Many websites only allow full access to features if ‘cookies’ are enabled on your web browser. A cookie is a small text file placed on your computer which allows the site visited to identify you (strictly, the computer user) on future visits to the site.
Currently, under the European E-Privacy Directive, you can opt out of allowing cookies if you wish. The website owner must:
- provide clear and comprehensive information about the purpose of the cookies and any access made to information stored on your computer; and
- allow you the opportunity to refuse to accept the cookie.
At present, it is sufficient for the website operator to include this information in the ‘privacy policy’ in its conditions of use, which, in practice, few website users bother to read.
However, the EU has decided to amend the Directive to impose an ‘opt-in’ system, whereby the user will be asked specifically to agree to accept cookies: this is called obtaining the ‘informed consent’ of the user. This system is opposed by website operators, since many users will decline to accept cookies and the operators will lose valuable marketing information. EU member states have until 25 May 2011 to implement this change into their national legislation.
Relief for website operators comes from the fact that general consent can be expressed in the user’s browser settings (i.e. by setting the Internet options to ‘accept cookies’) and an exception to the ‘opt-in’ is allowed where the placing of a cookie is necessary to make part of the site function. An example of this is online payment systems.
