On June 7, 2012, the Article 29 Working Party, an independent advisory body composed of representatives from the national data protection authorities of the EU Member States, the European Data Protection Supervisor and the European Commission, issued Opinion 04/2012 regarding which types of cookies are exempted from the informed user-consent requirement under Directive 2002/58 of the European Parliament (the E-Privacy Directive).
Article 5.3 of the E-Privacy Directive requires that websites must obtain informed consent from users prior to storing cookies on users’ equipment. The E-Privacy Directive provides for two exemptions to this rule: (a) when the cookie is used for the sole purpose of carrying out the transmission of a communication over an electronic communications network; and (b) when the cookie is strictly necessary in order for the provider of an information society service explicitly requested by the user to provide the service.