Its the Law!
On 26th May 2011 (yes that’s right 2011!) the EU Cookie Law cam into effect, many people were not aware of it, but the law is already in effect in the UK. However The Information Commissioners’ Office (ICO), the UK regulator, gave everybody a one year ‘grace period’ before they start enforcing it.
That grace period expired on May 26th 2012.
From that date, if you are not compliant or visibly working towards compliance, you run the risk of enforcement action, which can include a fine of up to half a million pounds for a serious breach.
The Cookie Law Explained
The Cookie Law is a (new) piece of privacy legislation that requires websites to obtain consent from visitors to store or retrieve any information on a computer or any other web connected device, like a smart-phone or tablet.
It has been designed to protect online privacy, by making consumers aware of how information about them is collected by websites, and enable them to choose whether or not they want to allow it to take place.
It started as an EU Directive that was adopted by all EU countries on May 26th 2011. At the same time the UK updated its Privacy and Electronic Communications Regulations, which brought the EU Directive it into UK law.
Each EU member state has done or is doing the same thing. Although they all have their own approach and interpretation, the basic requirements of the directive remain the same.
What are these cookies anyway?
Well for a start they are not the chocolate chip variety, these Cookies are little files that almost all websites use as a kind of memory. They are stored in your browser and enable a site to ‘remember’ little bits of information between pages or visits.
They are mostly used to make the web experience better, like automatically logging you in to a site on return visits, or remembering settings like text size.
Most websites also use some kind of visitor tracking, like Google Analytics, to measure site performance, and this will also use cookies in most cases.
However some cookies are used to collect information across websites you have visited and display content and advertising based on this data.
This use of ‘third party tracking’ cookies in particular is what the EU wants to raise awareness of with the new law. By requiring websites to inform and obtain explicit consent for cookies it aims to give web users more control over their online privacy.
To find out lots more about cookies in general and the different types, take a look at Cookiepedia – a new information resource dedicated to all things cookie related.
So where are these nuts!
Ahh I knew you would be waiting for this bit, well the way that the cookie authorisation is implemented on your site needs a lot of consideration as it could reduce your traffic, something that you need to be very conscious of when talking with your developer.
You are required to inform your visitors that you use cookies however you may find that informing them that by continuing to use the site they accept the usage of cookies an “implied” consent may be better than an “express” consent where you display a STOP pop-up or page that they have to accept before viewing your site, when the ICO implemented an express consent method they saw a 90% drop in traffic which to small businesses is a lot of potential revenue.
So with your newly found knowledge of cookies be sure to make your implementation choice carefully, but be sure you implement ASAP if you have not done so already!
