Get In Touch

Get In Touch

01202 237370

Visit Us

Bournemouth HQ

First Floor
8-10 Christchurch Rd
Bournemouth
BH1 3NA

London

10 York Road
Waterloo
London
SE1 7ND

Enquiry Form

New EU Cookie Law Introduced

  • Written By Javier
  • Posted May 26, 2011
  • 5 minutes Read Time

As you may or may not have heard (probably not, given the poor awareness that precedes most new internet “regulations”) the e-privacy directive, the new law that applies to how website owners can use cookies, came into effect yesterday (27/05/2011).

This means that, as of yesterday, if you’re a website owner you’ll need to gain “explicit” consent from your visitors if you want to place a cookie in their browser, furthermore you’ll need to provide “clear and comprehensive” information about why you want to store these cookies.

So how does this effect you?

What is a cookie?

Cookies are simple text files that sit in your web browsers and store user information, in the most part they make browsing the internet quicker and easier. They can be used to remember your passwords and to help personalise your browsing experience by displaying more relevant content based on your browsing habits.

Does my website use Cookies

If you manage an ecommerce website your site will probably use cookies to help make the browsing experience more convenient for your visitors. If your website remembers customers when so they can log into their accounts or checkout quicker  then this is done through cookies. And yes if you use Google Analytics or any other traffic tracking software then this is also done through cookies.

Does the law apply to all cookies

The new directives only target those cookies that could be deemed “intrusive” by users. With these cookie you’ll need to decide whether you’re going to have them removed, altered or what solution you’re going to take to gain consent from your visitors.

The good news is; “Strictly necessary” cookies wont be affected by the new regulations and these include those cookies that allow your visitors to add items to their shopping baskets and then continue browsing before proceeding to checkout. However the exception will not apply, to cookies used to track users or to help make the website more attractive because it remembers users’ preferences, or cookies are used to collect statistical information about the use of the website.

What will I need to do to make sure my website is legal?

Well firstly don’t panic, just yet. Given the confusion surrounding the new directive the UK government has said there wont be any “overnight changes” and the ICO (Information Commissioner’s Office) says it will give business and organisations one year to “get their house in order”. So basically the law wont be enforced and no one will be penalised for until at least this time next year.

How can I get consent?

The ICO doesn’t agree that using browser settings is a satisfactory method to gain consent so for the time being the onus is on you as a website owner.

Pop-ups – Although they can detract from the user experience, they are probably the simplest method of grabbing a users attention and asking for consent.

Settings-led consent – If your website has features such as a choice on languages then when a user chooses their preferences, they can be alerted to the fact that a cookie will be used.

Functional uses – One of the most common use of cookies is when they are used in the background, without the consent of the user, for tracking purposes. A solution could be to clearly place text at the header and footer of your web pages. However whether this is going to be accepted as “explicit consent” is a little uncertain and time will tell if this is going to be accepted by the ICO.

Tracking icons – Some big advertisers, including AOL and Google, have committed to placing recognisable icons on any ads using tracking technology.

What happens if I don’t do anything?

According by the ICO, failure to take any action before 26 May 2012 will result in a fine of up to £500,000 in the UK. However this sounds like a unrealistic figure simply being promoted to try and get website owners to take notice. It seems more than likely that a slap on the wrist followed by a “take action with 30 days” email seems more likely than a fine of half a million pounds.

Website owners are advised by the ICO to conduct a full audit of their sites to analyse what types of cookies are strictly necessary. Our advice would be to wait, if we’ve built your website we will contact you in due course when the new legislation is a little clearer and we’ll advise you what action, if any, you’ll need to take.

What will all the fuss mean to users?

The government is currently working with most major browser manufacturers to establish a browser based solution to acknowledge cookies. If common sense prevails all this will mean is that 90% of websites won’t need to do anything to comply to the new legislation and as a user you’ll just have to repeatedly click a button to acknowledge the website you’re viewing uses cookies.

If the government isn’t going to be satisfied with a browser solution then the reality is these new regulations will only be enforced by good, reputable websites and just ignored by the sort of websites they have been brought in to regulate. The end result will probably be that good websites who use cookies to enhance the browsing experience for their users become a little worse and bad websites that use cookies to intrusively market to their users will just stay the same.