First thing to say is that I am no lawyer, the following reflects my understanding of the changes in respect of UK Cookie Law and the technology available. You will probably have to consult your solicitor or legal team about this.
Do you own or run a website?
Are you worried about the new UK Cookie Law?
If you own a website are based in the UK and haven’t done anything to comply with the new UK Cookie Law, you may well be in breach of it.
Particularly as the guidelines seem rather vague.
The problem with Cookies (as the EU sees it) is that the Cookies gather user info without the user necessarily being fully aware of the fact.
This is not a ban on Cookies.
But you do have to ensure that your users are aware that you’re using Cookies and let them know what you’re using them for.
You also have to ask for informed user consent before you set most Cookies.
This will most likely be in the form of a pop up (or something similar) that will give the user an option to move forward with or without Cookies.
Only Cookies which are strictly necessary from the user’s perspective (not from the site owners) are excluded from these requirements.
The problem is it’s not easy to tell which Cookies are strictly necessary.
So how can you sort this out on sites that you own?
The following should help you get started…
Step 1 Conduct a Cookie Audit
First make a list of the cookies that your site is using, the information that you collect should include:
- The name of the Cookie
- The purpose of the Cookie
- Expiry time; is it a Session Cookie or a Persistent Cookie
- Location of Cookie; is it set from a specific page or pages(s)
- Whether it’s a First Party or Third Party Cookie
- If it’s a Third Party Cookie who’s setting it
The Firefox Web Developer Toolbar has a handy Cookie Information Function that allows you to view this detail as you travel through your site.
You can also try clearing history and Firefox will allow you to view Cookies in the Options window’s Privacy panel.
Jon Quinton of SEO Gadget posted http://www.seomoz.org/ugc/not-freaking-out-about-the-eu-cookie-legislation where I got the idea for the above Firefox methods; its well worth a look.
Once you have the list of Cookies you can figure out how critical each Cookie is and how you wish to deal with each Cookie.
Step 3 Similar Technologies
It’s not just cookies, be aware of other user tracking technologies…
“Regulations apply to cookies and also to similar technologies for storing information. This could include, for example, Local Shared Objects (commonly referred to as “Flash Cookies”), web beacons or bugs (including transparent or clear gifs).” Source: ICO’s cookies guidance (pdf)
Step 4 Avoiding Crumbs! Or How Do I Handel My Cookies
Now take a look at the ICO’s cookies guidance (pdf) to see where you stand with the Cookies that you’re using.
Many have expressed concerns that pop ups (or similar solutions) will scare users off; I can’t disagree with their sentiments. If you do need to go down the opt-in root make the message as friendly as possible and explain the benefits of the Cookies that you propose setting for your users.
Take a look at what other major UK sites have done here: http://econsultancy.com/uk/blog/9990-the-bbc-unveils-its-eu-cookie-law-solution
Obviously one perfectly acceptable route would be to discontinue any Cookies that are no longer necessary.
Step 5 One Last Thing
Make sure that you keep a record of all of your work just in case the ICO contacts you.
Take a look at the following sites for more information, opinions, and thoughts on the changes to the Cookie Law in the UK:
Cookie Image Credit: http://www.flickr.com/photos/lloydm/