Local European lawmakers are facing continued confusion over the European Union’s recently revised e-Privacy Directive, which may or may not result in advertisers legally requiring internet users’ prior consent to place cookies on their machines.
Businesses, legal experts, analysts, industry bodies, consumer groups, and politicians remain divided in their interpretations of the directive, specifically around whether or not it will require prior and explicit user consent, or whether consent can instead be inferred through the use of browser settings.
Cookies form the backbone of online advertising, enabling practices such as behavioral targeting and segmentation, but also basic functions including frequency capping and campaign reporting. If European governments implement a prior consent opt-in requirement for these cookies, the implications for the online advertising industry could be severe.
The directive in question was amended in October 2009, and states that national governments of EU member states must “ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his/her consent, having been provided with clear and comprehensive information.”
Some parties argue the wording implies prior consent is a requirement, while others suggest the European Parliament would have included the words “prior” or “explicit” if that was its intention. Others suggest the Parliament lacks real understanding of the situation, and has adopted intentionally vague language to give local governments room to move as they see appropriate. Member states are required to interpret the directive and to implement it through local laws by May 2011 at the latest.
Speaking with the Privacy & Security Law Report published by BNA earlier this month however, European Parliament deputy Alexander Alvaro clearly stated the directive does not call for “explicit” consent, but that consent could indeed be indicated through a default browser setting. Alvaro was the European Parliament’s e-Privacy Directive rapporteur, appointed to investigate and report on the proposed legislation and to lead negotiations between the European Commission, Parliament, and the Council of Ministers regarding its content.
“When the Parliament debated amendments…the ‘‘prior consent’’ formulation was considered and rejected in favor of a wording where the Parliament left more room for flexibility,” he said, adding, “This flexibility is also reflected by the fact that the Parliament eventually adopted Recital 66 that was intended to clarify that use of browser settings could be considered an indication of ‘‘consent.’’
Recitals are additional pieces of information included in the directive, which are intended to provide “an introduction to the new law, sharing the lawmakers’ rationale for the provisions that follow,” according to Struan Robertson, legal director at law firm Pinsent Masons.
Alvaro placed emphasis on the use of the recital alongside the wording of the actual article – the portion of the directive that must be enforced – in interpreting the Parliament’s intentions. ‘‘Had the Parliament intended [for example] the placing of all cookies on a user’s terminal to require ‘prior’ and/or ‘explicit’ consent, it would have adopted such language,” he said, adding, “Consent as defined and used in the Data Protection Directive does not have to be prior or explicit.”
Speaking with ClickZ News, IAB Europe VP Kimon Zorbas said his organization is currently “working with the European Commission and member states to ensure the implementation is done properly, and in the interest of consumers.” Zorbas said it is “extremely important” Alvaro made his comments, stating, “We’ve seen many different interpretations… Such a clarification is useful as it shows what Parliament wanted to do with this directive.”
Ultimately however, the local interpretation and implementation now rests with the individual member states, some of which may simply deem their existing laws sufficient to uphold the directive, but some of which may pass new laws to enforce it.
Zorbas suggested the majority of states are likely to shy away from the prior or explicit consent requirement, but expressed concerns surrounding possible inconsistent approaches across the continent. “Logically I would expect some countries to go the wrong way and implement an opt-in,” he said, which would likely cause serious issues for online advertising companies and publishers operating in those markets.
New Top-Level Domains (TLDs) have become more popular in the last couple of years, so here’s everything you need to know about them.
Amazon Prime was launched in 2005 as an express shipping membership program and more than a decade later it has tens of millions of subscribers who enjoy a lot more than just free, fast shipping on millions of products Amazon sells.
Sure, some apps are doing personalized push notifications, but what happens when your users are in the app?
Since cloud computing first gained mainstream attention around 2009, its popularity has exploded. Promising increased efficiency, flexibility and cost-effectiveness, it was hailed as the ultimate business solution. But are users seeing the benefits?