If you have a website for business that is based in the UK you must get formal consent from every visitor to your site to place a cookie or tracking system on their computer and then to access it in the future. If you do not, you are breaking the law!
“A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is a piece of data stored by a website within a browser, and then subsequently sent back to the same website by the browser. Cookies were designed to be a reliable mechanism for websites to remember things that a browser had done there in the past, which can include having clicked particular buttons, logging in, or having read pages on that site months or years ago.
Although cookies cannot carry viruses, and cannot install malware on the host computer, tracking cookies and especially third-party tracking cookies are commonly used as way to compile long-term records of individuals’ browsing histories — a major privacy concern that prompted European and US law makers to take action.”
Cookies come in all shapes and sizes, and depending on the intrusiveness, different levels of information and consent needs to be given and obtained.
Unfortunately the law is very clear*: website owners are responsible for understanding how many cookies you have on all of your websites, determining the cookie types and disclosing to your visitors what information is collected and shared with third parties via cookies or other tracking tags. If this information is not relayed to your visitors before cookies start tracking their sites, then the website owners will be liable.
You can be fined up to £500,000(!)
The enforcement body in the UK is the Information Commissioners Office (ICO) and they have the power to fine website owners up to £500,000 for serious breaches. Most likely, they will go after the “big fish” first and there will probably be a few test cases (out of the FTSE100 companies, only 5 of them currently comply with the legislation..). However there will be a trickle down effect and eventually they will come after the small fish. If you have taken steps to audit your site and comply with the legislation then you will be in a much better position when your site is inevitably accessed.
There are many companies offering cookie auditing services and even some DIY tools that anyone can use. So audit your site and compile a list of all cookie that it uses (you’ll be surprised how many it does!).
Research the individual cookies (Google them!) and see what comes up for them – if they are very intrusive you’ll need to be clearer about what they do and gain higher levels of consent from your site visitors than if they are less intrusive.
If you have any questions and want to know more please fill in this form and get in touch![contact-form-7 404 "Not Found"]
*The Web Marketeers are not a law firm; and please do not rely on this article as a definitive guide. The Web Marketeers are not liable if you fall foul of the law after reading this article!