Home News & Insight Does your site comply with EU Cookie Legislation?

 

Does your site comply with EU Cookie Legislation?

Posted by
Alan Cantes
15th Nov 2011

Posted in the
Legal
Web Design
category

Does your site comply with EU Cookie Legislation?

New EU Legislation, dealt with by the Information Commissioner’s Office (ICO), and governing the use of ‘cookies’ came into force on the 26th May 2011 and require that users give “explicit consent” to a website before it can use cookies. It’s an attempt to rectify data privacy concerns that cookies are being used to reveal too much detail of user browsing habits.

What is a cookie?

Simply put, a cookie is a small text file that may be used to store user preferences, shopping basket contents, personalisation options, and tracking information. They are placed on your computer by a web browser during a visit to a given website. You can find a lot more about cookies at this Wikipedia article.

How Does This Legislation Affect My Website?

In theory, every website that uses cookies is required to inform the visitor on first entry to the website that the site uses cookies, and receive their consent to continue to do so. Failure to give consent would either mean offering that user a cut-down website or a complete barrier to entry, depending on the mechanics of the site in question.

In nearly all website projects, we utilise a fantastic piece of software called Google Analytics to anonymously track how many visitors look at a given website, which pages they view, how long they stay on the site, and so forth. It stores what is known as a third-party cookie on each visitor’s computer to accomplish these features, and as a very popular software application from the world’s largest internet technology company, it is likely that Google is working at adapting for compliance with the new regulations.

Cookies are also used on many E-Commerce websites to temporarily save items that a visitor has opted to purchase in a holding area known as the shopping cart or basket. WIthout cookies being set to ‘on’, the items couldn’t be stored in the basket and therefore couldn’t be purchased in many cases. Thankfully, in this regard The ICO seems to be using some common sense, and they offer an exception to the regulation where they deem that the cookie is ‘strictly necessary for a service requested by the user’. We believe that cookies for E-Commerce as described above are a valid case in point.

Further Reading

The regulation changes surrounding cookies will be phased in until the 25th May 2012 to give websites in question time to implement any necessary changes. If the ICO receives a complaint about a website, they can ask for a response from that company to explain how they are working to achieve compliance.

For now, the ICO advises that website owners take the following steps:

  1. Check what type of cookies and similar technologies you use and how you use them.
  2. Assess how intrusive your use of cookies is.
  3. Decide what solution to obtain consent will be best in your 
circumstances.

The following PDF document from the ICO provides a good guide on the regulation changes.
ICO-Cookie-Regulations-Advice.pdf

Of course, it should be noted that my thoughts above are meant for guidance only. Each individual case is different and we would be happy to provide assistance is resolving any specific compliance issues you may have.

Image courtesy of jayneandd on Flickr.

Search news by key phrase

Search news by category