The EU Directive which comes into force on the 26th May 2012 requires user consent when using cookies on your website.
What is a Cookie?
A Cookie is a small file, downloaded on to a device when a user accesses websites. There are lots of reasons for cookies:
- Some are necessary to make your site work, especially if you have a login area
- Harmless tracking information on visitors through statistics programs such as Google Analytics
- Social media interaction (linking with Facebook etc) then your website needs cookies to make this work
- And lastly, the real problem area – following people’s surfing habits around the internet to “spy” on them and then serve up adverts targeted at their interests
Obviously, in three out of the four areas above most people would have no objections – but with the last area many people would, and so do the EU!
The directive now requires you to state how you use cookies on your website and furthermore requires you to obtain consent by the visitor that they are happy you are collecting this data about them.
Practical Advice for those website owners wishing to comply.
As with many new laws there is no 100% clear guidance we can give you. In researching for our clients we have found many opinions and interpretations of the new law, by valid experts who disagree on what is needed. Until the new laws are tested by someone suing a company in breach of them and a court then creates a clear definition, the opinions are likely to continue.
Our conclusion is that action should be taken by all website owners but that it may become clear over time that those actions are either enough, too much or not enough and further action required later. But, provided you are taking steps to be responsible and “do the right thing”, plus you are not trying to use malicious cookies then the chances are fines will be avoided.
Of course, not all websites are the same – so what works for one is not necessarily right for another.
So what should you do?
The first advice is find out what cookies your website is using. If you are a client of JCK, contact us and we will help you do this. If you’re not (why not?? 🙂 ) go to http://www.cookiecert.com/ and put in your domain name – within 24 hours this website will create a report for you.
The next advice is make sure you have a privacy policy on your website and that it clearly and obviously (not hidden in the fine print) describes your use of cookies. This privacy policy needs to be easily found on your site, not hidden in a dark corner, and we would also suggest making sure you have text along the lines of “You can read our cookie policy here” written on every page of your website, linking to that privacy policy.
This information should be fairly prominent on your website, perhaps in a different colour to your normal branding, so that it stands out to the visitor.
The next step, if you want to be very strict, is to have a solution enabled for you to be able to collect visitor consent as soon as they reach your website. If your website is based on a WordPress framework, there are many different solutions available. An example is working on www.bromleyexpo.co.uk
For more information
The information commissioners office have a detailed report on the guidance of the rules which you can download here
And lastly, we need to mention that all this article is, is our interpretation and our opinion…rather than take our opinion as fact you should discuss the issue with a suitably qualified lawyer
If you’d like to know more please don’t hesitate to get in touch by email or call 01635 886522 – client or not!