is the cookie consent law?
The European cookie consent law, the ePrivacy Directive, is an integral part of the European Union Data Privacy Framework. This is part of the effort to secure the online privacy of EU Citizens and you should ensure that you utilize a compliant cookie consent banner for your website.
The law was issued in 2002 from the EU and amended in 2009. This law affects a user’s experience of managing cookies and tracking technologies. So, it is developed to make sure that privacy concerns are better dealt with!
The origin of the Cookie Law
This law aims at enforcing and securing the privacy rights of individuals. The EU Charter of Fundamental Rights (Article 8), stated that,
“Everyone has the right to the protection of personal data”, and that “such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned”.
Consequently, the EU cookie law is the ePrivacy Directive, passed to protect the privacy of EU citizens. So, this provides guidelines regarding the privacy of EU citizens in relation to electronic communications as part of the wider EU efforts to establish a cohesive framework.
Purpose and agenda of EU cookie law
It can be taken as a user defense against the World Wide Web of online tracking, personal profiling, unsolicited marketing tactics and non-consensual harvesting of data by third parties. However, it is thought to be a compulsion due to legal complexities in some countries such as Europe.
Hence, protection of user privacy is the primary objective of this law. As the Directive reads, “the right to private life, the confidentiality of communications and the protection of personal data in the electronic communications sector”. So, the privacy concerns are highlighted in this statement.
New York times declares Europe as leading watchdog in the world.
What is the meaning of cookie law under GDPR?
The cookie consent law under the General Data Protection Regulation (GDPR)relates to how other people are dealing with your digital data, what actions they can take with or without your consent. Therefore, it is imperative to comply with such laws.
The EU cookie consent vs GDPR
Do not confuse these two legislations, the EU cookie law and the General Data Protection Regulation (GDPR). See what differences both have:
The EU cookie law / ePrivacy Directive
The ePrivacy Directive is an old legal act, issued in 2002 and amended in 2009. It deals with cookies, data retention and unsolicited e-mailing. Know that it is a directive which will be implemented differently in the 28 member states of the EU.
The General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a new regulation, which came into force in the European Union in May 2018. The scope of GDPR is more significant than the previous ePrivacy Directive. Moreover, Its primary focus is data protection (covering all forms of personal data) and how companies and organizations are playing their part in securing transparency and registering user consent.
It is incredible to realize that the GDPR has flagged up the word “Cookie” only once.
How to comply with the EU cookie law
It gets messy when you have to keep different laws and regulations in mind or to deal with different cookies.
Being a website owner, you need to keep the following key points in mind with respect to cookies:
- It is important to explain cookies and trackers. So that your users can easily make an informed choice of consent or revoke it according to his/ her preferences.
- On your website, you can disable cookies and trackers until you receive clear and explicit consent by a user on every cookie and tracker.
- User should give consent willingly. For instance, you should not make a user give necessary consent in order to avail services from your website.
- Being a responsible website service provider, it depends on how you tackle and protect data from a third-party. You must have a clear idea which third-party trackers your website might harbour and what they relate to such as video plugins or social media services.
- Hence, You must implement a GDPR compliant cookie consent banner on your website.
Frequently Asked Questions (FAQs)
Q. Is it important to get cookie consent?
Yes, this clarifies that you, as a website owner, must show details on how and why you are using cookies. Your visitors must have an opportunity to withdraw and refuse consent at any time. So, that it informs them about the cookies and trackers.
Q. Does the US have cookie law?
Yes, the US requires companies that transact business in California to comply with the California Consumer Privacy Act (CCPA) and all affected websites should implement a CCPA compliant cookie consent banner.
Q. What are the expectations for cookie consent under GDPR?
The General Data Protection Regulation (GDPR) and ePrivacy Directive deal with how you, a site owner should obtain and store cookie consents for all EU visitors to your website. Therefore, it is important to understand these expectations.
Q. What are the requirements?
The EU parliament declared it necessary for every state within the European Union to follow the cookie law. Under this law, you have to obtain informed consent prior to storing or retrieving information on any user’s device.
Q. What is consent?
Finally, Consent is actually getting permission from the user. In this statement, “informed” indicates that a site must show its users what type of cookies they use and also inform users of its purpose.
Q. What is a compliant cookie consent banner?
A compliant cookie consent banner must:
- provide the ability to obtain clear, prior and explicit consent.
- provide the ability to scan a website periodically and identify all the different types of cookies
- enable users to set preferences for the different types of cookies
- provide a consent log
In conclusion, Seers provides a market-leading cookie consent banner that encompasses all the above features and more!