Cookies & the change in European law

Cookies & the change in European law
June 19, 2012 Rhys Harry

You may have heard that a recent European Directive has changed how websites can use cookies, or you haven’t, it’s likely that you will have had to click an unfamiliar ‘accept cookies’ message on a website lately. So, what’s it all about & what does it mean if you own or run a website.

Cookies Law

What are Cookies

Cookies are tiny text files placed in your web browser’s folders by websites. They enable the site to perform useful functionality & remember your preferences / actions. For example, filling out parts of forms automatically if you’ve done it before, or remembering if you’re logged in or out of your account.

Most websites use cookies to some degree & without them using the internet would be a much more labourious process.

What’s changed with these information biscuits

Up until 26th May 2012, websites that used cookies were required to have the company’s policy on cookie usage, along with wider privacy policy somewhere on the website, usually tucked away with other Ts & Cs as generally users aren’t interested.

The e-Privacy Directive now dictates that users of a website have to actively consent to that site’s use of cookies before they are used. This has quickly taken the form of pop-up messages asking the user to click a button to signal that they are happy to continue using the site in the knowledge that it uses cookies. The site will remember if this button has been clicked on the users next visit thanks to a cookie.

Why change the law

Because of plummeting TV & publishing advertising revenues online advertising has had to become a lot more focused. This has brought about a more sophisticated use of web advert space than the blanket billboard approach and now sees internet users being heavily tracked & targeted. You will doubtless have noticed adverts popping up uncannily for products you were searching for in the last few days.

This much closer profiling of people prompted the EU to get tough on the use of website advertising space and in particular the use of any technology (not just cookies) that track the behaviour of a site visit.

It seems that up until the last minute the new laws were going to be a lot more wide reaching & force webmasters to list & gain consent for each individual 1st or 3rd party cookie. The resulting torrent of clicks would have had people hurling computers through windows so an 11th hour compromise was reached allowing websites to merely gain ‘implied consent’. It’s a shame that the decent intentions of the EU will result in just another ‘agree to our Ts & Cs’ button but at this stage neither side of the fence can agree on a workable solution.

Does your website use cookies

Probably, yes. Definitely if you have any of the following:

Google analytics or similar
Facebook like, Tweet etc. buttons
Blog with comments
Google map

Penalties for not complying

The Information Commissioner’s Office states that any complaints they receive about a site not complying with cookie regulations will result in the Office contacting the site administrators who will have to declare their intentions to make it compliant. Large penalties have been mooted but it seems doubtful at this point that the ICO would fine any non-huge business unless going out of their way to flout the law.

What can you do

To be on the safe side and to demonstrate that we’re on top of the new rules we make users of our site aware of our privacy policy & consent to our cookie use. Should you decide to do the same we would be more than happy to help you. It doesn’t take long to run a cookie audit, put the details on a new page & build a script that flashes up the cookie warning.

To find out more visit


Leave a Reply