On 26 May the UK’s Information Commissioner’s Office (ICO) imposes an EU directive designed to protect internet users’ privacy.
Tell people that the cookies are there
Explain what the cookies are doing
Obtain visitors’ consent to store a cookie on their device
The ICO says the rules cover cookies used to provide information to advertisers, count the number of unique visitors to a page and recognise when a user has returned to a site to adjust the content that is subsequently displayed. However, it says exceptions are likely to be made if the cookie is only being used to ensure a page loads quickly by distributing the workload over several servers, or is employed to track a user as they add goods to a shopping basket.
Many small businesses don’t have websites which are transactional so the most likely impact is around the website statistics provided by Google Analytics which are cookie-based. If you are unsure what other cookie-based functions may be in your website we can help you find out.
The question many people are struggling to answer is how to implement explanation and consent in a way that achieves compliance but doesn’t spoil the user’s experience. The ICO’s principal policy adviser for technology, Simon Rice, has been quoted as saying: “The information needs to be upfront – without information people can’t give consent.”
The other question is whether websites should be asking people to opt-in or opt-out of cookies. BT have already implemented a cookie consent pop-up on their homepage which leaves them on by default unless the user changes settings to switch them off, but some people argue the default should be off. Clearly that has a huge impact on website analytics if cookies are off by default as it is unlikely that accurate tracking would be possible.
Sufu Marketing are ideally placed to help SMEs achieve the right balance for them between suitable compliance and commercial realities. We certainly recommend taking a pro-active approach to the issue and not ignoring the situation, undoubtedly some high-profile examples will be made with accompanying hefty fines.
You might think “they won’t come after me”, but why take the risk?