An EU directive was introduced on 26 May 2011, requiring all website owners to comply with the new EU directive on cookie consent. Here in the UK we had a 12 month grace period to allow us to ensure our websites comply.
So, will your website be legal from 26 May 2012?
How many of you have actively checked and updated your website to ensure that it complies? Our guess is that very few of you are even aware of the directive, let alone ensured that your website complies. 26 May is not far away, so time is running out to ensure your website is legal.
What is the risk if your website does not comply?
How many of you know exactly what cookies are in use on your website and what they are used for? Where do you stand with cookies that come via third-party advertising networks? What about Google Analytics that almost everyone uses these days?
The ICO has made it clear, that analytics are non-essential cookies and as a result, a website must obtain consent from users before dropping such cookies onto their systems.
So what can you do to make your website legal?
One option is to remove all cookies from your website. Realistically this is not going to happen as the modern website relies on cookies for a number of things.
Therefore the only option is to ensure that your site complies with the directive.
The first stage is to accurately determine which cookies are in use on your site. This may mean checking hundreds of pages to build a complete list. Unless you are comfortable doing this, it is something best left to an expert.
Next you will need to update your privacy statement, to include what cookies are in use and their purpose. It is recommended that this is make as clear as possible. The ICO recommends using a table.
Finally, you then have to ask for consent before you can drop any cookies onto a visitors computer. If the user does not provide their consent, then you cannot use your cookies. This last stage will probably mean re-coding every page on your website. Potentially, the code could be added to the running header or footer to reduce the work but this will spoil the look and feel of your beautifully designed website.
Remember if your visitor does not accept your cookies, your pages may not display properly or even at all. You may need to produce a cookie-free alternative page for these visitors; much the same way as you produce a different page for mobile devices.
The ICO has updated their site to comply (as you would expect) so take a look at http://www.ico.gov.uk/ for an example of how to implement the directive.