Unless you’re a corner store or food truck that operates in a strictly local geography, your brand’s message is certainly reaching some of the over half a billion individuals who reside in the European Union’s 27 member countries. Now that a new set of regulations known as the EU E-Privacy Directive has taken effect, the impact on any online marketer anywhere is palpable. The fact that you are based outside the EU’s borders is not a defense, as these laws hold jurisdiction on any electronic communication emanating from anywhere as long as they are directed to any resident of an EU country (with fines exceeding three-quarters of a million dollars per violation)… and that means your online marketing!

Obtain Clear & Trackable User Consent Prior to Placing Any Tracking Technology

The essence of the EU E-Privacy Directive is that European users must provide clear and trackable consent prior to having any cookies or other technologies designed to capture their information placed on their memory systems. Since online marketers have been accustomed for many years to the stealthy placement of “drive-by” cookies, where anyone anywhere who clicks on the site is tagged and bagged, this practice will now attract the highly undesired attention of the EU SWAT team. The website visitor must now provide a formal opt-in virtually identical to the one that is required for being placed on your email newsletter subscription list to have any cookie placed on their web-enabled device.

Conduct a Comprehensive IT Survey

An exhaustive survey of your online activities is now warranted and should center on these primary tasks in a process along these lines:

  1. Determine what types of cookies or other tracking mechanisms are currently on your site, and conduct a complete survey of exactly what they do.
  2. Totally revamp your privacy policy to be comprehensive, accurate, exhaustive and up to the minute.
  3. Create entirely new opt-in mechanisms for every aspect of your online presence.
  4. Develop a fully revised website architecture to allow for the recognition of customers who have opted-in and access to material restricted to non-opted-in users.

The Directive specifies that users must be made aware of which kind of cookie is being set, all the way from the fundamentally basic cookies of the type that remember which goods have been placed in a shopping cart, all the way to the advanced cookies which track the behavior of any user on and off your own website. There are also regulations regarding “non-essential tracking” which cover cookies as well as other technologies which cannot be termed as cookies at all. Since approximately two out of every five tracking methods do not use cookies, it is now imperative that your IT personnel conduct a thorough audit of your entire tracking technologies and adapt them to suit the EU policies.

Goodbye/Adieu/Adios/Ciao/Auf Wiedersehen Analytics!

Nearly two thirds of all cookies are related to advertising, so unless sites quickly become compliant with the EU’s dictates, virtually every banner ad on the internet will now be in breach! If you’re thinking that this new set of regulations has just demolished your Analytics, you’re not far from the reality of the situation. If users do not specifically accept cookies (and you can bet your bottom dollar most won’t) then they will not show up on your site statistical reports and technically the ads themselves cannot be shown. Welcome to the decimation of the internet’s most basic business model. The same Directive also applies to iOS, Android, Windows Mobile and any other apps which are available over the internet. Any built-in tracking code which allows access to user data on any web-enabled mobile device is going to run afoul of the EU’s laws.

Since the EU Directive as it currently stands is a totalitarian nightmare which Stalin might have shied away from as too invasive, there are already hints that there is some mollification on the way. The continued post-warning use of a site might indicate user consent… or then again it might not. Until the exact limitations are established, you’re well advised to achieve compliancy… or else?