Back in March, we blogged about the EU cookie law; what you needed to know and how to prepare your website for its eventual implementation. We followed that with a few hints and tips on protecting your website’s visitors and offered advice on the possible rules and exceptions you should be aware of.
The law finally came into being on 26th May 2012 and the sight of cookie acceptance forms emerging from the bottom of discerning websites’ homepages has become commonplace. Just how much they are noticed by the average, non-techy visitor is questionable, although it has been suggested that when a government department asked website visitors to opt in to receive an analytics cookie, most of them said ‘no, thanks’ and the site’s measured traffic fell by 90%.
That’s a pretty frightening stat, if true, and an example of why the new law has caused such a stir amongst web experts.
However, a recent update to the law sets out to relax the rules on the consent required in order to place cookies on someone’s computer. The Information Commissioner’s Office (ICO) has now updated the rule to allow ‘implied’ consent. Put simply, providing your website tells its visitors clearly that cookies will be used and they then go on to use the site, that should be enough to confirm their consent.
There is no reason your website’s design or number of visits should suffer because of the cookie law. Implied consent can help tremendously, as can unobtrusive-implementations of the acceptance forms.
- Clearly inform the visitors that the cookies are there
- Explain what the cookies do
- Obtain their consent (implied or gained via an acceptance form)
Of course, there are exceptions to every rule and it’s important to stress again that implied consent may not be enough. We whole-heartedly agree with the ICO’s three-step approach to the cookie law:
1) Audit your site first to work out what cookies it uses (if any) and the type – you may even find use of obsolete cookies which can be removed
2) Assess how intrusive those cookies are (are they storing user preferences, login details or monitoring their browsing habits or are they simply there for analytics purposes?)
3) Decide on a solution to obtain consent when you need it
If you’re at all confused by the law, or need some advice, in.house.media would be happy to help. Please do not hesitate to get in touch.