What's the EU Cookie Directive?

in Technology
by Nick Lee

More and more people have been asking us about the EU Cookie directive so here’s a summary of the situation.

The law, which came into force on 26 May 2011, comes from an amendment to the EU’s Privacy and Electronic Communications Directive. It requires UK businesses and organisations running websites in the UK to get informed consent from visitors to their websites in order to store and retrieve information on users’ computers.

However the ruling does not clarify what constitutes getting consumer consent. Will it be enough for a user to consent to all sites through their browser or will a user have to consent to every site they visit?

In order to comply with the directive in the first instance, if browser acceptance isn’t deemed appropriate, then all websites will need to publish what cookies they are serving, what their purpose is and ensure that visitors to their site have accepted / not accepted the use of cookies. This will typically mean a statement at the top of each page on the website with the inclusion of a check a box to confirm user consent or some form of pop up to accept a change in website terms of use, similar to the iTunes model. If a user declines this may mean that tracking code such as Google Analytics cannot be implemented along with site personalisation and so forth.

So far less than a third of the EU, only Denmark and Estonia, have complied with the directive whilst UK websites are being given one year to comply with EU cookie laws. (http://www.bbc.co.uk/news/technology-13541250)

Whilst we await clarification we would recommend running an audit to establish what cookies your site is running and how they might affect users privacy. You can find out more about cookies here, http://www.allaboutcookies.org and if you would like more help & advice on this we would be happy to discuss your requirements in more detail, hello@gilroy.co.uk.