EU e Privacy directive -- slow implementation
The formal deadline for Member States to transpose into national law the provisions of the revised ePrivacy Directive, adopted in December 2009, was 26 May 2011, but very few Member States have met this deadline. So far, only eleven countries have formally notified measures to implement the ePrivacy directive (but with little in the way of helpful clarity for companies so that they can comply with how they should do it in practice). Ireland has signed up while other countries have adopted transposition instruments but have not yet notified the Commission (e.g. France) and others have done little.
The revised Directive establishes a new consent requirement for the placement of certain types of cookies on users’ computers and similar devices. The ambiguity of the provisions defining the type of consent requirement (a simple “right to refuse”, aka opt-out, or an active user choice, aka opt-in) has left significant room for interpretation by the Member States – hence the risk of uneven national rules.Already, we can see different countries adopting different approaches within the EU.
The use of tracking cookies and monitoring of users’ online behaviour by companies or organizations is regarded as a hugely sensitive privacy issue, and is being critically assessed by the EU as well as US federal government organizations. There is grave political concern about invasion of users’ and consumers’ privacy by companies in who they might monitor what online users do or are interested in.
