Home > Property & Casualty > C is for cookie, and for compliance

C is for cookie, and for compliance

The phrase “C is cookie” may conjure up images of a furry blue monster for many, but if you are conducting business within the European Union, cookie now stands for compliance with the e-Privacy Directive.

For the last few years, European officials have made an effort to implement new online privacy directives that would give users greater control over their data. A little over a month ago, the rules finally came into force in the UK by enacting legislation referred to as the cookie law.

The law provides some substance to the European Union’s privacy directive that requires organizations to obtain consent before they collect any personal information from Europeans via cookies, or the small digital files that a site deposits on a user’s computer from the internet. The cookie law was designed to protect online privacy of customers by making them aware, and giving them a choice, about the amount of information collected by websites.

There is an impact on the U.S. organizations as well. U.S.-based companies with a presence in the European Union, no matter how small, are still liable to European Union laws. Therefore the EU’s privacy directive is not limited to only the EU. If your site interacts with EU citizens, you must have a compliance approach to the cookie issue.

About the Author

Ann Mizner McKay is the General Counsel and Senior Vice President at WGA. She oversees the legal affairs of the company and also manages the Claims Department.

617.646. 0238  AMiznermckay@wgains.com    Connect with Ann on LinkedIn


Categories: Property & Casualty Tags:
  1. Karen Gordon, Esq.
    July 19, 2012 at 3:32 pm

    Hello, Ann.
    Liked your summary of the issue. U.S. companies are well-advised to explore, understand and mitigate risks associated with doing business abroad, even if they have no foreign brick and mortar presence. While many companies are now paying attention to such issues as social media exposures, probably not enough is being done to specifically address EU e-privacy requirements. As with news that spreads across the world instantaneously via the Web, so do compliance requirements reach across previous country boundaries, thereby increasing liability exposures and, likewise, the need for diligent and pro-active compliance.
    Thank you for your insights,
    Karen Gordon

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s