Recent Changes that Affect Your Organisation’s Cookie Policy

There’s no escaping cookies online. What once sounded like an oddly named concept is now well known to most people, whether you’re running a business or just browsing the internet.

Cookies are small files placed on users’ devices that collect data about their browsing habits. In marketing, you might use them to build customer profiles and create targeted ad campaigns.

Cookie notices on websites were first introduced as part of GDPR, which came into force in 2018. For the first time businesses needed to have a clear policy in place that explained how they manage cookies and process the data received. Organisations needed to make sure they were telling any site visitors that they would be using cookies, and asking them to consent to this.

What are the recent changes?

Cookies notices are an important tool. But they have often been badly used. As a result, the already confusing cookie rules are now subject to further changes. To stay compliant, you must keep up to date with what you need to do – for your own business as well as your clients’.

There’s a wealth of information online about cookies, cookie policies, and guidelines around browsing consent. Yet as a business owner pressed for time, we know you want to find out quickly and easily what affects you, why it matters, and what you must to do about it.

That’s why we’ve put together these straightforward guidelines to quickly and easily update you on cookie policy changes. Here’s what you need to know:

New EU rules say cookie consent must be clearer

What was the issue?

Once GDPR was in force, you needed to put a cookie notice in place on your website. This alerted first time visitors that you used cookies on your website and asked them to agree to this. However, many users found the agreement wording was confusing. And in the worst cases, the cookie notice meant it was impossible to continue browsing the website without fully agreeing to the use of cookies, whether you wanted to or not.

What has changed?

It’s this lack of choice that prompted the EU to introduce new cookie guidelines in 2020. The purpose of cookies is to give people the freedom to decide whether or not their data is tracked and stored. So, the EU has banned the use of cookie walls that prevent users from continuing on a site if they don’t agree to the cookie notice.

What do you need to do?

It’s crucial that you check no cookie walls are still on your website, and remove immediately any that are in place.

You also need to be sure you’re not making assumptions about consent on your users’ behalf. For example, some websites presume that if you continue to scroll, you have accepted the cookie policy. However, this is impossible to monitor. Therefore, if you’re using assumed consent as your cookie policy, you need to change this straightaway and replace it with a clearly worded cookie notice.

Google is banning the use of third-party cookies on its browsers

What is the issue?

Google has announced a big change to the way it uses cookies. Currently, cookies can be stored by other sites who are advertising on a page a user is browsing, even if the webpage the user is visiting has nothing to do with them. This means businesses are able to collect, store and use personal browsing data, even if a user never clicks on their ad.

What will change?

These third-party cookies will soon be blocked on Google’s Chrome web browser. This ban is scheduled to come into effect from sometime in 2022.

This is huge news. Google records around 3.5 million searches every day, so the decisions it makes have a huge effect on you and your clients.

What will you need to do?

The third-party cookie ban gives Google even greater control of internet advertising. This means if you were reliant on any third-party cookies to build customer marketing profiles, this will no longer be possible. So if third-party cookies are part of your marketing strategy, you’ll need a rethink.

You can still use first-party cookies to trade and sell with ad agencies. However, the cost of these ads will rise.

Brexit means you need to comply with both UK and EU GDPR

What is the issue?

There’s no escaping the impact Brexit is having on the way many businesses operate. This includes you and your clients, and the way you manage cookies from users in both the UK and the EU.

What will change?

It’s not yet completely clear how the Brexit transition will affect GDPR compliance, with the process delayed by the pandemic. Yet you must remember that complying with both UK and EU GDPR remains your obligation as a website owner. To do that, as it stands you must make sure your cookie notices are clear and readily available, cookie consent is completely within your users’ control, and you keep evidence of your user’s consent (or lack of).

What will you need to do?

Changes are on the horizon, so nothing is completely set in stone. However, it certainly makes sense to check your cookie policy now, before further and final regulations come into force. That way, you can make sure you and your clients are working as you should be, without last-minute panicked changes to cookie compliance controls causing problems.

Cookie Policies Going Forward

It’s important that you keep up to date with all changes to cookies policies. For now, you need to remember:

  • Make it clear to your users that you’re using cookies
  • Explain why you’re asking them to agree to cookie use
  • Ensure it’s simple for them to consent to you storing cookies on their devices.

Checking cookie policies for both you and your clients makes sure you’re knowledgeable, transparent and compliant with the growing number of changes to the UK and EU cookie rules.

If you would like to know more about how Far’n’Beyond can help you implement your cookie policy, or you would like further advise on your website, please contact us.

-- What we do at Far'n'Beyond --