The Cookie Law in Belgium

presented by

A cookie ?๏ What is it for ?

• Stores useful info ➝ language preferences (ex: Google), account logins, etc.

• Enhances the website experience (content & service personalisation)

๏Marketing Purposes

• Allows the tracking of users’ behaviour (visited websites, etc.) & the creation of profiles (interests, etc.)

• By linking this behaviour to previously collected personal data (name, e-mail address, etc.)

• Better advertising targeting + remarketing

how it works

๏ What is it ?

• A text file saved on the hard disk of a person visiting a website

๏ ≠ Cookie types

• Technical Cookies (first party cookies): technical part of a website (language preferences, login, etc.)

• Tracking Cookies (third party cookies): record visitors’ behaviour (visited websites, etc.)

• Session Cookies: memorise preferences only during a session

• Permanent Cookies: stay on the hard disk until removed by the user or reaching the due date

how it works

tRacking cookies

๏ Privacy invasion

• Date collection for commercial purposes

• Sales to third parties

• Internet surveillance

๏Marketing: behaviour tracking

legislation

๏ At the European level

• E-Privacy directive or «Cookie Law», 2011

๏ At the Belgian level

• The Privacy Protection Law, 1992

• Telecom Law, 2012

๏ Different interpretations

• Netherlands

• Germany, Italy, UK, etc.

eu directive

๏ The e-Privacy directive or «Cookie Law»

• Since may 2011

• All website owners whose headquarters are located in the European Union must obtain the agreement of any user in order to store tracking cookies on their computers any other similar devices (smartphones, tablets,...).

eu directive

๏ Before the law

• This agreement was tacit

• The user had to set his browser in order to accept or refuse the use of cookies

- Few people knew about the existence of cookies

- Or didn’t know how to block them

1992 LAW

๏ The Privacy Protection Law

• Obligation to indicate on the website:

- What user data is stored and who manages this data

- How the user can access and view his data & how he can change it

• This mentions have to be shown either on an online questionnaire, the home page, a separated page, or a disclaimer

telecom LAW

๏ The new Telecom Law (2012):

• The website owner must inform the visitor that he uses cookies

• Why he uses them

• He must ask for permission to store a tracking cookie on the device used by the visitor

- most websites install those cookies by default, unless the user refuses them or withdraws his permission

≠ interpretations

๏ The Netherlands require:

• The explicit permission of the user

• Through a pop-up

๏ Germany, Italy, GB, etc. Belgium ?

• The permission can be implicit ➝ the user is supposed to set his browser parameters if he doesn’t want cookies

๏ A confusing law:

• MyLex «Cookierecht»: website+ mobile application + campaign

Consequences

risks & fines๏ Non-compliance to the law

• If the website doesn’t mention that it makes use of cookies or if it doesn’t give the possibility to refuse them

• If the website installs cookies on the user’s device despite his refusal

๏ Complaints to:

• The website owner

• The authorities: no data yet for Belgium

๏ Fines

• Up to 500.000£ in GB (ICO - Information Commissioners’ Office)

other issues

๏ Website ergonomics

• If applying the law like the Netherlands do:

- Display of a pop-up in the middle of the screen

- Harms the user-friendliness of websites

- Could prejudice e-commerce websites: extreme application of the Cookie Law (IAB)

๏ Google Analytics

other issues

๏ Remarketing

• E-commerce websites will not be able to track the clients/prospects who refused the cookies

๏ Future of online marketing ?

• Behavioural databases

• Precise targeting

links

๏ Cookie Law (Great-Britain)

๏ Cookierecht (Belgium)

๏ Cookieapp

๏ IAB Cookie Demo Site