Crazy Cookie Law - EU strikes again

18th May 2012 in

Although this law has been passed to protect people’s privacy, a recent poll undertaken by Econsultancy, publisher of digital marketing and e-commerce best practice, found that 82% of digital marketers think the law is actually ‘bad’ for the web.

We’re all for protecting people’s privacy, but to simply ban all Cookies that haven’t first asked for permission from the user is - in our opinion - shortsighted. It will affect the user’s experience, potentially make the user nervous if they are constantly being asked for permissions, but more importantly it could affect e-commerce as visitor tracking and analysis data will be affected.

Browser compliance, rather than website compliance, would have definitely have been a more viable, and far less resource exhaustive option. It would be simpler and far more efficient to roll this out and manage from a users perspective. Especially since it’s the browser that manages local storage of data.

So what is a Cookie?

A Cookie is a piece of data stored by a website within a browser that lets it remember if you are logged in or, if you’ve visited a site before and what your preferences were.

Some Cookies perform essential function however, such as authentication cookies which allow web servers to know whether a user is logged in to a particular account or not.  Without this the site in question wouldn’t know whether to send a page full of sensitive information, or to ask you to log in.

A user does have the ability to control Cookies through their browser, whether that would be to block all, allow specific or just block third party Cookies.

With over 92% of web sites using cookies, even if it's just for the Google Analytics service which enables visitor analysis, this is something that every company needs to be aware of.

What should you do?

  • First of all you’ll need to take a good look at your web site to find out what type of Cookies are used, what they are for and whether they breach the new law.
  • You should update your privacy policy with a clear section on cookies and maybe include the results of the audit. 
  • You will then need to remove the relevant Cookies and update your site so that it requests permission from the user at key stages. For example if they are logging in and would normally check the ‘remember me’ box.
  • You can also change the settings on your web site so that the user is advised about any Cookies that are essential.

We know this is a pain in the you-know-what, however to be compliant and avoid a potentially hefty fine then unfortunately these measures have to be taken. We would recommend that you have this work done by a professional, to ensure it’s totally compliant and well crafted to reduce any chance of a negative user experience. This is a service we offer, so please get in touch if you want us to look at this - for most sites this should be a fairly straightforward task.

Here are a few places where you can find more information: 

More from the blog