A Big Welcome To Our New Senior Web Developer: Darshana Wijesekara
April 10, 2012
Search Engine Optimisation 101: Onsite SEO
May 8, 2012

The UK Cookie Law – What You Need To Know Before The 26th May

The UK is the first EU country to bring in the EU Directive on cookies, which will become legally binding on the 26th May 2012.  This draconian legislation (last rant I promise) puts a new compliance requirement on website owners, including the owners of sites with content or services delivered by third parties, that requires websites to obtain informed consent from visitors before they can store or retrieve any information on a computer or any other web connected device, through the use of cookies of other tracking and information storage devices. The new legislation will be enforced by The Information Commissioner’s Office (ICO) in the UK.

What this means

If you have a website for business that is based in the UK you must get formal consent from every visitor to your site to place a cookie or tracking system on their computer and then to access it in the future. If you do not, you are breaking the law!

So what is a cookie?

From Wikipedia

“A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is a piece of data stored by a website within a browser, and then subsequently sent back to the same website by the browser. Cookies were designed to be a reliable mechanism for websites to remember things that a browser had done there in the past, which can include having clicked particular buttons, logging in, or having read pages on that site months or years ago.

Although cookies cannot carry viruses, and cannot install malware on the host computer, tracking cookies and especially third-party tracking cookies are commonly used as way to compile long-term records of individuals’ browsing histories — a major privacy concern that prompted European and US law makers to take action.”

Examples of common cookies

  • Google Analytics and other website tracking systems
  • Facebook and other website login systems
  • E-commerce shopping carts
  • Recently viewed pages on a website
  • Advertising banner tracking
  • Browsing behaviour tracking

Cookies come in all shapes and sizes, and depending on the intrusiveness, different levels of information and consent needs to be given and obtained.

So what does this mean for my business?

Unfortunately the law is very clear*: website owners are responsible for understanding how many cookies you have on all of your websites, determining the cookie types and disclosing to your visitors what information is collected and shared with third parties via cookies or other tracking tags. If this information is not relayed to your visitors before cookies start tracking their sites, then the website owners will be liable.

So what can happen if I break the law?

You can be fined up to £500,000(!)

The enforcement body in the UK is the Information Commissioners Office (ICO) and they have the power to fine website owners up to £500,000 for serious breaches.  Most likely, they will go after the “big fish” first and there will probably be a few test cases (out of the FTSE100 companies, only 5 of them currently comply with the legislation..).  However there will be a trickle down effect and eventually they will come after the small fish.  If you have taken steps to audit your site and comply with the legislation then you will be in a much better position when your site is inevitably accessed.

Making Sure You Comply

The first step – Audit your site

There are many companies offering cookie auditing services and even some DIY tools that anyone can use.  So audit your site and compile a list of all cookie that it uses (you’ll be surprised how many it does!).

The second step – Assess  these cookies against the legislation.

Click here to go to the (lovely, well-designed) ICO site.

The third step – Research

Research the individual cookies (Google them!) and see what comes up for them – if they are very intrusive you’ll need to be clearer about what they do and gain higher levels of consent from your site visitors than if they are less intrusive.

The fourth step –  Act

Inform your visitors about the cookies and gain their consent to use cookies.  There are a variety of different methods available; do some research and see what works for you and your website.

If you have any questions and want to know more please fill in this form and get in touch!

[contact-form-7 404 "Not Found"]

 *The Web Marketeers are not a law firm; and please do not rely on this article as a definitive guide.  The Web Marketeers are not liable if you fall foul of the law after reading this article!

Comments are closed.