Six things you should know about the Dutch cookie law
There seems to be a lot of misinformation going around about the fresh Dutch (Internet) cookie law, so Internet lawyer Arnoud Engelfriet set out to dispel the myths in a few excellent articles.
1. First this. The Dutch call their cookie law ‘cookiewet’ instead of ‘koekjeswet’ in spite of the Dutch origins of the English word. (The oo sound is spelled oe in Dutch.)
Says Arnoud (and I paraphrase):
3. Permission can be gained collectively. (The ‘central register’ bit already implied this.)
4. Permission to set cookies does not imply permission for tracking and profiling. The Dutch privacy law is still in full force. That means you should not just get permission from your website’s visitors to put cookies on their computers, but also to build their profiles. Two separate things.
5. You do not need to ask permission for cookies that help you communicate with your visitors or that help you deliver a service. Cookies that store your login session ID, that help with your one-click purchase or that remember you language settings are totally fine. (This appears to be the thing that foreign websites get wrong.)
6. The law covers all methods of storing data on a visitor’s computer, not just browser cookies.
The thing that the law seems to lack is actual teeth. Engelfriet suggests that Dutch telecom guard dog OPTA is going to issue fines, but OPTA’s related spam-fighting responsibilities, for example, do not seem to deter spammers who have been flooding my inbox ever since the anti-spam law for spam sent to business became active.
- Puzzelen met de cookiewet: wat is het nou geworden? at Iusmentis.com
- Vijf misverstanden over de nieuwe cookiewet at Marketing Facts