Skip navigation

Blog > New rules on cookies: do they affect my website?

Updated: Read our 2012 article

New rules for cookies suggest that all websites will need to get permission from users when using cookies. Cookies are small files used to store key information about a visitor and remember preferences. This could include personal information, such as the visitor's location or interests, which presents a privacy issue. However, most cookies are used to store anonymous information and preferences, either to remember key selections made by the visitor or to track navigation for marketing purposes, and are generally there to make life easier for users.

New rules on cookies

Many cookies are provided by third party code, for example when you add a script from Flickr or Facebook to your website. This code can include content that will help track how visitors find their website, for example. For this reason many website managers that don't have the knowledge to create cookies themselves may still be affected by the proposed changes. And it's the third party cookies for ad tracking that are apparently being targeted by this legislation.

These changes are being applied by the UK government's Information Commissioner's Office to comply with new EU legislation. The ICO says it will give companies time to correct irregularities before any penalties will apply. However, a number of organisations including browser companies such as Google are reportedly in talks with government to minimise the impact.

Cookie law delayed for a year

The main thing is not to panic, because the BBC reports that any compliance has been rolled back to May 2012. They quote concerns about usability if people have to provide permission every time they visit a website, with Gregory Roekens, CTO of marketing firm Wunderman stating "We need to make sure we don't have pop-ups appearing everywhere."

According to IT journal The Register, 19 of the 27 EU countries ignored the original legislation.

Cookie law problems

The Guardian denounces the ICO guidance as a "shambles". The problem with the rules is that compliance will result in frustration for the user, who will constantly have to provide permission before using new websites. According to the information commissioner Christopher Graham, "Browser settings giving individuals more control over cookies will be an important contributor to a solution, but the necessary changes to the technology aren't there yet." And legal experts still don't know how to advise their clients.

Changes due to new rules on cookies

IT Pro reports on the browser updates, with Google, Microsoft and Firefox all developing opt-out buttons into their future products. This should give users the ability to opt out of cookies without having to negotiate pop-ups.

Google Chrome appears to have been the first to act in response to similar legislation in the United States, with an opt-out setting added to the current version of Chrome.

The general view seems to be 'watch this space', as the practical implications and legal requirements are not yet known. It seems likely that business owners and managers of websites will not have to do anything as the problem is solved in a different way.

For a more detailed legal view, read this lawyer's article.