On May 26 a new European Law came into effect in Britain. Nicknamed the cookie law, it effects nearly every British website. I am no lawyer and thus can not give any legal advice, however I can explain a little more about the law and show what other websites are doing to implement it.
What is a cookie?
– An e-commerce cart and checkout process
– Web analytics (such as Google Analytics)
– A comment system on a blog
– Signing into a website
– Filling out forms on a website
– Remembering preferences on a website
What is the new law all about?
The new law has been designed to protect the privacy of web users. It dictates that users must “consent” to cookies being used on your site. The simple way to do this would be to have pop up asking new users if they consent to cookies being used for the functionality of the website.
Another, slightly more vague method, is complied consent. The guidance notes for the ICO (Information Commissioners Office) included the following…
“Information Commissioner’s guidance made it clear that although an explicit opt- in mechanism might provide regulatory certainty it was not the only means of gaining consent. In some circumstances those seeking consent might consider implied consent as an option that was perhaps more practical than the explicit opt-in model.”
What are other companies doing?
The majority of websites are ignoring the new EU legislation. In fact most of the websites belonging to the government have not implemented the new law yet. The Telegraph recently reported that four out of five British businesses ignore the new laws and don’t make any changes to their website.
This is down to the vague nature of the new law. It seems that large organizations are likely to be the first to be targeted for not being clear about cookies. Because of this, many smaller organizations and businesses are waiting to see how the law is implemented before they make changes to their websites.
However some websites are already starting to make changes to their website.
BT have opted for a popup box to tell their users about cookies and give them the option to accept or change the settings.
John Lewis have taken a less direct approach by adding a box to their homepage that links to a page about privacy and cookies.
Which Cookies Does My Site Use?
The best way to find out which cookies your website uses is by conducting a cookie audit. Some websites will try and charge you to do this but it’s not too hard and you can do it yourself.
There are various pieces of free software and extensions in firefox and chrome that guide you through this process and help you find which cookies your website uses (one example for Chrome is found here). Some web browsers make a list of cookies accepted from your website that can be viewed under tools.
How Can I Comply?
What Will Happen If I Don’t Comply?
That’s a hard question to answer and even the ICO (the organisation which will be implementing this law) are unclear about the answer. In the video below they hint that letters may be sent out to website owners that don’t comply, giving them guidelines on how to implement changes. Below is the video from the ICO website.
You can find the guidelines the ICO provide by clicking here. If you need any more information or help implementing the new law, feel free to get in touch via our contact page.
A 2015 Update: