- 28 Apr 2012
Please see full details of the current Cookie Management Tool here.
Who Is Affected?
Cookies are used for various purposes and are critical to the functionality of more complex sites. However, cookies are also used in Google Analytics and most social bookmarking widgets, which may therefore affect even the smallest of websites.
Who Will Enforce The 'Cookie Law'?
In the UK this law will be enforced by the Information Commissioner's Office (ICO). Other EU states are required to roll out their own versions of this law, which will apply to websites targeting visitors from those countries. It is therefore quite possible that multi-language sites targeting a global audience will have to conform to multiple versions of this law.
In the UK, websites that are not compliant are open to enforcement action from the ICO who may impose fines of up to £500,000 among other penalties.
What Is Required Under This Law?
The 'informed' aspect requires websites to tell visitors what cookies they use, and what their purpose is.
The 'consent 'aspect is defined as "any freely given specific and informed indication of his wishes". However, no further details are given as to how this should be implemented.
More information on the requirements of this law can be read in this open letter from Ed Vaizey, Minister for Culture, Communications and Creative Industries.
The Implementation Options
Implementation of this law on different websites will require different approaches. However, there is one key debate which centres around opt-in or opt-out systems.
The 'Opt-In' Approach
The 'Opt-Out' Approach
An 'opt-out' approach means that cookies are on by default and that users have to select to choose to turn them off. It is not fully clear whether this approach will meet the requirements of the law ultimately, however, it is felt by many that if implemented correctly then this approach should be fine.
The International Chamber of Commerce has published a UK Cookie Guide.
This guide sets out a best practise approach, which includes grouping cookies into four different categories and points to the implementation by BT as a shining example of cookie law compliance.
The BT approach is opt-out. However, to satisfy the definition of 'informed consent ' a pop-up appears on the first occasion a visitor views a page on their website, informing them that cookies are turned on by default, and points them to a cookie management system if they wish to change their cookie settings.
The Cookie Manager by Adam Sumner Design
See this in action by clicking the 'Change Cookie Settings' link at the bottom of this page
Modelled on the BT example I have built a cookie management interface that is suitable for most websites.
- Very user friendly
- All cookies are on by default, with no user interaction required
- Support for handheld devices and narrow browser widths
- Can be deployed without direct access to the website through an existing web developer
- Low price – typically just £219 for most websites
- Carrying out a review of the cookies used,
- Allocating these cookies into the recognised categories,
- Filling out the cookie details panel appropriately,
- Configuration of the website's code to remove certain cookie generating content depending on the visitor preference set.
- Testing the program functions correctly
If you would be interested in having this tool added to your website, please contact me.
N.B This article does not constitute legal advice.