Posted by Pragmatic Design on 16 April 2012 | 0 Comments

Tags: EU, Cookie, Google, Analytics, Law, Website

An EU Directive covering the use of cookies becomes part of UK law in May 2012, and unless your website complies with it, you could be hit with a huge fine!

What's a Cookie?

It's a small text file which a website puts onto your computer, collects specific data, then sends it back to the website. From that simple description, it sounds like a nasty virus, but it isn't. It's a very useful way for websites give you a useful browsing experience.

For example: when you add something to your shopping cart, the data is stored in a cookie; when you ask a website to remember you, the data is stored in a cookie; and when you're banking online, cookies help with your security.

Cookies are also used for website visitor statistics, allowing website administrators to see how many people visit their website; how they found it; which pages they look at; and so on. Personally identifying data (ie, a visitor's name; address; email etc) cannot be collected in this manner, so the data is anonymous. The most popular of these systems is Google Analytics.

So what's the problem with cookies?

The European Union has decided that obtaining information using cookies is an invasion of your privacy.

For example, some cookies collect search data and use it to personalise adverts. If you're shopping around for handbags, you may have noticed that you suddenly see a lot of adverts for handbags. Whilst some people think this is useful, and others don't (even though no personal data is collected, and you can modify your browser settings to prevent this from happening).

How does this affect me and my website?

If your website uses cookies for anything that isn't crucial to the operation of your website, you will have to specifically ask each visitor to “opt-in” to receive them.

This means that your shopping basket is likely to be OK (it wouldn't be a viable shopping website if you couldn't buy anything) but for most other things you'll need to specifically ask for your visitor's permission. If you don't, the penalties range from an “information notice” to a fine of up to half a million pounds for a “serious breach”!

What does this mean for website visitors?

We think that there are two ways this could go:

1. The law will be widely ignored (as it has in most of the EU countries which implemented this last year), so visitors won't see any real changes and will continue to be unaware that there are harmless cookies on their computer;
2. Website visitors will see lots of pop-up messages saying “do you want to accept cookies for this website?”, which will confuse and worry many. Ironically, if they click “no”, a cookie will be used to store their preference! And next time they visit, they'll be asked again!

We're web designers, not lawyers, but would urge you to speak to your web designer or administrator to ensure you don't run the risk of a hefty fine.

For more information, please visit the Information Commissioner's Office website at www.ico.gov.uk (they've already implemented an opt-in system at the top of their page), or hassle your MP.

Update

Just a few days before the law was due to come into effect, the government backed down and said that "implied consent" was OK. In other words, saying that "by using this site, you accept our use of Cookies" on your website will get you off the hook!