Based on a source, cookies are divided on „first party cookies and „third party cookies“. „First party cookies“ are put up by a website you visited while „third party cookies“ are put up by some other website which manages the website you visited or the website you visited forwards them to some third party without your consent. „Third pary cookies“ are most commonly used for projection of advertisements so those are mostly undesirable. Therefore, some web browsers are blocking it by default. Of course, you can block all cookies in every web browser, but that may not be the smartest thing to do since „first party cookies“ are necessary for regular and valid work of some websites so the best thing is to leave those.
Majority od users considers privacy on an Internet as an extremely important element so the term of tracking and cookies itself creates a fear and confusion. From a legal standpoint, it is all pretty unclear and uncommonly regulated. On European Union level, direction that refers on the usage of stored data from the websites already exists for a certain period of time, while the biggest part of those refers to cookies. Basically, according to that directive, all websites will have to ask for compliance from the visitor for usage of cookies. Therefore, this law does not prohibit cookies but it requires user’s compliance for their installation. This refers to majority of cookies except for the session cookies since those are necessary for normal functioning of some websites (especially those with E-trade). This law applies to all EU members but also to members beyond EU whose target audience is in EU.
Now you definitely ask yourself how Croatia copes with those regulations. In our country the provisions of that directive are incorporated in the Law on electronic communications from 2011. We are extracting the part that refers to the cookies (article 100, section 4): (link on the law-> http://www.zakon.hr/z/182/Zakon-o-elektroni%C4%8Dkim-komunikacijama)
„The use of electronic communications networks to store information or to gain access to information stored in the terminal equipment of a subscriber or user shall be allowed only in case where the subscriber or service user concerned is provided with clear and comprehensive information in accordance with special regulations on personal data protection, especially about the purposes of the processing. This shall not prevent any technical storage or access to data for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or, if strictly necessary, in order to provide an information society service explicitly requested by the subscriber or user.“
It is seen from the section that clear notification regarding data collection and the purpose of processing of those data has to be shown to the user during which he has to give permission so the cookies can be installed. Also we can see that deviation is possible only in specified cases (technical store or access to data because of communication enabling itself meaning on the explicit request of service user because of providing of services of information society).
Even though this Law came into force in 2011, many are still ignoring it, are not aware of it, while those who are informed still did not align functionality of their websites in regards to law regulations. This is not surprising fact if we take into account that Law still is not really implemented for now, but when it all becomes clear and when sanctions begin (in GB penalty can sum up to half million pounds), it will probably come to changes very fast.