The law regarding website cookies changed on 26th of May 2012: this change affects every website without exception.
What are Cookies?
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is usually a small piece of data sent from a website and stored in a user's web browser while a user is viewing a website. When the user browses the same website in the future, the data stored in the cookie can be retrieved to notify the website of the user's previous activity. As such, cookies are the means by which websites can: remember your settings, log in, personalise your experience, and remember selected options from one page to the next (such as in the e-commerce process).
The targets of the new cookie laws in the EU are tracking cookies and third-party tracking cookies, which are, most commonly, used to record browsing history, which is stored long-term. Cookies like these are typically used for targeted digital advertising: using the browser history to dictate whether to show an advert to an individual. It is for this reason that a concern about privacy arose around cookies. Although cookies have had negative press for some time, it is important to note that viruses and malware are not installed through, or carried by cookies.
What is the EU Cookie Directive?
The purpose of the legislation is to increase online security and data privacy, giving users more control over the data that is stored on their devices. The new ruling requires you to clearly display your use of cookies on your website, detailing exactly what information a cookie holds and how long it will be held, and in most cases ask users to consent to or opt in to the use of cookies on the site.
What does this mean for you?
In the majority of cases the primary impact of the new legislation will be on Google Analytics, which uses cookies to gather data for marketing analysis. If your site utilises social sharing techniques like Twitter feeds and “like” buttons or even YouTube videos then you are also probably about to be in breach of the new regulations.
Who needs to comply?
Everyone who has a website! Some consider the legislation to be difficult to interpret and there is considerable conversation around this at the moment. Some of the big players, for example BT.com have recently implemented a partial solution, however there is still uncertainty about how the others will interpret the law.
It is unlikely that the maximum fine of £500,000 will be awarded immediately, especially while Directgov is not fully compliant itself, and large companies are most likely to be scrutinised first.
Despite this uncertainty, the legislation is still in place and the penalties for non-compliance could legally be awarded.
What should you do about it?
To comply with the law we propose you firstly carry out a cookie audit to understand your compliance risks. You will then be in a position to decide which solution to implement.
Should you want to talk about this further, or find out how Purple Frog can help, please don’t hesitate to get in touch. We can offer both cookie audits and EU Cookie Directive compliant solutions, as demonstrated on our own website.
