How the European Commission disrespects its own cookies directive

The most popular interpretation of the cookies directive is that websites should warn about cookies that are not essential for the operation of the websites. For instance, a cookie set to keep the items in your shopping cart is essential for the operation of an online shop and users should not be warned. If the cookie is set to track user activity for marketing purposes (e.g. by Google Analytics for targeting ads) — that's not essential, and the user should be warned.

The main website of the European Commission sets cookies to store information on surveys. This is not essential to the operation of the website, so technically they should warn about it. Bit they do not. OK. that's a small problem, they are almost clean… on sufrace.

If you look a little bit further, you'll see that parts of ec.europa.eu set Google Analytics cookies for the whole ec.europa.eu domain. For instance, EURES homepage sets Google Analytics cookies __utma, __utmb, __utmc and __utmz for everything at ec.europa.eu, as well as a couple of other cookies for itself,  such as eures_client_nr and piwiki_visitor, as well as a EURES_SESSIONID.

So, if you go to the EURES homepage, then back to the main website of the European Commission — you'll be tracked by Google Analytics and you won't be warned about it, which looks pretty much like a violation of the letter and the spirit of their cookies directive.

P.S. The website of the European Parliament does not give even bother hiding the fact that they track users and sets Google Analytics cookies straight away on its homepage.