[thelist] Cookies and the European Directive.
Hassan Schroeder
hassan at webtuitive.com
Wed Nov 28 12:24:06 CST 2001
roland dunn wrote:
>
> Does anyone have (or claim to have) a good handle on the implications of the
> new European Directive on website development?
Only an educated guess based on reading the resolution itself, and some
other preceding material (some cited below) :-)
> My understanding of the European Directive is that if you wish to use
> cookies, you have to ask.
My understanding is that it's *not* about cookies, it's about the
personal information that may be *associated* with cookies.
::
2a. Member States shall prohibit the use of electronic communications
networks to store information or to gain access to information
stored in the terminal equipment of a subscriber or user without
the prior, explicit consent of the subscriber of user concerned.
This shall not prevent any technical storage or access for the
sole purpose of carrying out or facilitating the transmission of
a communication over an electronic communications network.
/* excerpt from 'Justification' follows: */
The use of such devices [cookies, spyware, etc.] should therefore
be prohibited unless the explicit, well-informed and freely given
consent of the user concerned has been obtained.
European Parliament A5-0374/2001
Amendment 26, Article 5, pp2a(new)
URL (all cited URLs are for lang="en"):
http://www2.europarl.eu.int/omk/OM-Europarl?PROG=REPORT&L=EN&PUBREF=-//EP//NONSGML+REPORT+A5-2001-0374+0+DOC+PDF+V0//EN&LEVEL=4
If this final resolution draft is what was enacted by the EP, and
I believe it is, it doesn't seem that draconian. Studies on the
European commission site mention P3P as a technological mechanism
for providing that informed consent, for instance. And the "technical
storage or access" would seem to permit session cookies (whew!).
But of course, I'm not a lawyer, US or EU :-)
For more background, see:
Data Protection Law And On-Line Services: Regulatory Responses
http://europa.eu.int/comm/internal_market/en/media/dataprot/studies/regul.pdf
Privacy on the Internet - An integrated EU Approach to On-line Data Protection-
http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/wp37en.pdf
On-line services and data protection and the protection of privacy
http://europa.eu.int/comm/internal_market/en/media/dataprot/studies/serven.pdf
FWIW!
--
H*
Hassan Schroeder ----------------------------- hassan at webtuitive.com
Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com
-- creating dynamic Web sites and applications since 1994 --
More information about the thelist
mailing list