Compulsory European cookie law
The origin of the commonly known cookie law has its origin in 2009, where the European Union published the Directive 2009/136 / EC , in which the following text can be read at point number 66:
When it is technically possible and effective, the consent of the recipient to accept the treatment of the data may be provided by using the appropriate parameters of the browser or other applications, provided that the recipient must proceed with its configuration during its installation or update through an action. express to that effect.
The foregoing shall not prevent the possible storage or access of a technical nature for the sole purpose of carrying out the transmission of a communication over an electronic communications network or, insofar as it is strictly necessary, for the provision of an information society service. expressly requested by the recipient.
What is a cookie
Many will say: Yes, it is very good that you protect me with the cookie law of these data elements, but really, what are they and what dangers do they entail?
We will explain in a simple way that a cookie has the format of a text file that is stored on our device used to browse the Internet, a mobile phone, a tablet, or a computer, among others. This text file can have multiple utilities, from saving preferences on how to display a certain website to access credentials. Per se a cookie is not dangerous , since it is a file that contains text.
The use that will be given to the cookies that it establishes, as well as the format and the data stored in them, remains in the hands of the website developer. Additionally, the security measures associated with the recorded data will also fall on the website developer. By delegating this point to the developer himself, we can find different examples of applied security, being able to leave part of the private information exposed.
Are you telling me that a website can expose my data? But exposed to everyone?
As a short answer , Do not. It is not possible that due to visiting a website, it has access to cookies from another website. An Internet browser cannot expose data from other websites.
As a long answer , are text files, and as such could be read by malicious third-party software. In the event that a spy program is installed on our computer equipment and attempts to access the place where our browser stores these cookies, the attacker could obtain these data. But in itself, this would have to be the least of our concerns if spyware were installed on our system. In our computer equipment we surely have more critical sensitive data to be read than in a simple browser cookie, where the developer will usually take measures to obfuscate important data.
Penalties for non-compliance
In this case we find ourselves with a curious situation, everything and the development of this cookie law for the protection of the data of users who use and / or access websites, the form that has been implemented, has caused the Internet to be filled with the different pop-up and / or information windows on the use of this technology. Browsers themselves already incorporate mechanisms that can be used to accept or deny certain cookies, but the general ignorance of the average user prompted the creation of this requirement.
As a website owner, the obligation to implement cookie notices cannot be circumvented. The penalties for non-compliance can be seen in the following table:
|Mild||Failure to comply with the information obligations or the establishment of a procedure for refusing data processing.||Up to € 30,000|
|Serious||The significant breach of the information obligations or the establishment of a procedure for the rejection of data processing.||From € 30,001 to € 150,000|
Let's check if your business is cookie law compliant
Without any doubt: we study your website and confirm whether or not it is regulatory compliant. Non-binding consulting!