A new law comes into force on Saturday 26th May, and it’s a law that could have a pronounced effect on your website.
Put simply, the law states that you must now get permission from anyone who visits your website before you can use cookies to gain information from them (no, we don’t mean the edible variety!).
Cookies are small pieces of data (often an encrypted text file) that are transmitted to your web browser and placed on your computer. These cookies are used by websites to “remember” details about you, such as your user name or site preferences, in order to improve the usability of the website. They are also used for anonymously keeping track of what your website visitors have done on your website. For example, if you use a tracking tool to see where your website traffic is coming from, it will involve the use of cookies. Similarly if you use social media plugins on your website, such as Facebook and Twitter widgets, these will most likely involve the use of cookies too.
Could your website suffer as a result of the new law?
Many sites could suffer. We think the user experience will be negatively impacted by this law, because it puts an extra barrier between your website and it’s visitors, but as it stands every website owner must take the appropriate steps to comply with the law.
What should you do?
As a minimum step forward you should start by identifying all the cookies that are created by your website. If you use the Firefox browser you can get the FireCookie extension to give you this information quickly and easily. Simply delete all your cookies, then visit your website and see what cookies it puts on your computer.
You may find some cookies are no longer needed and you can stop your website from creating them. For instance they may have provided a function in the past but no longer do so. Those you need or want to keep should be listed as part of a Cookies Policy page (or part of your Privacy Policy). These will likely include cookies used by analytics software, such as Google Analytics, that help you determine who is visiting your site, how long they are staying on it for and so on.
Indeed the ICO (Information Commissioner’s Office) states: “The Regulations do not distinguish between cookies used for analytical activities and those used for other purposes. We do not consider analytical cookies fall within the ‘strictly necessary’ exception criteria. This means in theory websites need to tell people about analytical cookies and gain their consent.”
So it seems you will need to ask permission from your visitors before putting these cookies on their computers.
Is there any need to panic?
We don’t think so, but at the same time it is important that you are seen to be taking steps towards complying with the new law. The ICO has stated that it “cannot completely exclude” taking action on the use of cookies for analytical purposes. However it also states it is “highly unlikely” that such action would occur. It is necessary though to ensure you let your visitors know about such cookies if you have them. Don’t forget about the law and think it won’t affect you – it applies to all website owners in the EU whether your site is large or small.
So remember – find out what cookies you have, declare them to your visitors as part of a Privacy & Cookies Policy page (watch out for one on our site very soon), and think about how you can get permission before using any cookies that aren’t strictly necessary for the website to function.
Further reading:
Leave a Reply