Almost entire EU now violating Brussels cookie privacy law
Steelie Neelie threatens 'necessary measures'
The deadline for the implementation of a European privacy law on cookies passed with a whimper at midnight last night, after just two Member States issued a full notification to Brussels.
Meanwhile, 19 of the 27-bloc countries that make up the European Union ignored the 25 May deadline on implementing the full, or indeed partial, set of measures laid out in the revised legislation for the e-Privacy Directive.
At the end of yesterday, only Estonia and Denmark had notified the Commission, with officials in those states confirming that they had transposed all of the EC measures on internet cookies into their national law.
The UK, France, Slovenia, Luxembourg, Latvia and Lithuania all offered the Commission partial notifications, even though Brussels' officials had made it clear that implementation of all the measures was required from each member state.
Finland is also expected to implement all parts of the 2009 legislation. But it hasn't notified the EC yet.
The European privacy law came into force this morning requiring websites within the EU to obtain a visitor's consent to install a cookie in their browser. But readers would be forgiven for thinking little has changed online today.
Indeed, the UK government effectively freed up web owners in Britain from the burden of implementing the changes for one year, after the Information Commissioner, Christopher Graham – whose office is tasked with enforcing the law – confirmed yesterday that no action would be immediately taken against companies that ignored the rules.
"We're giving businesses and organisations up to one year to get their house in order," he said yesterday.
The Register asked Brussels spokesman Jonathan Todd to explain what the lack of interest in the privacy law meant for the EU.
"That a large number of Member States have failed to fulfil their obligations to meet a deadline that they themselves had set," he said.
"For its part, the Commission may open infringement proceedings against the Member States in question as a matter of urgency."
He pointed out that Europe's digital agenda Commissioner Neelie Kroes said earlier this week that she would "take the measures necessary to fix that situation vis-à-vis Member States and telecoms operators".
But the warning appeared to have been largely ignored, leaving many website businesses perplexed by the new rules.
As for the detail missing from the UK's submission to the Commission, Todd told us that "they have notified everything except the law giving the necessary new powers to Ofcom – we know that they have adopted this law but they have not yet notified it (we presume they will imminently)."
Blighty's communications minister Ed Vaizey said earlier this week that his government department was talking to browser vendors to work out a "technical solution" via a browser setting.
Some privacy advocates claimed that Vaizey was appeasing advertisers by shying away from implementing an effective mechanism that would allow web surfers to consent to their online movements being tracked. ®
Sponsored: Becoming a Pragmatic Security Leader