01242 244620
Get a free website review

Blog > Web Design > EU cookie law – how does it affect my website?

Calendar Posted 27th June 2012 | Feed Icon

From 26th May 2012 the EU ‘cookie law’ came into effect in the UK. This means the website of every UK (and EU) business that uses cookies must:

- tell people they are being used
- explain why
- get consent

EU Cookie Law free review

That’s the short explanation. You may not be surprised to hear that it’s not quite so simple, because there is confusion about which cookies are subject to this law, how various aspects will be interpreted, and most importantly the consequences of failure to comply. While we have tried to give a clear explanation in this article, this represents our understanding and should not be considered legal advice or a guaranteed solution.

EU Cookie Law: Let’s start at the beginning

Cookies are small files stored on your computer when you visit a website, and mostly store anonymous information to help personalise your experience. For example if you ask a website to 'remember me' when you log in, or if you add products to an online basket so you can see it again later, this often uses cookies. More controversially, cookies can also be used to track visitor activity and likely interests.

Visitors can already decide whether to have cookies enabled or disabled by changing their browser settings, but this is no longer considered enough. The new law requires that visitors must actively agree to the use of cookies that are not ‘strictly necessary’, i.e. those used for tracking and advertising. This includes third party code used on your website, for example Google Analytics, some social media code, and adverts.

The new UK law follows part of an EU directive on privacy, and it will be the responsibility of the Information Commissioners’ Office (ICO) to take action against offenders.

So how does the new EU cookie law affect my website?

If you don’t use cookies this won’t affect you, but most websites do use cookies in some way. As this is a new law the potential implications are quite broad, and the real consequences will only be determined by cases in court. For this reason we cannot give you a perfect solution or guarantee to comply with the law; in fact no-one can, and even the ICO itself has been reluctant to be specific.

In essence, it’s up to you how seriously you want to take this, but you basically have three options.

1. Do nothing

It seems unlikely that small or medium businesses will be targeted by the ICO for prosecution, and the problem may well be solved by changes to the browsers themselves. This law is apparently aimed at third party code that subverts people’s privacy, which the vast majority of websites do not. And even if the ICO does take exception to your website, it will probably give you a chance to resolve the issue before taking action.

2. Do the minimum

By clearly explaining the situation to visitors, you are demonstrating willingness. You could simply add a pop-up or banner saying that you use cookies, and link to a very clear explanation of why you use them and how the visitor can disable them through the browser.

3. Go the whole hog

Although we cannot guarantee this solution, based on the guidance from the ICO it seems that you need to ask visitors to actively say they want to use cookies (“opt in”), rather than just allow them to opt out. This means you need to ask every new visitor to agree to cookies, and if they don’t agree then disable any use of cookies for that visitor. This could be quite detrimental, for example meaning that some visitors cannot be tracked by Google Analytics or shown third party adverts.

However, the effect really depends on how you present this option. Unsurprisingly, the ICO themselves have a very clear message requiring visitors to tick a box and click a button to register their approval, which has resulted in 90% of their visitors opting out. On the other hand, the BT website offers people the choices of “change settings” or “no thanks”, and most of their visitors continue to use cookies because it’s the easier option.

Need help complying with the cookie law?

First of all you need to find out if you’re using cookies. Whether you’re a client of Bluelinemedia or not, we’re happy to provide a free cookie review of your website to tell you how you’re using cookies and what you should do about it.

EU cookie law references

Screenshots of ICO’s suggested solutions (thanks to Out-Law.com):

Some websites that have already made changes to account for the new EU cookie law (to see how these work you’ll need to be visiting the site for the first time, or delete your cookies first):

by Ben | 27th June 2012

We use cookies to help make our website better.

At the moment, your preferences prevent us from using cookies. OK otherwise Find out more.

How we use cookies

Google Analytics is a marketing tool that allows us to see how our site is used, for example how many visitors we get and which pages are viewed most. This information is anonymous but requires cookies to track your actions on our website.

ShareThis is included in our blog pages to provide links to social media tools like Twitter and Facebook, and enable you to bookmark or recommend our pages. This code includes cookies so that ShareThis can track how people use its service.

YouTube is used where we display a video on our website, and includes cookies that track actions such as clicking on related videos.

You can find out more about cookies at www.allaboutcookies.org/manage-cookies

If you'd prefer us not to use cookies, please click here, or if you don't mind us using cookies please click here.