The EU Cookie Law
When does this come into effect?
The Information Commissioner’s Office (ICO), who is implementing this legislation in the UK, has given one year’s grace for businesses to make the necessary changes. This year ends on 26th May 2012. Not long.
Hang on - what on earth are cookies?
Cookies are small text files that the web browser places on your computer on behalf of the website you are using. They are used to store small amounts of information about your activity on a website.
Some key examples are:
*The law extends to all forms of local storage, but cookies are by far the most common form and the one the legislation is primarily targeting.
So what’s the implication for your website?
To be compliant, every site will have to ask a user's explicit permission before it is allowed to place a non-essential cookie on a user’s computer. The understanding of non-essential is a little ambiguous, but is generally taken to mean every cookie with only two exceptions:
- Cookies used by shopping carts on eCommerce sites to remember your customer’s basket contents.
- Load-balancing cookies help the server to give the user an improved web experience by allocating web resources more effectively.
To obtain permission a site is likely to use a pop-up screen that will ask the user for permission. If the user consents, a cookie will be used to remember this preference and also allow other cookies to be used. If consent is not given or is not answered either way, no cookies will be allowed. This means that the user's preference will not be stored and so the question will pop up on every single page.
Is this really going to happen? What if we just ignore it?
Non-compliance with this law carries a £500,000 fine.
Most industry folks think that this will be unenforceable. Google Analytics is a service that is entirely dependent on cookies and is installed on 90% of all websites. That’s a lot of potential legal action about to happen!
However, a spokesperson for the ICO has said that they will take various factors into consideration before they prosecute a website owner. (Source: http://econsultancy.com). The biggest concerns are when cookies are used to gather information that is then used for marketing purposes.
Also, think about how many other websites you’ve seen recently that have asked for your consent to store a cookie. We'd be surprised if you’ve come across any. That’s a lot of non-compliant websites out there that appear to be doing nothing about this law.
Virgin and BT are the only sites we have seen that are used specifically as examples of sites that do ask permission. But when they do this they have already dropped cookies onto your computer. Even after you explicitly disallow cookies they continue to drop more cookies!
Deciding not to comply involves no additional work as no changes need to be made to your website. But this does mean your site is technically non-compliant and therefore breaking both UK and EU law.
So what are our options?
To achieve full compliance we would need to do more work.
The other option is to hold off and see what happens come the deadline. General industry opinion is that nothing significant will come of this legislation. If there is a rise in legal action then there are developers who are already thinking about what they can create to make upgrading simpler and more cost effective.
Unseen and unknown costs
We think there is a far greater, intangible cost to implementing the full cookie consent. As noted above, these fully compliant sites will now have pop-ups that greet users when they arrive at a site. The user then has the option to allow or not allow cookies on the site. If the user gives consent then we hope it will not have a large effect.
But the 90% who are likely not to give consent will probably start to experience frustration at their user experience. We think this will lead to a significant drop in traffic, enquiries and sales. It will also mean that Google Analytics will be ineffective.
- More information on the law in general can be found in this blog post.
- Our second blog contains a fairly long discussion on the law and possible solutions.
Give us a ring to book it in 07595842426.