The recently amended EU law, known as the e-Privacy Directive, will affect every organisation doing business and/or contacting research participants in the EU. Any organisation operating its own website using cookies or similar technologies (hereafter referred to collectively as cookies), or which accesses information already stored on a user’s equipment should take into account the changes and how they will affect daily operations. The revised Directive entered into force in 2011 and recently individual EU countries have just adopted national laws to implement the Directive.
Online research, related technology or online panel companies in particular should act to comply with this new law. However, all research organisations, whether in the public, non-profit or private sectors, should take steps to conduct an audit to find out which cookies they use before national regulators follow up on recent threats of a new campaign to issue sanctions against organisations that have done nothing to comply with the new rules. Increasingly often, regulators are introducing powers to issue heavy fines.
The ESOMAR Practical Guide on Cookies helps research companies do five key things:
1) Get started with their cookie audit
2) Understand the need to clearly inform users about using cookies before placing them/accessing information on cookies already placed.
3) Understand how to determine which country’s law applies
4) How to begin contacting national regulators to find out about specific national consent requirements in all countries where the research is conducted.
National laws implementing the EU law differ slightly in every country (in four EU countries – Belgium, Poland, Portugal and Slovenia – the law is still being finalised), therefore the Guide cannot be seen as a complete compliance solution, particularly with regard to how consent is obtained from website users.
The Guide is split into three principal sections:
ESOMAR warmly thanks the expert project team from the ESOMAR Legal Committee who led the drafting of this practical guide and provided their invaluable input:
•Adam Phillips – ESOMAR Professional Standards and Legal Committees Chair
•René Lamsfuß –Vice President Market Governance & Data Strategy Europe, The Nielsen Company (Lead Author)
•Alexander Singewald – Legal Consultant, ESOMAR Legal Committee
•David Stark – Vice President, Integrity, Compliance and Privacy Officer, GfK