Making sense of the EU cookie legislation
Aug
30
The new EU law on cookies on web sites came into force on 26 May 2011. To date, there’s been little guidance on what’s expected of web site owners or on penalties for failure to comply. Finlay Carmichael of C2 Software attempts to make sense of what small businesses should be doing to ensure web sites are consistent with the law.
Cookie jargon
The principal behind the new law is that consumers have a right to know and decide what is downloaded to their computers. When they first arrive at a web site, therefore, there should be an explanation of all the cookies used by the site, and the ability to choose which can be used.
This is where the tricky stuff starts. Many web site owners or managers don’t know what’s there themselves! There will be cookies used to smooth the browsing experience, cookies to collect information on users’ habits and, increasingly, third party cookies used by the likes of Google Analytics and social bookmarking tool Add This.
So the first step has to be a thorough audit of your site so you know what’s there. Then decide what you actually need and what your readers or customers are likely to accept. Do you need analytics and social bookmarking sites? What about the Flash cookies? The issue with Flash cookies is they are not deleted when a user clears cookies in their browser. Do you really need them?
Then work on ‘marketing’ the ones you decide to keep. How will you explain each cookie to users, in a way that encourages them to say yes? In our experience users are generally quite savvy about the benefits of cookies and quickly get frustrated when they find their browsing experience hindered by the lack of them so with careful wording you can make sure most are accepted.
If you list each cookie, with a link to some information about it, such as why it’s there and what the benefits are to users, you’ll have a greater chance of having them accepted. There’s a good example on the Information Commissioners’ web site – it explains what it’s asking, why it matters, and what users’ choices are:
“The ICO would like to use cookies to store information on your computer, to improve our website. One of the cookies we use is essential for parts of the site to operate and has already been set. You may delete and block all cookies from this site, but parts of the site will not work. To find out more about the cookies we use and how to delete them, see our privacy notice.”
That’s followed by a simple check box for users to accept (or not).
At the moment, there is a period of one year’s ‘grace’ for companies to get their sites in order. What will happen at the end of that is open to speculation.
My advice is to do the work now through an audit of your site and some clear and direct explanations to users will help keep returning to and enjoy using your site.
Finlay Carmichael is managing director of C2 Software
Photo credit: nettsu
Comments
Anyone looking to become compliant with the cookie law or wanting to keep up to date with news and developments, should visit http://www.cookielaw.org to find out more.
You can easily comply with the e-privacy cookie regulations by pasting a CookieQ ( http://cookieq.com) button onto your web pages. There are no irritating popups, just a button that shows visitors their current status and by clicking on the button they can opt-in or opt-out of your cookies, after reading your cookie policy. CookieQ remembers their choice and removes the cookies from their browser if they have not opted-in – in which case our optional & configurable reminder banner can be displayed.
Thanks, Richard and Valerie, for your comments. With the law on this changing, it’s good for small businesses to have as much clear info as possible. Thank you!