The New EU Cookie Policy

As of the 26th May 2012, The Information Commissioner’s Office (ICO) will begin enforcing the “EU Cookie Law” – a new piece of legislation that states that all EU websites will be required to obtain permission from its visitors before being allowed to place cookies on their computers.

Whilst many businesses and organisations are frantically rushing to get their website up-to-date and comply with this new law – not to mention the amount of confusion surrounding the law and what our responsibilities are to abide by it – Rooster Digital decided it was time to take an in-depth look at cookies and what they are for, as well as putting together some simple guidelines and practices that will help you understand the new law and how to comply with it.

1. Back To Basics – What Are Cookies?
Cookies are tiny little files that websites use to store data about its visitors. These cookies, which are saved to the user’s computer, contain important information about the user and their activity on the site, such as remembering if they have already visited a particular web page before, or if they have chosen to have their username and password stored to save them from logging in each time.
There are various type of cookies that can be set by a website, which are looked at in more detail below.

1.1 The Essential Cookie
This cookie is absolutely vital in the successful operation of the website. Without it, the website would not function as intended.
Example – A shopping basket on an e-commerce website. Every time a product is added to the basket, a cookie is required to remember those products and keep them in the basket as the user navigates through the website. If that cookie was not available, the basket would always be empty, which would frustrate the user – imagine how you would feel if your groceries kept falling out of your trolley whilst doing your weekly shop in Tesco!

1.2 The Functionality Cookie
This cookie helps improve the user experience of the website by storing information such as preferences and settings – they are NOT essential in the functionality of the site, but they DO improve the user’s involvement and increases the chance of that user returning to the site with their settings intact.
Example – A website that is available in multiple languages. When a user selects to view the site in their chosen language, the cookie remembers this, and, upon visiting the site at a later time, the website is displayed in their previously-selected language.

1.3 The Performance Cookie
This cookie is used to simply monitor data such as the website’s traffic and page hits and how long a user stays on a page for – all of which are important factors in measuring and improving a website’s Search Engine Optimisation (SEO) results.
Example – Google Analytics. The Analytics code – obtained from Google – is placed inside the HTML of your web pages, and, using its in-built cookies, allows the website owner to track and manage the usage statistics as described above.

1.4 The Advertising Cookie
Perhaps the most common type of cookie, this cookie tracks and records your browsing history and habits in an attempt to display targeted adverts on other websites that relate to your previously-visited sites.
Example – Banner adverts/pop-ups. Those annoying, flashing banners that appear across the top of or down one side of a website, normally advertising things such as holidays, mortgages and loans. These banners appear there because the cookies have remembered your previous web browsing history – did you recently look for a cheap holiday on the Expedia website?
Then expect to see a banner advertising cheap holidays on a completely different website some time in the near future!

2. I Think My Website Uses Cookies! What Do I Need To Do?
As stated earlier, the new law states that a user must first give consent for cookies to be used on the website – however, this does NOT apply to the “Essential Cookie” – fundamental cookies which are 100% needed to operate the site are exempt from the law. Anything else requires permission from the user first and foremost.

Many larger organisations – BT for example – have put this into effect already, and they do so in a way which does not affect the usability of the site or deter from its design. A simple pop-up or modal box displayed in one of the lower corners of the site is perfect – BT’s pop-up box contains a small piece of text regarding the use of cookies and allows the user to click either “yes” or “no” in giving their consent to the website to use those cookies.

This simple method of prompting a user to accept or reject cookies may not be ideal; if a user decides to reject, then certain functionality aspects of your website may no longer work; this however IS the law, and, with easily-installed solutions available, there is no reason why you shouldn’t be complying with it.

Two such solutions to implementing a cookies notification pop-up or banner on your website include CookieCuttr and Cookie Control, both of which are simple jQuery plugins which take no time at all to install.

As well as providing the user with the option of accepting or declining cookies, your website’s privacy policy and/or terms and conditions will need to be amended. This requires simply informing your visitors of what cookies are used on the website, what they are used for, how long they remain on the user’s computer for and any other necessary information relating to the cookie.

3. What If I Don’t Change My Website To Reflect This New Law?
If you don’t comply with this new legislation and are using cookies as outlined above, the maximum penalty could be a hefty fine. Chances are though, if reported to the ICO, you will probably receive a warning and be asked to update your website first – don’t forget there are millions of websites out there across the internet, so you are not alone.

Posted by Reuben Harris on 25 May 2012