Call 0845 485 1219

Ben Norman

Everything You Need To Be Cookie Law Compliant

3rd May 2012 Brand | 7 Comments


CookiesThe new EU cookie law is due to come into effect in the UK on 26th May 2012. The Law has been in effect for over a year in the rest of the EU but the UK was given a one-year extension to conform.

Who is responsible for it?

ICOThe Information Commissioners Office (ICO) are responsible for enforcing the UK law and have the power to issues website owners fines up to £500,000 for serious breaches.

Who needs to conform?

The new EU Cookie Law applies to all countries within the EU, which is quite obvious, but what isn’t really that clear is that even countries outside of the EU may also need to conform.

For example if you are a website in the USA (or any other country) but you are targeting / selling to people in the UK you would also need to comply. This, I believe, will be one of the biggest hurdles for the ICO when it comes to enforcing the new rules.

Video Guide

To help get you ready for the law, we’ve put together a video guide. Alternatively you can browse the key points below:

What this means:

This means that before 26th May 2012 you will need to have something in place where you make it clear to your website visitors a chance to opt in (consent) rather than opt out (remove consent). You also need to tell them what cookies you are collecting and what you are using them for along with their degree of intrusiveness.

panic

How websites gain consent is open to interpretation but it could mean anything from clicking a button, subscribing to the website’s service or dismissing a banner, toolbar or popup. There is also ambiguity over whether the consent needs to be gained prior to any cookies being set.

Not all cookies are baked the same:

Some cookies do not require consent to be gained; these are cookies that are strictly necessary for the site to function and are classed as ‘essential':

  1. Essential Cookies are cookies that are strictly necessary for websites to serve their function such as cookies for shopping baskets, log-ins and security.
  2. Non Essential cookies are used for advertising such as affiliates, tracking and analytical purposes too.

What you need to do:

  1. Read the Guidance on the new cookies regulations from the ICO
  2. Check what cookies your website is using, we like Ghostery but other plugins are also available
  3. Update your privacy / cookie compliance policy to include a list of your cookies (for example Department for culture media and sport and GOV.UK) including what they are used for and you must ensure your privacy policy is easy to find.
  4. Pick a solution to use to gain consent (we have listed some below that we like)
  5. For goodness sake test to ensure your site still works in different browsers when you finish

3 Solutions:

  1. Cookie Control – This is our choice for compliance due to the customisations you can make to it and also it is totally free. They have different plugins for WordPress, Drupal 7 and Magento not to mention a standard website version which features a menu in the bottom of the website. But the main reason we love them is they support it very well and we even had a call with them to sort a issue we ran into, now that is service!
  2. Cookie OK – If you have a WordPress website and are looking for a simple WordPress plugin with a top banner display then this plugin could fit your needs.
  3. The Cookie Collective is a managed system where for a yearly fee it updates and alerts you to changes in your cookies so you can make the required amends.

Why I believe the ICO have got it all wrong:

I believe that they have got this all wrong, I understand the arguments for privacy and making things clear for website users with regards to what information is being stored, and what it is used for. But I disagree with how it is being implemented as I believe that the majority of website owners won’t even have a clue about the new law and their requirement to conform to it.

It is also unlikely to solve the problem – they are trying to improve security ( as well as privacy) for web users but I think it is unlikely anyone with harmful cookies is going to implement a consent option.

An easier solution:

Wouldn’t things be so much easier if the very few browsers in use today just had a simple feature that managed cookie compliance? That way users could do as they do today and say “hey  just want to surf and im not interested and don’t want to be bothered with all this” or “actually I don’t want to share this information sign me out to everything” or even “Mr browser please let me pick my preference site by site or cookie by cookie”.

This way on every site it would be clear not just on the ones who either a) care or b) know about the new law, as I believe you will see well under 10% of websites conform to this or make any effort to conform. It is also very likely this will only be big companies scared of the ramifications and big fines. Because really are the ICO going to go after a two page mom and pop site with no revenue because they don’t conform? I don’t think so.

We will be using Cookie Control for the Koozai website and are ready to go live with it on the 25th, so what will you be doing to conform? Or will you not? I would love to know so either comment below or tweet me.

Image Source

Freshly baked chocolate chip cookies via BigStock

Share this post

About the author

Ben Norman

CEO and Founder of Koozai, Ben Norman has extensive knowledge of search engine marketing. A regular writer on the subject, Ben’s first book, ‘Getting Noticed on Google’ has sold over 50,000 copies. Ben’s comprehensive knowledge is written in a straightforward and easily understandable way; be sure to read his sought after contributions on the future of Koozai.

7 Comments

What do you think?

Digital Marketing Ideas Every Month

Sign up to receive our free monthly email. Including our favourite pieces of news from the digital marketing industry.

From SEO to PPC, Social Media to Brand Management and Analytics, we'll keep you informed.