by Iain Wilson
It's almost a year since the EU Cookie Law was introduced. It requires website owners to get an 'opt-in' approval from their visitors if the website uses 'cookies'.
The regulators (Information Commissioners Office in the UK) have given website owners a year's grace to look at compliance. That grace period ends on 25th May 2012. So you may need to take some action to make sure your site is compliant.
Cookies are small text files that websites store on computers. They can contain information for just about anything but typically they are used to store things like login information, shopping cart information and web analytics. They're needed so information can be preserved between webpages - for example, to remember who is logged in. Without cookie technology, it would be almost impossible to do some things we take for granted on websites.
So what is the legislation trying to address? Well, it is really all about privacy. The EU legislators do not want websites storing (and using) information about users' personal web browsing history, sites visited, shopping and anything else, without them having agreed to it.
And that is a worthy goal. Do you want Google deciding you should see adverts for an item that you looked at on a website three days ago? Or Facebook logging details of what you post and who you interact with? Probably not.
So it makes good sense to get people to say it is ok or not. However there are a few difficulties with implementation of this. Ultimately, it is believed that the opting in/out will be handled by the browsers, and there is much discussion with the browser developers going on. But it will be some time before there is any results on that front. So the way that consent will be requested will have to be from the webpage(s).
The main percieved problem with this is the user experience.
The legislation also describes how some cookies may be deemed 'necessary' and won't require consent for usage - but don't prescribe what the 'necessary' cookies are in any detail. Having said this, in the examples above it is generally agreed that necessary cookies could be shopping cart and login type cookies, while website statistic cookies would not.
So what should you do? Well, it is law so you shouldn't ignore it - the law covers fines of up to £500,000. What you should do is find out if cookies are being used on your site - there are plenty of browser plug-ins that will let you see which cookies are coming from your site.
Then you need to decide if these are necessary or not. If they are not and you want/need to keep them, you will need some mechanism to ask for consent. It is unlikely this is something you can do yourself, so you will probably need the help of your friendly web developer.
comments powered by Disqus