There is a strict cookie law in the European Union stating (source: www.ico.gov.uk):
Information to be provided
Cookies or similar devices must not be used unless the subscriber or user of the relevant terminal equipment:
(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and
(b) has given his or her consent.
And also stating:
Exemptions from the right to refuse a cookie
The Regulations specify that service providers should not have to provide the information and obtain consent where that device is to be used:
(a) for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network; or
(b) where such storage or access is strictly necessary to provide an information society service requested by the subscriber or user.
Not everybody knows that social media buttons (provided by social media networks) set cookies and track user behavior. We are talking about the standard Facebook-Like button (or Twitter/Google+/LinkedIn/etc) buttons you see under almost every post on a blog. Clicking these buttons register that the reader liked the post. This may be beneficial for the writer of the article, because this way the article is spread faster. Unfortunately the buttons also transmit information to the social media networks when the reader did not click them. This is not communicated to the reader, but also not necessary to provide the requested service and thus in violation of the cookie law.
A solution is described in the (German) heise.de article 2 clicks for more data protection. It makes you click twice: once to enable the button and the second click is the actual “like” or “recommend”. This is a very user-friendly solution that we have enabled on our website (as you can see below).
For more information you may want to read the (hard to understand) cookie directive (source: eur-lex.europa.eu):
(66) Third parties may wish to store information on the equipment of a user, or gain access to information already stored, for a number of purposes, ranging from the legitimate (such as certain types of cookies) to those involving unwarranted intrusion into the private sphere (such as spyware or viruses). It is therefore of paramount importance that users be provided with clear and comprehensive information when engaging in any activity which could result in such storage or gaining of access. The methods of providing information and offering the right to refuse should be as user-friendly as possible. Exceptions to the obligation to provide information and offer the right to refuse should be limited to those situations where the technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user. Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user’s consent to processing may be expressed by using the appropriate settings of a browser or other application. The enforcement of these requirements should be made more effective by way of enhanced powers granted to the relevant national authorities.