Clear guide through European cookies laws
Everything you need to know about HTTP cookies and the European law regarding cookies’ use. Types of cookies, dangers, privacy, how to know which cookies are present in our website, and which are exempt according to the european law, and when can we be
What are cookies
A cookie is a small file that is sent by a website and stored on the user's browser so that the website can view the user‘s previous activity.
Each time a user enters a website, the browser sends the cookie to the server to notify the site about their previous activity. We can say that they basically give a website the ability to differentiate users and act accordingly.
Types of cookies
- First or third party cookies
- Session or persistent cookies
- Technical cookies
- Customization cookies
- Analysis cookies
- Rack cookies
- Behavioral advertising cookies
What are cookies for
Cookies were designed to be a mechanism to remember different types of information, such as products of a shopping cart in an online store, user activity, which websites you previously visited, what buttons you have pressed, etc...
Although cookies can not contain a virus and can not install malware on the user's computer, tracking and monitoring cookies, especially third-party cookies are able to collect long-term records of user navigation on the Internet. Cookies can also store passwords and form data that a user has entered, such as a credit card number or address.
Security depends on the user's browser and the security systems used by the web which originates the cookie. In extreme cases, a hacker can access the cookies and use the information they may contain, such as data access so he can impersonate a user and gain access on the web page that originates the cookie.
Cookies privacy concerns
That explains why, for example after seeing Youtube cars videos, we can notice seeing more ads related to the motor world while browsing other sites.
European legislation and who must comply
We refer to the law of cookies, but this law does not actually exist as such, but as a part of the LSSI, The Spanigh Law of Services of the Information Society, which was amended by Spanish Royal Decree-Law 13/2012 of 30 March to adapt our legislation to the EU directives on electronic communications in Europe. Specifically, the aspects to which we refer in this article are the second paragraph of Article 22 of the LSSI.
The cookies legislation applies to any person or company acting as a seller or provider of any service in the digital environment.
To comply with the law of cookies it is necessary to inform and request users’ consent before installing cookies on their browser.
On September 13 2013, the reference to the Parliament of the Draft General Telecommunications Law, which includes a new amendment to Law 34/2002, of 11 July, of Services of the Information Society and Electronic Commerce was adopted, with which the cookie installation approval would pass consent from express to informed.
Exempt Cookies: What kind of cookies can be installed without permission
Exempt cookies are:
All those which have a technical character and are only intended to enable the navigation, or that are strictly necessary for the provision of the service.
Examples of exempt cookies
- User input cookies
- Session & authentication cookies
- User security cookies
- UI customization cookies
- Social content plugin
- Shopping cookies
- Form cookies
Not exempted cookies
Not exempt cookies which are the ones that oblige the website to inform and obtain the user’s consent of both first and third-party cookies are the ones that address any other objective other than the exempt ones, for example, those used for analysis purpose, measurement or for third party advertisements on your own website app, or your products or services on other sites.
How to know if my web install Cookies?
We know which cookies a certain web installs on our computer accessing Security / Privacy options in the browser. We can also checkt it with tools like Firebug, a plugin for Firefox browser.
If you require a deeper analysis of the cookies that are installed by your website it is advisable to contact a specialist.
There are newly known sactions by the data protection agency for breaking the cookies law as you can see in this article.
To avoid this it is important to inform the user of the cookies policy on our website, in a section of the header or footer, visible before the user starts interacting with your website, requesting the user’s active approval, pressing a cookies policy acceptance button, or passively, informing the user that if he continues to browsing your website he is accepting the cookie’s installation.
The Cookies European law requires website owners to inform visitors clearly, completely and prior to the installation of cookies in order to obtain the user's informed consent. Consent may be implied by a user’s action, such as continue browsing, at which point you can install cookies.
If your website contains a Google map, a Youtube video, or use tools like Google Analytics for visitor statistics, and you do not inform your visitors before installing cookies, you are exposed to a high penalty if you are denounced.
It's time to check your website and find out if you are not complying the law of cookies. For any further information, you can contact us our email.