![]() |
Thousands of UK websites are expected to be in
breach of a law that dictates what they can log about visitors.
European laws
that define what details sites can record in text files called cookies come
into force on 26 May. Cookies are widely used to customise what repeat visitors
see on a site and by advertisers to track users online.
The regulations say websites must get "informed consent" from
users before they record any detailed information in the cookies they store on
visitors' computers.
Among
websites that have complied with the law, getting consent has involved a pop-up
box that explains the changes. Users are then asked to click to consent to
having information recorded and told what will happen if they refuse.
The EU Directive
2009/136/EC (PDF), known as the E-Privacy Directive. The broad
legislation was first passed into European law two years ago, essentially
forming a series of amendments to federal rules regarding electronic
communications and data privacy.
One
section of that directive — Article 5(3) — that applies to the use of data
storage by websites. And for the most part, that boils down to cookies.
Member
States shall ensure that the storing of information, or the gaining of access to
information already stored, in the terminal equipment of a subscriber or user
is only allowed on condition that the subscriber or user concerned has given
his or her consent, having been provided with clear and comprehensive
information… about the purposes of the processing.
The rule is already theoretically in force across Europe, but the truth
is that it’s a complete patchwork. It comes into force
in the U.K. on May 26, 2012.
|