C is for cookie, and for compliance
The phrase “C is cookie” may conjure up images of a furry blue monster for many, but if you are conducting business within the European Union, cookie now stands for compliance with the e-Privacy Directive.
For the last few years, European officials have made an effort to implement new online privacy directives that would give users greater control over their data. A little over a month ago, the rules finally came into force in the UK by enacting legislation referred to as the cookie law.
The law provides some substance to the European Union’s privacy directive that requires organizations to obtain consent before they collect any personal information from Europeans via cookies, or the small digital files that a site deposits on a user’s computer from the internet. The cookie law was designed to protect online privacy of customers by making them aware, and giving them a choice, about the amount of information collected by websites.
There is an impact on the U.S. organizations as well. U.S.-based companies with a presence in the European Union, no matter how small, are still liable to European Union laws. Therefore the EU’s privacy directive is not limited to only the EU. If your site interacts with EU citizens, you must have a compliance approach to the cookie issue.
About the Author
Ann Mizner McKay is the General Counsel and Senior Vice President at WGA. She oversees the legal affairs of the company and also manages the Claims Department.