EU cookie law and your website

Make sure your cookies comply with EU lawThe EU Cookie law came into force in the UK on 26 May 2011.

In a nutshell, the law, which comes from an amendment to the EU’s Privacy and Electronic Communications Directive, means that UK businesses and organisations that run websites in the UK must have consent before storing and retrieving information on the computers of visitors to their websites.

A commonly-used device for storing or retrieving information on computers is a cookie.

What is a cookie – and how does it work?

A cookie is a file that stores website names and unique user IDs and is used to track web visitor browsing habits and user preferences.

When a visitor comes to your website for the first time, a cookie is downloaded onto that visitor’s computer.  The next time that customer visits your website, his/her computer will check the site and send information in the cookie to your website.

The cookie helps your website by telling it whether a visitor has been to your website before.

Depending on how sophisticated the cookie is, it will track how long that visitor spends on each page of your site, or hold information about items stored in a visitor’s shopping cart on your site.

What’s wrong with website cookies?

The main issue with cookies is privacy.  Web users should be given the option to decide whether or not their details can be stored or used, and until now, website users have not been given that choice.

UK sites now need to obtain explicit consent before storing cookies on a person’s computer.

No need for panic – in the UK

The Information Commissioner’s Office (ICO) has drawn up advice to help companies and organisations take practical steps that will keep them on the right side of the new law.

Since the new law was announced, there has been one major change to how the legislation will come into force.  More time is needed to find ways to enhance existing technology to make it easy to get ongoing cookie permissions.

The ICO has therefore announced that it will give UK websites twelve months to comply before it enforces the EU cookie law.

ICO advice to UK website owners

  • Check what type of cookies and similar technologies you use and how you use them.
  • Assess how intrusive your use of cookies is.
  • Decide what solution to obtain consent will be best in your circumstances.

For more information on how to make sure your website complies with the new rules, visit the ICO website to view the full list of recommendations.

Cookies and your content strategy

Set up or amend your website content strategy, scheduling in dates when you will implement the changes to your website to make it compliant:

  • Plan in the cookie changes carefully so that you give yourself enough time to test them before they go live.
  • Schedule in changes to your terms and conditions content so that your web visitors have information about the changes, and how they relate the use of cookies on your website
  • Publish information about how users can register or sign up to give their consent to the use of cookies.
  • Be prepared to revise your cookie-related content to make sure it is clear, can be readily understood and is easy to find.

Post written by DEBBIE THOMAS on 26 May 2011.