On the 25th of May this year the revised Privacy and Electronic Communications regulations came into force - or at least they were supposed to. Even the UK government realised how impractical they were, and gave UK businesses an extra year to comply.

But, I’m sure the EU themselves have a fantastic plan for how this would work - and they’ve had almost a month now to implement it. Let’s visit Europa.eu - the main European Union site - and take a look.

And there we have it - a nice persistent tracking cookie, placed on my computer until the 18th of September. No questions asked. The cookie drives a survey which the EU will pop-up the next time I visit - so it’s not exactly vital for my visit.

Let’s remind ourselves of the offending section in the regulations:

Third parties may wish to store information on the equipment of a user, or gain access to information already stored, for a number of purposes, ranging from the legitimate (such as certain types of cookies) to those involving unwarranted intrusion into the private sphere (such as spyware or viruses). It is therefore of paramount importance that users be provided with clear and comprehensive information when engaging in any activity which could result in such storage or gaining of access. The methods of providing information and offering the right to refuse should be as user-friendly as possible. Exceptions to the obligation to provide information and offer the right to refuse should be limited to those situations where the technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user.

IANAL, but it sounds to me like they’re in breach of their own laws.

If after a month the EU can’t even implement their own regulations on their own non-commercial sites, then I think it’s going to be a long time until European businesses need to worry about compliance.