Hi Pawel! Thanks for your point. Here are few thoughts. > The point is that everyone on this list can actually have their voice > heard at two levels at least: This is only in case when legislators are listening to citizens ;-). For example, our legislators aren't like very much to listen to people's opinion. So it'll depend on situation in specific country. > 1) EU public consultation - this is now closed for the e-privacy > directive, but... > 2) EU directive needs to be implemented at national level - and this is > happening now You've said that in Poland the second part of this process is going on and you've took part in it. At different sites, where I have read about this law (some information was on mentioned by me earlier http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspx), it was stated that this EU directive was released already in 2009 (EU Cookie Directive 2009/136/EC) and for implementation on national level was given some time. And this time already gone, at least in UK, about which was the most information which I found, the directive was implemented in May 2011 and one year was given for web sites for adoption. And since 26th of May 2012 the law officially started to work in UK. So for them everything is finished with consultation and implementation. Do you want to say, that there is still not made an implementation of this law in Poland and how long it will take? The interesting is that ICO updated information about Cookie Law at their site. In June 2012, European data protection authorities adopted an opinion, which clarifies that some cookie uses might be exempt from the requirement to gain consent. P.S. Guys, as you can see from the list of different laws for fining or closing web sites due to legislation, which I published to the list - #1 (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-June/008400.html) and #2 (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-June/008418.html) - there are not only IT related laws. So web sites can be fined or closed as due to IT related laws ("cookie law" is strictly Internet related law), as due to others laws (such as copyright violation or spreading of forbidden materials, which concerns both online and offline sphere). Best wishes & regards, Eugene Dokukin aka MustLive Administrator of Websecurity web site http://websecurity.com.ua Pawel Krawczyk pawel.krawczyk at hush.com Wed Jun 6 16:08:06 EDT 2012 > On Wednesday, June 06, 2012 at 7:46 PM, Pavol Luptak <pavol.luptak at > nethemba.com> wrote: > > >Yes. And it will be another regulation that makes the EU less > >competitive > >(for Internet portal, business, ..) compared to the other non- > >regulated world. > > Fully agreed, but the EU law is not given by gods :) The point is that > everyone on this list can actually have their voice heard at two levels at > least: > > 1) EU public consultation - this is now closed for the e-privacy > directive, but... > 2) EU directive needs to be implemented at national level - and this is > happening now > > Here's a very important role for technical experts and organisations to > participate in your government's public consultation (with or without > solicitation); in Poland a number of experts (including myself) sent their > opinnions against this regulation that somewhat balanced paranoid and > clueless voices of "privacy protectors". It the first place it gives your > government a reason to soften the interpretation of the directive, second > it gives them a reason to lobby against the directive in Brussels. > > -- > Pawel Krawczyk, CISSP > http://ipsec.pl http://echelon.pl > +48 602 776959