Most UK businesses are still ignoring ‘cookie’ laws
EU laws requiring websites to obtain ‘informed consent’ from users before employing cookies to store information from a computer or mobile device came into force at the end of May. By Gary David Smith.
By Gary David Smith
EU laws concerning cookies changed on 26 May 2011 but the Information Commissioner (ICO) gave British website owners one year’s grace to conform to the legislation.
The new legislation distinguishes between four types of cookie: those that are ‘strictly necessary’ for a site to function; those necessary for a site to monitor its own ‘performance’; those that add ‘functionality’ like remembering a password; and cookies which collect several information about users’ browsing habits.
The International Chamber of Commerce suggest sites should ask browsers to click on four separate icons but sites that do ask for consent to employ cookies usually only employ one pop-up.
The legislation does allow for sites to work on ‘implied consent’ if they know visitors have been made aware of revised privacy policies but it is no good relying on a policy page that is out of date or difficult to find.
Even in the case of simply applying Google Analytics to your site you need to let your visitors know that you are doing that.
The ICO have confirmed that they are receiving many complaints from users of UK sites but that in the first instance they will be working with site owners to improve their cookie policies rather then looking to fine transgressors immediately. The maximum fine for non-compliance is £500,000. <>This legislation gives web users the misapprehension that all cookies are bad. The majority are designed to enhance the visitors experience of a site. Inevitably, as web visitors become more familiar with how cookies are used the new legislation will become simpler to comply with. About the author Gary David Smith is the co-founder of Prism Total IT Support, a company which supplies complete IT support to over 1000 SME’s nationwide.