The Privacy and Electronic Communications Directive requires website operators to inform users of their websites in a “clear and comprehensive” manner the “purposes of the storage of, or access to,” users’ information, and ultimately, with the opportunity to refuse such storage of, and/or access to information.
The majority of website operators set out this information in their privacy policy. However, many operators are failing to comply with the requirement to provide this information in a “clear and comprehensive manner”, by using technical language or simply not accurately describing the reasons for which information is collected and what will be done with it. Website operators are also failing to update their privacy policy when they implement new technology on the website, such as Flash cookies.
With the amendments to the Privacy and Electronic Communications Directive there will be greater scrutiny of websites and so it is important that the privacy policy is reviewed to ensure compliance.