Do you Understand the EU Cookie Law?

From May of last year a new law came into effect across the whole of the EU effectively requiring any websites that are using cookies to ask for a visitors consent before the cookies can be used, in many people’s minds it is a poor piece of legislation that has been designed to address a poorly defined problem. Up until now this legislation hasn’t been enforced as there are minimal member states that have fully implemented the law, with a lot of Governments being unclear and unready in the UK this will not be enforced until the end of this month May 2012.

Virtually all websites on the world wide web use cookies, as it is an extremely common piece of technology which 99.9% of all companies use responsibly. Basically designed as a tool for remembering things to make your life more bearable on the net, cookies assist with things such as analytics and tracking visitors, assisting with such things as logins and preferences for sites that you visit frequently among a host of other things.

Designed primarily to protect online users privacy, this law will effectively make it very difficult for promoting an uninterrupted browsing experience across all kinds of websites, affecting a whole host of things that we already take for granted such as like buttons on pages and even Google Analytics.

According to a recent survey conducted by the IMRG and eDigital Research:

• 75% of UK consumers had never heard of the e-Privacy Directive before taking the survey
• 79% believe that changes are needed to address the lack of public knowledge about cookies

The grace period for the law to be implemented will expire on the 26^th May 2012 at which time if you are not already compliant or visibly working towards it you could run the risk of action being taken against you (although most feel this is unlikely) but the action could include a fine of up to £500,000.

What should you do now?

At least start making some headway with some of the simpler things you can do:

1. Identify all the cookies that your website uses, there are some tools that can help with this such as the Firecookie extension for Firefox browsers which can list your cookies on a page by page basis.
2. If you have a privacy policy link on your site already then make sure its prominent and visible and even change it to read Privacy and Cookies.
3. List the cookies that are on your site on your Privacy Policy pages, preferably what they are and what their purpose is, differentiate between 1^st and 3^rd party cookies (name and purpose for 1^st) and (source, name and purpose for 3^rd).
4. If you use and buttons such as Facebook ‘Like’ or other social sharing buttons indicate these in your policy as well and advise that those parties may be gathering information as well.

We are not trying to scare anyone here, but more make them aware of the directive after all their own research is clearly pointing to the fact that people still don’t know about or understand this law and we still feel it will be sometime before anyone starts acting upon it. For further reading the EU has released some guidelines on how the legislation will be implemented and you can get this information by clicking on the image in this post.