The cookie crumbles today

The European legislation on web privacy, which comes into force today, will impact all British businesses with websites. The "cookie law", or the Directive on Privacy and Electronic Communications, will require all websites that use cookies to seek consent from visitors to the site.

Cookies are small files commonly used by websites and online applications to identify visitors. These can contain personal information and reveal data on the sites someone has visited.

Say you browse the internet looking at new TVs and then later log into Hotmail or Yahoo to check your email and discover that banner adverts display a range of televisions - very similar to what you were looking for. That's no coincidence, but it was caused by cookies tracking your web behaviour.

The Information Commissioner's Office (ICO) has been given powers to fine website owners up to £500,000 for serious breaches in the law and they could approach any business running a website and ask them to demonstrate how they comply. Needless to say, the stakes are high.

The only cookies that are exempt are those "strictly necessary for a service", so that could be those used to remember what goods in an online shopping basket need to be paid for and those used for online payments. The contentious cookies are those that are used to study the customer's profile and behaviour, applied to personalise a website or serve relevant third party adverts - as in the example of the televisions.

It's important to bear in mind that it is not the intent of the legislation to prevent the use of cookies for these purposes. It is designed to ensure that all visitors to a website are fully informed as to the use and purpose of this type of technology.

A number of businesses are either unaware of this directive or are taking a 'wait and see' approach, hoping that the odds of being prosecuted first are slim. But, the fact is, even if your site uses Google Analytics to track visitors, then you are in breach of this law.

What steps can small businesses take? First, read the guidelines from the ICO. As a website owner, you should consult with your web developer or the provider of the website to determine what cookies are used and what solution they recommend to obtain consent from visitors.

Rather than taking a 'DIY approach' to finding out about the cookies on your website, speak to an expert to make sure your organisation's website complies with this legislation. Pop-ups, splash pages and asking users to accept new terms and conditions are just some of the ways website owners can seek consent.  

There is bound to be a conflict between the desire to collect as much information as possible about a visitor and not deterring people away from your site. However, in the spirit of transparency, I believe that all publicly available systems should be designed with the user's privacy at their heart. No one wants to be held as a test case, so it's vital that businesses take action. 

To download a copy of the free Cookie Law whitepaper by Mike Kneller, click here.

Mike Kneller has worked for over 20 years in technology and specialises in software, networking and internet related technologies.

For more information about bss digital click here, www.bssdigital.org.

We use cookies to create the most secure and effective website possible for our customers. Full details can be found here