EU #cookie hypocrisy?May 28, 2012
So, how many websites have you checked out for cookie compliance?
Well the first on my list this morning was Europa, the official website of the EU. I’ve chosen this, because its the EU that has landed the new cookie rule on us all. You can find the homepage here:
As you can see, there’s nothing here on the homepage about cookies. So, lets dig a little deeper. If you enter by the English pages, you arrive at http://europa.eu/index_en.htm, where you will find “Legal Notice” links. Click on one of those (at the top or the bottom of the page) and you’ll be taken to http://europa.eu/geninfo/legal_notices_en.htm, where you’ll find the following information about cookies:
What are cookies?
To make this site function properly, we sometimes place small data files on your computer, known as cookies.
Most big websites or internet service providers do this too. Cookies help the site remember your settings – language, font size and other preferences for how you want to view the site on your computer – so you don’t have to keep re-entering them whenever you come back to us.
Also, a number of pages on EUROPA show a survey box that asks you if the content was helpful or not. We store a cookie for this too, so we know not to show the box again once you’ve responded.
Our cookies are not used to identify you personally. They’re just there to make the site work better for you.
How you can control cookies
You can control and/or delete cookies as you wish – for details, see AboutCookies.org.
You can delete all the cookies already on your computer and you can set most browsers to block them being placed. But if you do this, you may have to manually adjust some preferences every time you visit the site.
This doesn’t half look like the old-fashioned “opt-out” approach. There’s no-way this would satisfy the new consent rule!
And if you do the same exercise for the European Commission – the entity that cooked up the new cookie rule – you’ll be met with the same approach. Being here http://ec.europa.eu/index_en.htm if you want to check for yourself, which takes you to http://ec.europa.eu/geninfo/legal_notices_en.htm and the same message about cookies.
Or, how about a visit to the Article 29 Working Party, the EU body made up of the national data protection regulators? A google search takes you to this landing page http://ec.europa.eu/justice/data-protection/article-29/index_en.htm from where you can go to http://ec.europa.eu/geninfo/legal_notices_en.htm. Its the same result.
Perhaps the European Data Protection Supervisor is telling a different story, after all, he’s been one of the most vocal critics of bad data protection? Well, his home page is http://www.edps.europa.eu/EDPSWEB/, but there’s nothing on it about cookies. From there you can enter the English pages at http://www.edps.europa.eu/EDPSWEB/edps/EDPS?lang=en. From there you can find the Legal Notice at http://www.edps.europa.eu/EDPSWEB/edps/EDPS/Legal_notice, where you’ll find this wording about cookies:
The EDPS website uses two session cookies which are essential for the website to operate. The first cookie contains the username ‘guest’ used by each visitor on the site and the second cookie contains a hash key to allow the server to bind the visitor to the session on the server. Both session cookies are deleted when the visitor closes his Internet browser.
So, there we have it. The entities that have delivered cookie obligations for all of us do not live by their own ideals. Perhaps they may argue that they’re not bound by the new cookie rule, but that’s unlikely to impress anyone.
Comments are closed.