Securiti announces a $75M Series C Funding RoundView
Published on January 31, 2022 AUTHOR - Privacy Research Team
Internet cookies are beneficial not only for the website owners but also for the website visitors as they remember users’ preferences without requiring them to log in each time. With the help of cookies, websites remember a user’s name, their previous interaction with the website, likes, items added to the cart, and much more.
Cookies were given birth primarily for advertising purposes. Website owners or operators can monitor a visitor’s browsing habits and understand what type of products the visitor is interested in which provides insights into their purchasing habits.
The gathered personal information is then used to target the visitors with personalized ads on the website and other websites that utilize the same third-party cookies. For example, suppose a visitor is browsing graphic cards on Amazon. In that case, cookies will observe the user behavior as someone interested in graphic cards and start displaying ads for graphic cards on other websites they visit, such as Facebook, eBay, etc.
Cookies are a lucrative business for website owners as they get a kickback of the gains in case you make a purchase. While privacy-conscious users despise cookies, many everyday internet users have accepted cookies as intelligence that helps personalize their internet experience.
Let’s face it, users prefer the convenience of cookies and expect its benefits when visiting websites, but many don’t appreciate the way cookies are designed to help track users. There has been a long battle whether cookies should be allowed to operate on websites, and privacy concerns have led governments to devise cookie laws – EU cookie law.
Since cookies have become a crucial part of the online browsing experience, it is safe to assume that websites operating in the European Union must comply with the law.
The policymakers within the EU realized that internet users had the fundamental right to know:
With the EU Cookie Law in effect from 2011, the EU mandates all EU countries to devise laws requiring websites to obtain the explicit and informed consent of the visitor before the website can store or retrieve their private information.
The European Cookie Law requires websites to feature a consent banner. Website visitors from the EU can use the consent banner to either accept or reject the non-essential cookies used by the website.
Essential cookies are needed to facilitate communication over the internet network, such as a user’s IP address. In comparison, non-essential cookies analyze a user’s behavior and display them with personalized ads.
The EU Cookie Law is the first cookie law regulating websites on cookies and trackers for targeting users with personalized ads. The Cookie Law applies to all websites with embedded cookie codes on the site. As per the law, websites are required to:
In short, websites with EU visitors need to obtain the visitor's explicit consent before they begin collecting their personal information. To obtain explicit consent, websites need to inform users in plain, user-friendly, and easy-to-understand language about all cookies and trackers embedded in their domain.
Apart from informing users and obtaining their consent in a user-friendly manner, websites need to enable withdrawal of the consent as easily as users can give consent to enable cookies.
Non-compliance to any law comes with consequences, and the EU Cookie Law is no different. Failure to comply means websites are at risk of enforcement action from regulators and governing bodies. Websites could face monetary penalties and, worse, loss of customer trust.
The EU Cookie Law itself does not impose penalties but requires the EU countries to devise and enforce their laws and federated penalties. In short, penalties imposed on a business for non-compliance will vary depending on where the business is located.
Businesses offering their services to EU visitors need to:
Websites need to add a consent banner informing their users about the information they collect and for what purpose that information is being collected.
The collection details can be mentioned elsewhere, but users must be given the option to consent to collect their information or opt-out willingly.
Cookie compliance can be automated to enable swift integration across a websites’ domain. With the help of cookie consent management tools, websites can immediately comply with the EU Cookie Law and other global privacy regulations.
Cookies are here to stay and that doesn’t mean they’re bad for businesses or website visitors. As long as businesses are complying with the law and morally adhering to the basic rule of privacy for everybody, operations are seamless.
For businesses struggling to get the idea of complying with the EU Cookie Law or any other data protection law, get in touch with us for more information.
Yes. If US websites have visitors from inside the European Union, the EU's Cookie Law applies to them. The US websites will need to comply with the law by obtaining visitors' explicit consent within the EU. The US website cannot collect or process their personal data for non-essential purposes without their consent.
The EU Cookie Law is not a universal law itself like the GDPR which is much more comprehensive in nature. The EU Cookie Law is a regulation that requires each EU member state to implement it’s version of the cookie law with respect to its own national legislation that must, however, follow the directive's provisions.
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
3031 Tisch Way Suite 110 Plaza West, San Jose,