ALM Properties, Inc.
Page printed from: Corporate Counsel
Select 'Print' in your browser menu to print this document.
Ever heard of a cookie audit? It's not a reference to an inventory of the company vending machines. It's a crucial step in complying with a U.K. regulation that entered into force in May: the so-called cookie law.
The law gives teeth to the European Union's E-Privacy Directive, which requires organizations to obtain consent before they collect personal data from British nationals and other Europeans via cookies (small digital files that a site can deposit on a user's computer). Organizations are supposed to inform Web site visitors which cookies will track themand get user permission to do so.
"It's this positive obligation to obtain consent that's new," says Bridget Treacy, managing partner of the Hunton & Williams London office. "You have to get somebody's consent before you get their information."
That goes for U.S. companies, too. "The E-Privacy Directive does not stipulate that the law applies only to E.U. businesses," says Robert Bond, head of data protection and information law at Speechly Bircham in London. So if your site interacts with E.U. citizens, "then you have to have the cookies compliance program in place."