The EU Cookie directive will come into force in the UK imminently. To sum up as simplistically as possible what this means for website owners, it means that users of your website must opt in before you can store ‘non-essential’ cookies on their website.
If you want the full story, you can find a complete guide to the EU Cookie Directive here.
It actually took effect on 26th May 2011. However, the UK ICO gave UK website owners a 12 month grace period before it plans to start enforcing the regulation. This means it effectively comes into force in the UK on 26th May 2012.
The problem is Brussels sticking its nose in where not necessary that very few websites at present ask users to consent to cookies being stored before going ahead and storing them. So users are not accustomed to seeing any consent requests.
Asking users for their consent for something they may not even fully understand will be an interruption to the user experience and could even make them question the trustworthiness of the website.
Most of them! If you have any sort of web Analytics (e.g. Google Analytics) then your website stores cookies too.
The EU guidance stipulates that cookies essential for the functioning of a website will be considered essential and therefore are exempt from the regulation. This would include, for example, cookies stored during a checkout process on an ecommerce website.
However, the ICO has stated that web analytics are likely to be considered non-essential. With Google Analytics specifically, the cookies it stores are ‘first party’ cookies, thus consent to store them is only needed once. However, this would still mean getting users to opt in.
The UK’s Government Digital Service (GDS) has taken a contrary stance on Analytics to that of the EU. It issued guidance to public sector websites and also a blog post that refers to analytics cookies as ‘minimally intrusive’ and ‘essential.’
The most interesting excerpt from the GDS blog post is this:
“Inevitably, analytics and the vital role analytics-related cookies play in allowing public sector websites to be held to account on the cost-effectiveness of the way we deliver government information and services came up. Even more importantly, analytics are essential to our “continual improvement” approach to developing digital public services, which is critical to delivering the government’s digital by default agenda.
The GDS also made reference to a statement in the Information Commissioner’s Office (ICO) guidelines that says:
“Although the Information Commissioner cannot completely exclude the possibility of formal action in any area, it is highly unlikely that priority for any formal action would be given to focusing on uses of cookies where there is a low level of intrusiveness and risk of harm to individuals. Provided clear information is given about their activities we are highly unlikely to prioritise first party cookies used only for analytical purposes in any consideration of regulatory action.”
Well, it means that the ICO is telling us we should technically be seeking consent to store web analytics cookies. However, it’s also saying they don’t consider such cookies to be high risk for users and are therefore not prioritising breaches relating to analytics cookies.
In reality, unless Google Analytics (and other 3rd party solutions) issue workarounds, there are millions of sites technically likely to be in break of the regulations come 26th May. But it doesn’t seem like the GDS, ICO or, well, anyone, is all that concerned!
Get 123 pages of expert advice straight to your inbox.
About the Author
Stacey joined us in 2009 as a junior copywriter; now she's a recognised figure on the global speaking circuit, having wowed audiences in the UK, Europe and US - including at MozCon 2014. She leads our search team and works with clients to deliver high-level campaign strategies.Visit Stacey's Page
Internal communication is important in the world of a digital agency. Usually, we begin an email with a clear idea of what we want to say and by the end of it, the message you wanted to send originally, has become muddled and the content of the message is nowhere near what it was supposed […]
Joe Curran joined Tecmark in March 2016 as a Web Developer. In his Tecmark 10, he explains the ins and outs of his day in the office. Follow Joe on Twitter. What does your typical day look like? A normal day starts with a train ride to the office. During my commute, I often sit […]
Tecmark’s AJ Mussell was delighted to be invited by In the Sports 360 team to attend the Salford Red Devils Foundation golf day. The event was held at Ellesmere Golf Club this Tuesday. What made AJ’s golf experience even better was the fact that he was in a team with Salford Red Devil’s very own […]