Old man on the street
Old man on the street
Writing a letter
Boy writing a letter
Girls on their mobiles
Girls on their mobiles
Photographing an event
Photographing an event
Girl with laptop
Girl with laptop
Man on phone
Man on phone
Clothing on a rail
Clothing on a rail
Shopping at a market
Shopping at a market
Girl on phone
Girl on phone
Market Seller
Market Seller
People at a station
People at a station
Busy street
Busy street
Earth from space
Earth from space
Man on Laptop
Man on laptop
Man on mobile
Man on mobile
Man on laptop
Man on laptop
Construction workers
Construction workers
Girls on mobiles
Girls on mobiles
Kids on mobiles
Kids on mobiles
Girls on mobiles
Girls on mobiles
Man in a hat
Man in a hat
British postbox
British postbox
Cartwheel on a beach
Cartwheel on a beach
Woman on a phone
Woman on a phone
Monopoly board
Monopoly board
Woman
Woman
People in office
People in office
Video recording
Video recording
Men talking
Men talking
Woman
Woman
On a tablet
On a tablet
People
People
Woman on bench
Woman on bench
Man waiting for train
Man waiting for train
Something
Something
Woman
Woman
Busy street
Busy street
JMS Connect
JMS Connect
JMS Innov8
JMS Innov8
JMS Inspire
JMS Inspire
JMS Shout
JMS Shout
JMS SEO Thermostat
JMS SEO Thermostat

The EU Cookie Law Briefing

What you need to know

The E-Privacy Directive came into force on the 26th May 2011 and applies to how website owners can use cookies to store information about their visitors.

If you, as a website owner store usage information, you will need to provide clear and comprehensive information about why you are storing the information and get the visitor's 'explicit' consent.

Essential cookies that a website provides for the visitor at their request (for example on subscription and e-commerce services) will not need such consent. More information on what cookies are and how they are used?

What is the so-called "Cookie Law"?

The "Cookie Law" stems from a modification to the EU Privacy and Electronic Communications Directive (PECD), which became law in November 2009. It was designed to safeguard privacy online and protect web users from unwanted marketing. Cookies can be used to build up a profile of where you have been and how you have behaved on a range of websites and other digital media.

The law aims to make sure that any company that collects information about a web user must ask for the user’s consent first. Before this law, websites only had to ask visitors to opt out of cookies. Now they have to opt in to all "non-essential" cookies. The law was imported into UK law in May 2011, but UK companies were given one year to comply. The deadline for compliance was 26 May, 2012.

There are other technologies, like Flash and HTML5 Local Storage that do similar things, and these are also covered by the legislation, but as cookies are the most common technology in use, it has therefore become known colloquially as the Cookie Law.

What you need to do

In the UK, the Information Commissioner's Office (ICO) has advised website owners to conduct a full audit of their websites to analyse which cookies are used, and which are 'strictly necessary'? "Strictly necessary" cookies are those mentioned, for subscription and e-commerce services. Few audit services exist, and even fewer are undertaken.

Cookies that are deemed, or likely to be seen as 'intrusive' by users should be removed, changed or a consent process included. There is a trend for cookie blocking and broad third party opt-out.

Who needs to comply with it?

The law applies to all member states of the European Union. Websites outside of the EU must comply with the law if they are targeting people within member states. So a website based in the USA that sells to people in the UK will also have to comply.

Consent options available to you

This Cookie law has preceded the browser development, so the onus is currently on the website owner. Current solutions to gather consent include:

Feature-led consent - This is when a website remembers feature-led preferences, such as content personalisation. A user can be informed of the cookie when the feature is activated.

Functional uses - Tracking is a common example of this - occurring in the background without the consent of the user. A proposed solution is to place relevant text about the cookie in the header or footer of the page, or link to an information page. This is something that is now hindered by the rise in use of cookie and ad blockers.

Pop-ups - Whilst these can detract from the user experience, and are often blocked by browsers, they are probably the simplest option to implement to inform the user and to gain their consent. Pop-unders are even more annoying, as the user is often unaware that they have even opened, and they are often secretly initiated (they can not open automatically, by themselves).

Settings-led consent - Some websites allow users to personalise the interface - font, colours, language, etc. These settings use cookies, and when these are set, the customer can be told that a cookie will be set.

Sign-up terms and conditions - If a user has to sign up to a website, they will normally agree to a set of terms and conditions. If you need to use cookies, you can add the new terms into your legal pages. If you are changing your Terms and Conditions, you must alert your existing customers of the changes. Do not think that this is a get out clause for loading any cookies on your visitors - do the audit to see if all the cookies are required.

Third-party cookies - I am sure that this is one of the main reasons for the regulations. These often come from display advertising that the website uses. Because it is often controlled by a third-party, this is a grey area, and gaining the consent is likely to be difficult. The Government and industry are working on this. As a responsible website owner, you should also work with your advertisers and affiliate partners to minimise the use of cookies.

Tracking icons - These are indicators on adverts that show clearly that an advert uses tracking technology. AOL and Google, for example, have committed to this, but there is currently no mention of 'consent'.

What to do

Compliance with the cookie law comes down to three basic steps:

  • Work out what cookies your site sets, and what they are used for, with a cookie audit.
  • Tell your visitors how you use cookies.
  • Obtain their consent and give them some control.

Penalties for a failure to comply

Whilst the directive came into force on the 26th May 2011, the complexity of the technology, and development lag, meant that it has taken some time to become fully operational. Heavy fines are still likely - none have been publicised, but I would suggest that if end-users find the constant 'consent' too fiddly and annoying, the directive may have to be rethought, and 'penalties' deferred still further.

Technically, the maximum penalty for not complying is £500,000 for cases where there is a deliberate breach of the law that causes substantial distress. There are also smaller penalties such as being sent an information notice or an enforcement notice. However, this has proven to be an incredibly difficult law to police and enforce as it affects so many sites.

For more detail on this legislation, please click here.

If you have questions about how the cookie law could affect your business and your digital marketing, contact Jack Marketing Solutions today.

 


Glossary: Ad Server, Advertising, Adware, Affiliate Programme, Astroturfing, Browsers, Cache, Cloaking, Cookie, Dark Marketing, Data Protection Act, Digital Marketing, E-commerce, E-Privacy Directive, Floating Ads, Google Adwords, Header, Meta Data, Mobile Marketing, Navigation, Obfuscation, Opt-in, Personalisation, Pop-ups, Programmatic Buying, Real-Time Advertising, Real-Time Bidding, Repeat Visitor, Search Engine, Site Visit, Social Advertising, Spyware, Tracking, Visit, Visit Duration, Visitor, Visitor Session, Website

Internet of Manufacturing
  Tue 6th Mar/2018
    3:00 pm - 11:30 pm