The European Union (EU) ePrivacy Directive (AKA the Cookie Law) come into force in the UK on 26th May 2012 and elsewhere in Europe shortly afterwards.

The law aims to protect the privacy of EU citizens as they use the internet, and actually covers several aspects of privacy, not just cookies. The UK Information Commissioners Office (ICO) says:

“Cookies or similar devices must not be used unless the subscriber or user of the relevant terminal equipment:

(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and
(b) has given his or her consent.

The Regulations are not prescriptive about the sort of information that should be provided, but the text should be sufficiently full and intelligible to allow individuals to clearly understand the potential consequences of allowing storage and access to the information collected by the device should they wish to do so.”

Source: ICO website, May 2012

What this means for website owners?

All websites must comply to the  EU ePrivacy Directive  else owners face an investigation and potentially a €500,000 fine.

What about website owners that are non EU citizens?

Although the law aims to protect the privacy of EU citizens as they use the internet, as law abiding citizens outside EU,  we believe in  every effort must also be made to ensure the website is GDPR compliance.