Is your website a cookie monster?

Share


EVERYONE with a website seems to be talking about the new EU Cookie Law, despite very few businesses having a firm grip on what’s expected of them and how best to avoid the quoted £500,000 penalty for breaching the rules.

If you’ve found yourself caught up in cookie confusion, the first thing to understand is that the rules aren’t really new at all. In fact, they were introduced in 2011, with the powers that be (in this case the Information Commissioner’s Office) giving everyone a year to get their websites in order. Despite big figures being thrown around the internet, the ICO has already said it’s “most unlikely” that fines will be meted out at this stage.

So, there’s no need to panic just yet… the most important thing is getting to grips with everything you need to do to ensure your website is ticking all the boxes it can in order to meet the regulations.

What are these cookies anyway?

If you’re not completely clued up when it comes to cookies, here’s a simple outline of what they are, how they work and why the government wants to restrict their use:

In short, cookies are little text files used by websites to remember their visitors. There is, of course, an option to block all cookies with your browser, but this has historically made some websites difficult – or impossible – to use.

The laws, enforceable from May 26 2012, means website visitors must give their consent to the use of cookies, unless a limited exception exists.

In its guidance to businesses, the ICO states: “At present, most browser settings are not sophisticated enough to allow you to assume that the user has given consent to allow your website to set a cookie. Also, not everyone who visits your site will do so using a browser.  They may, for example, have used an application on their mobile device.  So, for now we are advising organisations which use cookies or other means of storing information on a user’s equipment that they have to gain consent some other way”.

The guidance continues: “You need to provide information about cookies and obtain consent before a cookie is set for the first time.  Provided you get consent at that point, you do not need to do so again for the same person each time you use the same cookie (for the same purpose) in future”.

If you want to find out more, the ICO has put together a blog and short video to answer some of the most common questions; you can find it here.

How do I comply with the cookie laws?

The first step is to understand what kind of cookies you use on your site, and how you use them. From there, you should be able to analyse which cookies are absolutely necessary and might not need consent; you should also be able to work out which cookies are no longer needed and make a judgement call on how intrusive your cookies might be.

In order to comply with regulations, you need to state exactly how cookies are used on your website. Web domain company Namesco has come up with some useful advice and recommends that cookie-enabled sites should:

  • include a link to your privacy policy on all pages;
  • explain in that policy how and why you use cookies; and
  • include a link in your policy to www.aboutcookies.org so that your visitors can access instructions on deleting and controlling cookies.

Namesco advises that your privacy policy should explain, for example, that you use cookies to count visitors to your website. If you facilitate the delivery and reading of third party cookies on your website, that should also be addressed. The third parties should be identified; for example, if you use any third party advertising on your website and, if you use Flash cookies, they should also be addressed.

Guidance from the ICO suggests a number of different methods for obtaining user consent, but encourages businesses to work towards their own solution. To make life as easy as possible for you, here’s a summary of the ICO’s suggestions:

  • Use pop ups or similar to ask for consent (although Namesco’s blog points out that pop ups are discouraged by Web Content Accessibilty Guidelines)
  • Gain consent by using terms of use or terms and conditions.
  • Enable preferences that users choose when visiting your website as a means of gaining consent.
  • Interactive features, such as videos, that remember how users personalise their visit to your website, can also determine user consent.
  • If you use analytic cookies to gather information about how people access and use your website, it may be possible to add a footer or header to a web page containing text.
  • If your website allows a third party to set cookies, it is more difficult to obtain consent.  Initiatives that seek to ensure that users are given more and better information about the use of information should be used. Anyone whose website uses or allows third party cookies must ensure that the correct information is delivered to users so they can make their own informed choices.

How will the cookie laws be enforced?

It’s not entirely clear how the rules might be enforced although, as pointed out earlier in this article, it’s highly unlikely that the ICO will start penalising website owners right away and without giving them ample opportunity to comply. According to itpro.co.uk, ICO deputy commissioner and director of data protection David Smith had this to say: “The moratorium on enforcement action comes to an end, but please don’t read that [as] the Information Commissioner’s Office is going to launch a torrent of enforcement action.

“What it really just means is that complaints about websites that don’t get consent go into the normal processes we would take in assessing whether to use our powers.”

He added: “We’re not about enforcing the letter of the law for the sake of the letter of the law. We cannot and do not rule out [issuing fines], but it is most unlikely that breaches of the cookie requirements will meet the criteria we have to satisfy before we can impose a penalty.”

  • Has this blog been helpful? Please do leave us a comment and share it with your friends and social media sites. Thanks – Team Tiger.

 

 

 

Share
This entry was posted in business, cookies and tagged , , , , , , . Bookmark the permalink.

3 Responses to Is your website a cookie monster?

  1. Wow! Finally I got a website from where I can really get useful information concerning my
    study and knowledge.

  2. The world is very small compared to other online games.
    World of Warcraft, the biggest name in the
    field of MMO (massively multiplayer online games) have always captured the
    interests of the gamers and have never disappointed them with
    their game offerings. Just bookmark this one web page, the Wo – W resource site, and have hyperlinks to Wo – W armory,
    Wo – Wstead, best in slot, arena junkies, just my two coppers, petopia, and more.

    my web blog; free wow tcg loot

  3. Rosemarie says:

    That is very attention-grabbing, You are an excessively professional blogger.
    I’ve joined your feed and look forward to
    in search of extra of your fantastic post. Also, I’ve shared your web site in my social networks

Leave a Reply

Your email address will not be published. Required fields are marked *