By Mike Kneller, Technical Director at M-Corp
Cookies are small files commonly used by websites and online applications to identify visitors. These can contain personal information and reveal data on the sites someone has visited.
The law which has been updated since 2003 came into force on 26 May 2011. It was deferred by the UK government for a year to allow more time for departments such as the Information Commissioner’s Office (ICO) to prepare organisations for the change. The ICO has been given powers to fine website owners up to £500,000 for serious breaches in the law and could approach any business running a website and ask them to demonstrate how they comply.
The only websites exempt are those which are “strictly necessary for a service” requested by the user, so for example shopping sites like Amazon or Expedia.
Most businesses are either unaware of this directive or, are taking a ‘wait and see’ approach hoping that the odds of being prosecuted first out of over three million businesses are slim. The fact is if your site uses Google Analytics to track visitors, then you are impacted by this law. Even some online advertisers and web site designers are failing to advise their clients on the implications of this law.
Rather than burying your head in the sand, it is time to start preparing. First, read the guidelines from the ICO. Then, find out what type of cookies your site has and speak to your web developers to find out what solution they recommend to obtain consent from visitors. There is certain to be a conflict between the desire to collect as much information as possible on a visitor and not deterring people away from your site. However, in order to achieve true transparency, all publicly available systems should be designed with the user’s privacy top of mind. No one wants to be held as a test case, take action now.
Join us on