Skip Links

Majority of popular EU websites don't ask permission to install cookies, report says

By Loek Essers, IDG News Service
November 15, 2012 09:40 AM ET

IDG News Service - A majority of European Internet users expect companies to ask for permission to track their activities online using cookies, privacy management company Truste said Thursday. But despite the 2009 introduction of the European Union's so-called cookie directive requiring just that, only a small minority of websites ask for visitors' consent, according to a survey by the company.

Internet privacy: Cookies as a weapon

Websites can store cookies containing snippets of information on a visitor's computer, for example to remember the visitor's log-in details or other preferences. But the cookies can also be used to track visitors from site to site, allowing marketing companies to build up a picture of their interests or behavior and serve them targeted advertising.

In 2009, the E.U. updated the 2002 Universal Service directive on telecommunications directives, ordering E.U. member states to pass laws requiring websites to obtain explicit consent from Internet users before cookies can be stored. How that consent should be given is not specified in detail, leading to confusion among law makers and website owners about how to implement or comply with the cookie directive.

Web companies still seem reluctant to comply with the new rules. None of the 50 most popular sites in France and Germany show a pop-up asking for a user's permission to install cookies, while one-third of the top 50 sites in the Netherlands and 12 percent of those in the U.K. had taken "some steps to comply with the Directive with an on screen pop-up, banner or tab informing users about cookies on the site", Truste said.

Truste's view of what it takes to comply can best be illustrated by the behavior of its own websites. Truste.eu and Truste.co.uk display warnings inviting visitors to change their browsers' current cookie settings before continuing -- even when the visitors are outside the E.U. However, there's no such protection for visitors to Truste.com, which only displays the warning to visitors in the U.K. where, the organization warns website operators, the E.U. cookie directive is now being enforced. No such warning is displayed on Truste.com to visitors from outside the E.U., or from E.U. member states including Belgium, France, the Netherlands or Romania. The company will use geolocation technology to display the warning to visitors from other countries as the directive goes into force, a representative said Thursday.

A pop-up warning is not the only way to inform visitors: Some of the sites in Truste's survey that did not show pop-ups did discuss the use of cookies in a privacy policy. The average length of the policies across all the sites checked by Truste was over 2,323 words, taking on average 10 minutes to read, the company said.

Truste analyzed consumer attitudes to data privacy and company practices across the E.U. in its E.U. Consumer Privacy Index. The study included more than 4,000 consumers in France, Germany, the Netherlands and the U.K., and audited the cookie practices of the top 50 websites in each country as ranked by Alexa.com.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News