Right now your business website could be breaking the law. Unless of course you were already aware of EU cookie law that was passed by UK Government and the Information Commissioners Office (ICO). The reason there is a lot of fuss now is that a years grace was allowed to ensure businesses had time to comply. That grace period is now coming to an end, the deadline is 26 May 2012 – after that websites which don’t comply could be fined up to £500,000!
Trouble is, there are far too many companies that are still unaware of the requirements. To comply, your website must tell each visitor that cookies are in use!
Before we go any further, lets just explain what a cookie is…
A cookie is a small amount of information that is passed from the remote website, to your browser and eventually stored on your computer. That information can be anything, from username (that’s how they remember you visited before) to preferences such colours or layout etc. Advertising banners can also leave cookies, they can track your visits across web. This also applies to ‘Flash Cookies’, those left by Adobe Flash.
The perceived problem is that cookies can be used to invade your privacy. Indeed that can be done but they are also used to track how many visitors arrive at a site, eCommerce sites use them for your shopping basket. What the EU Cookie law is trying to do is force transparency and choice. They want visitors to be aware of the cookies and given the choice to accept them or not.
Does this really apply to you?
If your business is within the boundaries of the Economic Union then yes it does. It doesn’t matter where your site is hosted or where in the world your visitors come from. The law applies to the business itself.
Which Cookies You Need Permission For
Basically, everything. Analytic tracking cookies, advertising banners, affiliate tracking, website session cookies (as per PHP, ASP and others) are just examples that must need permission first before being stored.
This also applies to your mobile site. Yes, if you are involved in websites for mobile platforms (phone, tablets etc) then the law applies.
Once permission has been given to store the cookie, it need not be asked for again.
Which Cookies You Don’t Need Permission For
The only exception is the cookie that is used to store ‘shopping basket’ details on eCommerce sites. But that is the only exception as far as I am aware. All other cookies as described above need to have the visitors permission first.
Compliance Is Not That Easy
To be totally compliant you need to ensure that before any cookie is sent to the visitors browser, the visitor get’s asked. If you are using an ‘off the shelf’ solution (WordPress, Prestashop etc) then you have no real control. You are now reliant on a 3rd party to create a solution, if you can find one for what you are using.
Resources and Solutions
Hopefully I have you worried enough (£500,000 fine remember) to go off and start doing something about it. To get you started here are a few places to visit for more information and ways to comply.
• WordPress – Free plugin from Cookie Cert, or a great ‘paid for’ one from Sarah Arrow (only £10.00!)
• Free eBook report from Silktide (good site with plenty of info)
• Civicuk has information and solutions
• Of course the BBC has covered the EU Cookie law, with a fairly balanced view
Over to you … Did you know about this law? What other laws worry you about your website? Leave us a comment below!