This Saturday the 26th of May 2012 marks the new EU Privacy Directive being enforced in the UK. This change in privacy law is known as the ‘Cookie Law’ and if you are a website owner it is important you aware of this change and ensure your website is compliant.
What do I need to do? As a website owner based in the UK it is now required, by law, that you disclose how you use ‘cookies’ on your website to visitors. These visitors must be given the opportunity to ‘opt-out’ if they wish.
What are cookies? The vast majority of websites use cookies. Cookies are code used to provide a more personalised experience when using the Internet. Examples include speeding up a login process or recorded visits to your website. When anyone uses an Internet Browser such as; Microsoft Internet Explorer, Firefox, or Google Chrome and visits any website, information is stored on their browser. This information records the websites they visited, the time they spent on those sites, the pages they visited and various other information.
Why the change in law? Cookies are used by website owners to understand how people engage with their site. Cookie information encourages website owners to make changes to their site and therefore makes the Internet a better place. However many people are not aware that Cookies are in place and as a result it has been decided this affects people’s right to privacy. As a result the law now states that website owners must get permission from visitors to store information about their visit.
What is the best approach? The ICO have recommended an approach of ‘informed consent’ rather than explicit opt-in. This means that informing your users the first time they arrive on your site that you use cookies and providing links to where they can find further information about those cookies and potentially opt-out if they wish to.
What can be done? We are not legal advisors and we would recommend you contact your legal team if you have concerns about this change in the law. However we would recommend the following changes be made to your site:
- Make changes to your Privacy Policy
- Include a ‘Information about Cookies’ page on your website
- Include an opt-in function on your website for the first time someone enters your site.
If, like us originally, are concerned that the last element may be to obtrusive please see the HSBC example below. This is an excellent example of how websites can adhere to this law without drastic or off-putting changes to your website.
If you have any concerns about how this law may effect you please feel free to get in touch with one of our friendly staff. As always, please leave your comments below if you have any.
