Return to site

The New Cookie Law – What you need to know

Today is officially the first day for UK businesses to embrace the new legislation governing the use of cookies.

As of today, businesses that run websites will need to be able to show their compliance with the new law.

For non-compliance, the governing body responsible for the new law (Information Commissioner’s Office) will have the ability to impose fines of up to £500,000 although the likelihood of receiving a fine at this stage is unlikely.

What is the new law?

The new law (Privacy and Electronic Communications Regulations 2011) states that websites must provide “clear and comprehensive” information about the use of cookies – small files which allow a site to recognise a visitor’s device.

The law requires that website operators must:

  • Tell people that cookies are used;
  • Explain what the cookies do;
  • Obtain the visitors consent to store a cookie on their device.

Are there any exceptions?

If the cookies used on your website are regarded as ‘strictly necessary’ then you won’t need to obtain the visitors consent.  For example, exceptions are likely to be made if the cookie is only being used to ensure a page loads quickly or is used to track a user’s shopping basket contents.

For cookies that are used to track the user’s activity for marketing purposes and to improve conversion rates, consent will need to be obtained first before the cookie is used.

Why has it changed?

The idea behind introducing this new law centres around the problem we have with how easy personal information can be accessed and exploited.  Cookies on websites can monitor a visitor’s online activity without them necessarily knowing and some cookies can remain on a visitor’s computer for over a year.  Although they are used primarily for improving the user’s experience on a website and capturing the user’s tastes and trends for new products and promotions, the new law is designed to put a limit on how easy it is to monitor the activities of each visitor to a website.

What are the problems?

The main problem is the burden it places on small businesses to comply with the new law, especially when third-party cookies are used for embedded technology that web operators have no control over i.e. Google Analytics.

By obtaining mandatory consent to cookies used for analysing useful information for marketing purposes, businesses will no longer have an accurate picture of how effective their website is at attracting new visitors and what those visitors are looking for.

The ICO’s own research suggests this could be an issue as only 10% of its visitors agreed to accept cookies from its site.

The UK and the rest of the EU will also be at a competitive disadvantage compared to our international rivals who do not currently require full consent to cookies.

In hindsight, there could have been closer collaboration with the browser providers in order to ensure information on cookie use and storage is more readily available to the user through their browser rather than forcing the individual website to bear the cost of compliance.

What is the solution?

The ICO will be looking for websites that can show that they have taken reasonable steps towards complying with the law.  This can be covered by having a Privacy & Cookie Policy available to view on your website.

A good Privacy & Cookie Policy will cover the following points:

  • Who is responsible for collecting the data;
  • Who is responsible for ensuring the security of the data;
  • What data is collected;
  • Why the data is collected;
  • Where the data is stored;
  • What cookies are used, including the name;
  • How long the cookies are used for;
  • The reason why cookies are used;
  • How to opt in and out of the use of cookies;
  • Information on third party cookies.

The BT homepage provides an excellent example of how to obtain your visitors consent to cookies, but there are plenty of useful free tools out there that your web developer can use to get the same effect for your website.  www.civicuk.co.uk is one example.

All Posts
×

Almost done…

We just sent you an email. Please click the link in the email to confirm your subscription!

OKSubscriptions powered by Strikingly