On May 26th 2011 a new EU originated law came into effect that requires website owners to make significant changes to their sites and may fundamentally change the whole web browsing and shopping experience for everybody.This Cookie Law is amended privacy legislation that requires websites to obtain informed consent from visitors before they can store or retrieve any information on a computer or any other web connected device.
What is Cookie Law?
What people refer to as the ‘cookie law’ is a new piece of privacy legislation that requires websites to obtain consent from visitors to store or retrieve any information on a computer or other web-connected device, like a smartphone or tablet. It has been designed to protect online privacy by making consumers aware of how information about them is collected by websites, and enabling them to choose whether or not they want it to happen.
It started as an EU directive adopted by all EU nations on 26 May 2011. At the same time, the UK updated its Privacy and Electronic Communications Regulations, bringing the directive into law.
Requirements & Responsibility
Many people will be unaware that the law is already in effect in the UK. However, the UK’s regulator, The Information Commissioner’s Office (ICO), gave everybody a one year ‘grace period’ before enforcing it. That grace period will expire on 26 May 2012.
This sounds scary, but nobody will be serving legal papers at 12.01am on 26 May over cookie compliance. In many ways the cookie law is a natural extension of privacy practices websites already use.
Auditing your website
We have a duty of service to advise our customers what is required and although through this new government legislation. We are only offering the audit and resolve services to customers who have had websites built by us, however if you are hosted with us and have your own website, contact us on 0800 756 9975 to see if we can help
We will perform a website audit for £85 + vat which will identify what cookies are in use on your website. All customers running our e-commerce websites will be using cookies, but this may not be all they are running. 3rd party cookies must be identified and published so that your customers know exactly what you are tracking and retaining. Once we know what is in use, we can advise you what the best course of action is
Possible Action & Potential Costs
- Explicit Opt in / Opt Out
- Assumed Compliance
Here’s a simple breakdown of how to go about categorising cookies:
- Zero compliance risk or ‘strictly necessary’ cookies Always first-party and not persistent. These include functional navigation and user session cookies for shopping baskets.
- Low compliance risk Always first-party and may be persistent. These cookies include accessibility options for visually impaired users and, arguably, analytics cookies.
- Medium compliance risk Usually first-party and persistent. These might be used to store personally identifiable information, or limited cross-site tracking, in order to present content based on previous visits. Another good example is the Facebook Like button.
- High compliance risk Third-party and persistent. These are mainly used to track and record visitor interests without prior consent, and aggregate this data for use by third-parties, normally advertisers. This also includes cookies set through the provision of embedded content which is not ad-related, such as Google Maps and YouTube videos.
We are NOT Lawyers, we are web developers
We can not accept any liability as a result of any issues which arise from your website compliance! We have sites which were built 12 years ago, way before this came to light. We are proactive in monitoring the situation and will post updates to this blog to advise our customers, how to best handle it. For many, it may be something they can’t handle themselves and need us to do for them. If this occurs, we will charge based on the time spent to implement required functionality in relation to this new EU cookie law
It’s vital to comply with regulations, but there’s flexibility built into the UK cookie law enabling various responses to a range of compliance risks. Take practical steps to comply and the chances are you’ll be compliant; it’s that simple. Doing nothing is the worst thing you can do right now.
Order Cookie Audit