The EU Cookie Directive (as it is popularly known) is a 2009 amendment to the E-Privacy Directive. It requires companies to obtain your consent to place and access data (like cookies) on your digital device (like your laptop). Despite its popular name, the EU Cookie Directive covers all forms of online tracking technology (like flash objects and device fingerprinting) so it doesn't just apply to cookies.
Why does it matter to me?
As an Internet user in the EU this directive allows you to control companies' ability to track you online. Where companies have complied with this law you will find your browsing experience altered to provide you with notice and choice over online tracking activity on the site.
How does it differ by country?
The question of how to obtain consent has been a tricky one and EU member states have adopted different standards for what qualifies as “consent”, which include:
- Implied Consent – your consent is presumed, unless it’s later withdrawn.
- Express Consent – you must accept tracking activity before it can occur.
What can I expect?
You may see websites use a number of techniques to obtain your consent. Some websites may pre-load a pop-up message that you will have to approve before you can enter the site.
Other websites will include a persistent notice on the footer of every page that allows you to control online tracking on the site. Your experience will vary depending on the country where you access the Internet as well as the sites you visit.
What Are Cookies?
Cookies are small files that companies store on your computer to perform a wide range of tasks – everything from remembering the volume setting of an online video to helping companies show you more relevant advertisements by learning your interests. Remember, cookies are just one way that companies can identify and personalize your online experience, but the EU Cookie Directive covers all types of online tracking (not just cookies).
What Control Do I Have?
TRUSTe has developed its own consent management platform to help websites address the compliance requirement mandated by the Cookie Directive. When you encounter TRUSTe's Consent Manager on a website, you will be able to gain an understanding of the types of tracking activities that could take place and are given a choice on how to provide your consent for the website to proceed with this activity.
How does it work?
You may see websites use a number of techniques to obtain your consent. Some websites may pre-load a pop-up message that you will have to approve before you can enter the site. Other websites will include a persistent notice on the footer of every page that allows you to control online tracking on the site. Your experience will vary depending on the country where you access the Internet as well as the sites you visit because there are different laws in each country that require different methods of consent to be obtained.
- An example of an Implied Consent Message on a website follows below.
- In this case, tracking activities are already taking place and you are given an easy way to withdraw your consent for these tracking activities.
Regardless of how the website implements the initial notice to share the details of the tracking, you will always have access on the site to the Consent Manager that enables you to set and update your consent for the types of tracking cookies that this specific website may use.
- An example of an Express Consent Message on a website follows below.
- In this case, tracking activities cannot take place until you have provided consent for these tracking activities.
- In some cases, certain website functionality or even the entire website may not be available to you until you agree.
When using the Consent Manager to set or update your consent for tracking, you can choose one of three states:
- Required Cookies Only: These cookies are required for the website to operate. You must accept these cookies to use the website. This is the default setting when a website implements Express Consent until you make a change to this setting.
What Role Does TRUSTe Play?
Looking for more information?
When it comes to the EU Cookie Directive, TRUSTe plays three distinct roles in protecting consumer privacy:
TRUSTe offers a Website Tracker & Cookie Auditing Service, which provides website owners with comprehensive analysis and reporting of third-party trackers on a daily, weekly or monthly basis so that you can make timely and appropriate actions.
TRUSTe has developed TRUSTed Consent Manager, a scalable platform enables website operators to obtain consent from consumers to place cookies on their device in either express or implied consent models.