On April 24, 2014, the Belgian Data Protection Authority or the Commission for Privacy protection has published a Draft Recommendation regarding  (*) usage, inviting all stakeholders to provide their input on the text.

In French 😦http://www.privacycommission.be/sites/privacycommission/files/documents/Projet_de_recommandation_cookies.pdf )

In Dutch: (http://www.privacycommission.be/sites/privacycommission/files/documents/Ontwerp_aanbeveling_cookies.pdf )

Purpose

The so called Draft Recommendation explains the Belgian legal framework for the use of cookies and similar technologies, examining in detail the different purposes for which cookies and similar technologies may be used (e.g., authentication, storage of preferences) and explaining the steps to be taken to ensure compliance for each type of cookie use.

In particular, the Draft Recommendation explains how to comply with the new obligation to obtain prior consent before placing or accessing cookies and similar technologies on users’ devices, as provided by Article 129 of the Belgian Electronic Communications Act (which transposes Article 5.3 of the revised e-Privacy Directive 2002/58/EC).(https://www.huntonprivacyblog.com/files/2013/12/02002L0058-20091219-en.pdf)

Need of consent

Consent is not required if the cookie or similar technology is used for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or if it is strictly necessary for the provision of a service requested by the user. The Draft Recommendation provides examples of cookies that fall under these exceptions (e.g., “shopping basket” cookies, authentication cookies).

According to the Draft Recommendation, to obtain valid consent to use cookies and similar technologies, users must have the opportunity to accept only certain cookies and refuse others, and be able to change their choices later on. Valid consent requires an affirmative action by the user. In addition, prior to providing consent, users must have a chance to review a cookie policy that details the different categories of cookies and their purposes, the categories of information stored, the retention period, how to delete cookies, and any disclosures of information to third parties. The Draft Recommendation provides useful examples of such cookie policies.

Reactions or comments to the Commission for Privacy protection

Comments on the Draft Recommendation may be sent to the Privacy Commission by mail ( Drukpersstraat 35/rue de la Presse, 35 – 1000 Brussels) or by email (commission@privacycommission.be). The public consultation will be closed on July 31, 2014, after which the Privacy Commission will publish the final version of the Recommendation.

(*)Cookies are small files placed on a subscriber’s or user’s computer which allow information about the user to be gathered. Cookies are typically used by e-commerce websites in order, for example, to remember certain user settings, such as language, or make the website more user-friendly (e.g. the content of a shopping cart will remain available when the user leaves the webpage).

Cookies can also be used for a variety of other purposes, such as monitoring the user’s internet behaviour in order to send targeted advertisements (so-called behavioural advertising) or for analytical purposes (e.g., analysis of the most visited pages on a website, the success of an advertising campaign, etc.).