From 26th May 2012 user consent must be sought for websites using cookies
What are Cookies?
Cookies are little files that almost all websites use as a kind of memory. They are stored in your browser and enable a site to 'remember' little bits of information between pages or visits.
They are mostly used to make the web experience better, like automatically logging you into a site on return visits, or remembering settings like text size.
However some cookies are used to collect across websites you have visited and display content and advertising based on this data.
This use of 'third party tracking' cookies in particular is what the EU wants to raise awareness of with the new law. By requiring websites to inform and obtain explicit consent for cookies it aims to give web users more control over their online privacy.
What is the Cookie Law?
The Cookie Law is a new piece of privacy legislation that requires websites to obtain consent from visitors to store or retrieve any information on a computer or any other web connected device, like a smartphone or tablet.
It has been designed to protect online privacy, by making consumers aware of how information about them is collected by websites, and enable them to choose whether or not they want to allow it to take place.
It started as an EU Directive that was adopted by all EU countries on May 26th 2011. At the same time the UK updated its Privacy and Electronic Communications Regulations, which brought the EU Directive into UK law.
Each EU member state has done or is doing the same thing. Although they all have their own approach and interpretation, the basic requirements of the directive remain the same.
Almost all websites use files called 'cookies' which store information in peoples' web browsers when they visit the site.
There are other technologies, like Flash and HTML5 Local Storage that do similar things, and these are also covered by the legislation, but as cookies are the most common technology in use, it has become known as the Cookie Law.
Cookies are used in many different ways on the web, the vast majority of them beneficial to visitors.
This includes tracking people across the sites they visit, and using this information to display more targeted advertising. Some people are not comfortable about this happening without their permission.
If your business has a website, you will almost certainly need to make changes to it to comply with the law.
Many people are not aware of it yet, but the law is already in effect in the UK. However The Information Commissioners' Office (ICO), the UK regulator, gave everybody a one year 'grace period' before they start enforcing it.
That grace period has expired now, as of May 26th 2012.
From that date, if you are not compliant or visibly working towards compliance, you run the risk of enforcement action, which can include a fine of up to half a million pounds for a serious breach.
What should you do?
The ICO have produced guidance for website owners who want to become compliant. They have written a long document about it, but in summary it is:
- Audit your site to find out what cookies you have.
- Find out what these cookies are used for, and which ones you need to get consent for (there are some exemptions)
- Work out how to get consent from your visitors to set cookies on their internet device.
Contact us to get cookie compliant on your website.
Please add a comment
Your email will not be publicly displayed.