Under new EU privacy regulations, websites must make it clear to visitors what information is being stored about them.
When you visit the majority of websites, small text files are downloaded onto your computer called “cookies”. These files remain on your computer for a period of time, depending on the cookie. The cookies vary in importance, some track the pages you have visited, some remember your preferences and some help advertisers display adverts which is relevant to your interests.
The new privacy legislation essentially requires websites to obtain consent from visitors to store or retrieve any information on a computer or web-connected device. This is where the cookies become relevant.
Certain cookies, which are deemed to be “strictly necessary”, are exempt from the change in the law, i.e. shopping carts or WordPress which requires cookies for the websites to work.
The biggest impact of the changes relates to analytics, such as Google Analytics, which are not exempt and therefore require permission from users.
Across the industry there are a wide variety of interpretations of the law and what needs to be done to comply, especially with many organisations keen to reduce the impact on behavioural advertising which relies on cookies to enable companies to target advertising based on a users’ online activity.
In essence our interpretation is that websites must do the following:
- Tell visitors that the cookies are there
- Explain what the cookies are doing
- Obtain consent to store a cookie on their device.
The key requirement is about consent and information – some form of communication where the individual knowingly indicates their acceptance of cookies and understanding of the cookies being used.
We have chosen the icon bar at the top of our pages which provides additional information, although other options are available.
Find out what the big brands are doing to adapt to the directive
The BBC unveils its EU cookie law solution
Find out more about cookies