Aside from the UK, Ireland, Latvia, the Netherlands and Sweden have all now taken the plunge and introduced new cookie ‘consent’ laws. If these early adopters are anything to go by, then national legislators are broadly falling into one of two implementation camps – implementing cookie consent laws either on a strict ‘prior opt-in’ basis or, instead, qualifying the consent requirement by reference to ‘appropriate’ browser (or other application) settings.
Coming down the pipeline, Spain and Germany also have legislative proposals under consideration – in each case, qualifying consent by reference to browser settings. However, even in territories that have chosen to allow consent to be expressed through browser settings, the message ringing loud and clear is that the current generation of browsers do not offer suitable settings to obtain consent – principally because they accept cookies by default. In fact, the legislative proposals under consideration in Spain state that users must expressly configure their browser settings in order to consent to cookies.
So there we have it – six more jurisdictions have brought their cookie consent laws online. Interestingly, when publishing his annual report, the UK Information Commissioner took the opportunity to caution businesses to ”take their 'consent' obligations seriously” adding ”I'll be after them if they don't” (see http://goo.gl/SLvTh). You have been warned!