The real Cookie Monster?

Here’s something you may not know: a lot of European websites are illegal*. Back in May 2011 a new privacy law came into effect. The EU-wide law requires that websites ask their visitors for consent to use most web cookies.

What are cookies?

Cookies are small text files ‘dropped’ onto a user’s machine when browsing websites. They are commonly used for things like remembering your preferences on sites, enabling you to login to secure areas (and not having to retype your password on each page), tracking visitors and lots more besides. By and large they make the internet pleasant to use – remembering things about you, so sites don’t have to repeatedly ask you for them.

Fear not – the ICO (the UK body who enforce this law) are taking a less rigorous approach to prosecuting website owners than initially feared. Clearly not all websites became 100% compliant by 25th May this year (the date from which the law would be enforced by the ICO), but it’s wise to be mindful of the new law and take steps to address it.

The ICO made a last minute change to their interpretation of the law, and now suggest that ‘implied consent’ is all that is needed. In English this essentially means that as long as you’ve warned a visitor that you’ll be using cookies, and by continuing to use your site they’ll be accepting the use of them (and you tell them how they can find out what you’re using them for) – then you’re okay to keep using them.

Video – a short, humorous explanation of the cookie law

So, what to do? There are three key recommendations website owners need to take into account to satisfy the law. Put simply, these are:

  • Audit your website and list clearly in your Privacy Policy (or similar area) which cookies your site uses, what they are used for and any links you can provide for more information about them and/or opt-out from their use.
  • Provide a clear notification to visitors that your site uses cookies, provide a link to information about the use of these cookies (see step 1 above). You could also provide a mechanism to opt-out of cookie use if possible (this isn’t essential any more though).
  • Limit your website’s use of cookies to those which are essential for business. This is a very grey area – the revenue from advertising tracker cookies could be considered essential to a business.

Our recommendation is firstly to seek legal counsel – this is a matter of legal compliance, and as a marketing agency (not a law firm) we’re not in a position to offer legal guidance. If you don’t have a legal department or legal consultants we can recommend the guys we use –

However, if you’re looking for assistance in implementing a solution to comply with your legal recommendations then we’re able to help.

We can help:

  • Audit your site – list out the cookies used on your website.
  • Create a Privacy Policy regarding cookie use – once you have a list of the cookies in use, we can work with you to explain their use in plain English, and where possible link to places for more info and/or to facilitate opt-out from the use of these cookies.
  • Implement a notification – we can work with you to develop a notification device, whether this is a pop-up, interstitial page or reveal section on the homepage. You can see ours on the left of our homepage – not so intrusive is it?

More information can be found at the following locations:

*ok, so the current estimate is that over 90% use cookies and don’t make this clear to visitors. That’s a lot though!