Cookies & tracking: what does the law say?

Application of the European directive known as "telecom package", users must be informed and give their consent prior to the insertion of tracers. They must have an opportunity to choose not to be traced when they visit a site or use an application. Publishers therefore have the obligation to seek prior consent of users. This consent is valid up to 13 months. Some plotters are however exempted from the collection of this consent.

Covered by the term "cookies" or "tracers"?

Are concerned the plotters introduced and read for example when viewing from a Web site, an e-mail reading, installation or use of software or mobile application, regardless of the type of terminal used such as a computer, a Smartphone, a digital reader, and a video games console connected to the Internet. If they meet certain conditions, some plotters are exception to this obligation

As such, the term "cookie" covers for example :

  • HTTP cookies
  • "flash" cookies,
  • the result of the calculation of footprint in the case of the "fingerprinting" (calculation of a identifier unique machine based on elements of its configuration for tracing purposes),
  • Web beacons or "web bugs",
  • any other identifier generated by a software or an operating system, for example.

These obligations apply cookies to collect personal data or not.

What does the law say?

By amending article 5 (3) of directive 2002/58/EC by the adoption of directive 2009/136/EC, the European legislator has established the principle :

  • consent of the user prior to storage of equipment information of a user or access to information already stored.
  • except, if these actions are strictly necessary for the issue of the information society service explicitly requested by the Subscriber or user.

Article 32-II of the law of January 6, 1978, modified by the order n ° 2011-1012 August 24, 2011 which has transposed the directive 2009/136/EC takes this principle.