If ibuprofen sales are up in the EU this year, it might have something to do with the nightmare known as the EU cookie law.

For major companies operating in affected countries, the solution to the problem has been, well, to find a solution to the problem. And for good reason: with the possibility of enforcement action, few businesses can afford not to address the law.

But apparently the EU itself can’t be bothered with complying with its own rules.

As reported by ZDNet’s Zack Whittaker, websites for EU institutions like the European Parliament and European Commission are still using cookies, but they’re not in compliance.

Whittaker writes: 

On all European Union institution websites, you will be lucky to find a single page that asks the visitor for permission to set cookies. But they’re using them all the same. 

Although there’s an argument to be made that (technically) these EU institutions may not be covered by the cookie law, that argument probably doesn’t hold water. As Stewart Room of Field Fisher Waterhouse LLP explained to ZDNet:

The EU is bound by the 2001 Data Protection Regulation (45/2011) — not to be confused with the draft Data Protection Regulation 2012 — and there are strong grounds to suspect that some parts of the EU’s cookie use constitutes the processing of personal data.

Some agencies appear to be aware that the rules apply to them, and are surprised that they’re not in compliance. “If there is proof of a part of the EU institutions not being transparent about cookies, please let us know, so we can work to address it,” a spokesperson for the Digital Agenda Commissioner told Whittaker.

The irony here is laughable, but also sad. Legitimate businesses wanting to stay on the right side of the law have spent significant amounts of time and money dealing with the EU cookie law, which isn’t the first headache-inducing law the EU has implemented and almost certainly won’t be the last.

But if the EU itself won’t abide by its own laws, some might eventually ask: should anybody?