Irish cookies law - what you need to do

How should you handle your website cookies in Ireland?

What are cookies?

Cookies are files that are stored on a user’s computer hard drive by a website which can then collect information about the user’s preferences and other information which a user will need when visiting a website, for example log in details, credit card details, locations, preferences and any personal details a user submits to the website for whatever reason. The information stored in a cookie relates to how the user browses the website and allows the website to remember that user and their preferences when they return to it at a later date. Importantly cookies are also used for marketing and advertising purposes as seen below.

What does Irish law say about cookies?

The applicable regulations governing the use of cookies are Regulation 5 of the Electronic Privacy Regulations 2011[i]. These regulations, together with the Data Protection Acts, govern how cookies can be used and how the website users must be informed of the usage of such cookies. These regulations state that users are to be provided with clear and comprehensive information which is:

  • Prominently displayed
  • Easily accessible
  • Provides details of the purpose for which the cookies are being used

The regulations also note that the methods of providing such information together with the giving of consent should be as user-friendly as possible. The regulations however do not go into detail as to specifically what types of cookies require different forms of consent by the user. For example again you will note with various websites the user must click on a tick-box which allows a user to proceed to use the website once that user has accepted the cookies policy. If this is not done certain functions of the website, usually those for which cookies are required, will not be accessible to that user. This is known as an ‘Opt In’ provision on the website and is in place to deal with what is known as the use of third party cookies.

Cookies - RTE

The longstanding issue in this jurisdiction is that up to recently it has been unclear from the Data Protection Commission as to how the consent requirement, as set out in Regulation 5, should be met. Regulations 5 simply states that the requirement for consent is to be met where “technologically possible” and via browser settings. The issue here however is that most browser settings are set at a default setting of allowing cookies unless the user specifically disables this feature. Furthermore up until recently, enforcement of Regulation 5 has been confined to larger organisations however it is now very clear that even the smallest of enterprises that maintain a website need to be aware of the regulations covering cookie usage and ensure that their website users are aware as to how their website uses cookies. The Article 29 Working Group has given their opinion[ii] on how websites should implement the regulations as follows:

  1. First Party Cookies – These are cookies installed by the site you are using, that are less intrusive in nature such as cookies which record information necessary to allow the user to actually use the features of the website. Some examples would be the details a user may enter to allow for a ‘shopping cart’ feature of a website to be utilised. Article 29 Working Group has suggested that an “Opt Out” may be sufficient for such cookies. They have also noted that consent to the usage of such cookies may be given by the website user agreeing to the website terms and conditions. Therefore no separate “Opt In” requirement would be necessary. In such situations however the websites terms and conditions should specifically state that there is an “Opt Out” for first party analytic cookies. Importantly such cookies should have a life span that is only as long as the information is required to use the service. For example a user entering credit card details for a purchase assumes that the information collected by that specific cookie will only be used for that specific transaction and dispensed with once the transaction is completed. The situation however with First Party Analytical cookies is less clear. Whilst such cookies, which for example tell the website owner where the website users are located (Google Analytics for example) do not cause a privacy risk as third party cookies might do so. As such it is generally accepted that such cookies do not require a specific “Opt In” provision as long as there is an adequate “Opt Out” provision within the terms and conditions on the website. It is however generally recommended to include such cookies in an “Opt In” provision to strictly adhere to the regulations. Such first party analytic cookies must be used for first party aggregated statistical purposes only.
  1. Third Party Cookies – These cookies are installed by other sites and are much more intrusive and are essentially behavioral marketing cookies. They track information about what the user does on the internet and then will assess the website user’s preferences, interest and personal information which allows for effective marketing to that user. Article 29 Working Group is of the view that the usage of such cookies “raises important data protection and privacy related concerns” and further has noted that in order to allow the usage of such cookies a positive indication of consent is requiredTherefore the user must for example click on a button to allow the user to continue to use the website with full knowledge that third party analytic cookies are being used. As such the “Opt In” requirement is a necessity for all websites where such cookies are used. Such consent must also be revocable by the user at a later date.

Cookies - iCloud

What you need to do if you own a website in Ireland?

It appears therefore that the Data Protection Commission will be satisfied if the website contains a very obvious notice giving clear information to the website user which the user can then click through to make an informed consent. Examples of this can be seen on or Other examples of what is acceptable are splash screens, pop ups and banners across websites which are deemed to be an ‘opt in’ if the website user continues to use the website. For further information please visit the following link –
Download our Cookie rescue package! (includes pricing)

Ask us, we can help!

Contact me (Niall Geaney) if you would like me to review your cookie/privacy policy or terms and conditions for your site. I can also cover multiple countries if needed.


Guest Author: Niall Geaney

Solicitor (Patrick P. Geaney Solicitors, Dublin)
01 8531400

Co-Author: Clare Kelly

Account Manager (Gaumina Ireland)
01 5111262

Contact Clare Gaumina Account Manager if you need to implement a cookie notification on your site, or if would like to talk about your digital marketing plans or ideas for upcoming Digital projects.

Article References:

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
The Challenges of Customer Lifetime Value (CLV)

The Challenges of Customer Lifetime Value (CLV)

We all agree Customer Lifetime Value is important, but there’s not much agreement after that. This blog is about the challenges of Customer Lifetime Value (CLV). CLV is a fantastic concept but defining that value and...

Peter Rivett-Jones
Peter Rivett-Jones 24 May 2023
Read more
Exploring the Rapid Growth of Mobile App Development

Exploring the Rapid Growth of Mobile App Development

Smartphones have included mobile applications for more than ten years. The fastest-growing area of the mobile industry is the mobile app market. Only a few app developers were aware of the potential market opportunity...

Prashant Pujara
Prashant Pujara 24 May 2023
Read more
How These PIM Features can Create the Next Growth Opportunity

How These PIM Features can Create the Next Growth Opportunity

The increasing need for effective product information management solutions has become critical for businesses that sell products online. With the growing number of sales channels and the rising complexity of product...

Sudhanshu Singh
Sudhanshu Singh 31 May 2023
Read more
The Ins & Outs of Product Marketing

The Ins & Outs of Product Marketing

Product marketing is what drives products onto the market and keeps them there. Developing effective product marketing is the secret to your organization's development, expansion, and long-term success. It is a...

Pawanpreet Gill
Pawanpreet Gill 26 May 2023
Read more
Getting Your House in Order: Why Accurate Clean Local Data is the Backbone of Global Marketing

Getting Your House in Order: Why Accurate Clean Local Data is the Backbone of Global Marketing

Despite weathering the pandemic and initially seeing the green shoots of recovery, the worsening global economic situation will likely see many CMOs once again fighting hard for every penny of spend. Three-quarters of...

Marianne McKenzie Yallop
Marianne McKenzie Yallop 25 May 2023
Read more