The Privacy and Electronic Communications Directive 2002/58/EC is a set of rules passed in 2002 and amended in 2009 that govern data protection and privacy in the EU.
The ePD — or EU Cookie Law — requires that a website obtains its user’s consent before storing cookies, other than those deemed strictly necessary, in the user’s browser.