The EU Cookie directive will come into force in the UK imminently. To sum up as simplistically as possible what this means for website owners, it means that users of your website must opt in before you can store ‘non-essential’ cookies on their website.
If you want the full story, you can find a complete guide to the EU Cookie Directive here.
It actually took effect on 26th May 2011. However, the UK ICO gave UK website owners a 12 month grace period before it plans to start enforcing the regulation. This means it effectively comes into force in the UK on 26th May 2012.
The problem is Brussels sticking its nose in where not necessary that very few websites at present ask users to consent to cookies being stored before going ahead and storing them. So users are not accustomed to seeing any consent requests.
Asking users for their consent for something they may not even fully understand will be an interruption to the user experience and could even make them question the trustworthiness of the website.
Most of them! If you have any sort of web Analytics (e.g. Google Analytics) then your website stores cookies too.
The EU guidance stipulates that cookies essential for the functioning of a website will be considered essential and therefore are exempt from the regulation. This would include, for example, cookies stored during a checkout process on an ecommerce website.
However, the ICO has stated that web analytics are likely to be considered non-essential. With Google Analytics specifically, the cookies it stores are ‘first party’ cookies, thus consent to store them is only needed once. However, this would still mean getting users to opt in.
The UK’s Government Digital Service (GDS) has taken a contrary stance on Analytics to that of the EU. It issued guidance to public sector websites and also a blog post that refers to analytics cookies as ‘minimally intrusive’ and ‘essential.’
The most interesting excerpt from the GDS blog post is this:
“Inevitably, analytics and the vital role analytics-related cookies play in allowing public sector websites to be held to account on the cost-effectiveness of the way we deliver government information and services came up. Even more importantly, analytics are essential to our “continual improvement” approach to developing digital public services, which is critical to delivering the government’s digital by default agenda.
The GDS also made reference to a statement in the Information Commissioner’s Office (ICO) guidelines that says:
“Although the Information Commissioner cannot completely exclude the possibility of formal action in any area, it is highly unlikely that priority for any formal action would be given to focusing on uses of cookies where there is a low level of intrusiveness and risk of harm to individuals. Provided clear information is given about their activities we are highly unlikely to prioritise first party cookies used only for analytical purposes in any consideration of regulatory action.”
Well, it means that the ICO is telling us we should technically be seeking consent to store web analytics cookies. However, it’s also saying they don’t consider such cookies to be high risk for users and are therefore not prioritising breaches relating to analytics cookies.
In reality, unless Google Analytics (and other 3rd party solutions) issue workarounds, there are millions of sites technically likely to be in break of the regulations come 26th May. But it doesn’t seem like the GDS, ICO or, well, anyone, is all that concerned!
Get 123 pages of expert advice straight to your inbox.
About the Author
Stacey joined us in 2009 as a junior copywriter; now she’s a recognised figure on the global speaking circuit, having wowed audiences in the UK, Europe and US – including at MozCon 2014. She leads our search team and works with clients to deliver high-level campaign strategies.Visit Stacey's Page
Do you know if your website is safe? It’s a valid question given the current climate of leaked personal details and how some companies handle the information of their customers. With new GDPR compliance coming into play in 2018, many companies are taking extra precautions to ensure their customers’ data is safe. You may have […]
Happy New Year everyone! As we all know the transition into the new year is a time for reflection, hope and new beginnings. However, it often brings with it a descent into copywriting madness, with god-awful clichés often popping up out of nowhere – yes we’re looking at you #NewYearNewMe crowd.
When it comes to building a decent website, content really is still king. The key to creating decent copy that not only draws readers to your site, but also gets your brand message across, is to make it compelling. You want to create something that’s actually worth reading – not just a scrambled up splurge […]