
Understand why CIPA lawsuits are rising and how to minimize privacy risk on your website.
Thank you!
Please check your email to view the guide.

Europe in 2009 amended the ePrivacy Directive considering the technology changes and under article 5.3 made consent necessary for storage or accessing the information on terminal equipment like computers, phones. This article is popularly known as the EU cookie law.
“Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia, about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service.’;”
This specific article talks about all types of storage which include cookies, beacons, pixels, fingerprinting, etc.
Please note Strictly Essential cookies don’t need user consent. For example, load balancing cookies will be Strictly Essential and don’t need consent. The criteria for deciding if a cookie is strictly essential(based on WP29 2012 report):
Cookies are still regulated by e-Privacy but the consent has to be the standard of GDPR. This means consent should be freely given, specific, informed, and given by positive action. Recently CJEU in the case of Planet 49, ruled that consent requirement for the e-Privacy directives should be read in conjunction with GDPR. We covered steps for creating a GDPR compliant cookie solution here.