Websites must comply with new cookie law
On 26th May 2011, the UK government updated its Privacy and Electronic Communications Regulations in response to the EU’s Privacy and Communications Directive, and has given websites until May 25th 2012 to comply.
The law has come into force in response to the industry’s failure to self-regulate the tracking of individuals and their data.
This new law, dubbed ‘The Privacy and Electronic Communications Regulations’, is being regulated by the Information Commissioner’s Office (ICO). The fine for non-compliance has been set at £500,000.
What are cookies?
“Also known as browser cookies or tracking cookies, cookies are small, often encrypted text files, located in browser directories. They are used by web developers to help users navigate their websites efficiently and perform certain functions.” – https://www.allaboutcookies.org/
What the law states
At present, the wording of the law and guidelines set out by the ICO state that visitors to a website must explicitly consent to having cookies stored on their computers. Virtually all web analytics tools (including Google Analytics, which you are using) rely on cookies for visitor tracking.
The impact on Google Analytics
For many businesses, the ability to anonymously track the volume of visitors, as well as how those visitors use and found the site , is an essential means of measuring site performance, without which it would be difficult to make improvements. However, when handled incorrectly, adherence to the new legislation can be destructive and impractical. For example, the ICO’s own effort at compliance saw a 90% drop in recorded traffic to their site.
Avinash Kaushik, a Google Analytics evangelist and expert, has stated that Google is still in the process of working with web analytics companies and various entities in the EU, in order to ascertain the full implications of the new law, as well as how to tackle it. , One solution may be a new form of web analytics that is not dependent on cookies.
Effect of complying rigidly to the law
Paul Carpenter provides an amusing take on what could possibly happen, should websites rigidly conform to the law as it stands. If this is the case for the UK, it may negatively impact upon the number of international users visiting your site, at least until the wider online community becomes au fait with the new regulations.
What action should I take?
We believe it is vital for website owners to take action, in light of the new legislation. Websites should have a ‘cookie audit’ performed, in order to determine how intrusive they are. Based on the findings of the audit, website’s privacy policies should be updated to outline which cookies are created, their purpose and how they can be disabled if desired.
If you would like us to perform a cookie audit and guide you through the process of compliance, or if you have any questions regarding the new legislation, please do not hesitate to get in touch.
Mark Steven
January 17, 2012 10:00 amNice article @theonetruebaron!
Those stats from the ICO tell as startling tale. We’ve also identified analytics as the biggest headache for most webmasters. There’s no pretty solution for this: server side solutions are much less accurate and functional than cookie based analytics.
I suspect in practice we’ll adopt both solutions and run them in tandem.
In case you’ve not checked it out already there’s a natty little solution for gaining user-consent over at https://www.civicuk.com/cookie-law. We’ve designed it to make consent that bit easier to give… in the hope that we can push the ICO’s 10% opt-in rate up beyond 50%.
Sumobaby
January 17, 2012 11:28 amThank You Mark.
We have been reviewing existing solution for cookie policy consent. As much as we like the ease of the implementation and design of the solution created by yourselves we still have a concern to the visibility.
Should a solution like this be necessary, to ensure usbale web analytics a lightbox upon first entry to a site may be required to force affirmative action as a button in the corner of will not suffice.
This could clearly impact on user experience so cookie-free analytics alternative are also being considered