Guide to the EU Cookie Law

In this week’s video blog, Nick and I walk through the new EU Cookie Law which is now live and active in the UK.

For the third time within 8 weeks, we’re updating our web design video blog on the EU Cookie Law. Even for website developers, understanding and implementing the EU Cookie has been fairly challenging, – so our video above aims to condense down and summarise the following key points:

  • Firstly, what the EU Cookie law is and how it’s evolved since 2003.
  • Secondly, we’ll highlight the last minute ‘softening’ of the guidelines that occurred on the eve of the law coming into effect.
  • Then we’ll review some live examples of UK websites that have stepped-up to the plate by implementing a compliance solution.
  • And finally, we’ll wrap up with a summary of advice, facts and guidance.

So what is the EU Cookie Law?

Not many people realize that almost 10 years ago in 2003, an early form of the Cookie law was passed in the UK that requires websites to do two things. Firstly to provide clear and comprehensive information about cookies that are dropped and secondly that you must provide information to assist users who wish to opt-out of cookies being stored on their device.

The new, big and scary Cookie law that everyone is talking about; builds on these two points by adding that a user’s consent must now be obtained before you can drop and store cookies on their device.

If you’d like to learn more about the EU Cookie Law itself, we’d recommend watching the 2-minute video we’ve embedded opposite – that explains the law in a clear and humorous animation.

Or, if you’re after something a little more official and substantial, you can download the latest copy of the official guidelines produced by the ICO – who are the governing body on the Cookie Law in the UK.

Implications of EU Cookie Law Compliance

So – the implications of full-blown compliance did pose several potential side effects. A good example being Google Analytics – which relies on instantly dropping cookies in order to provide accurate data about your site’s traffic. So if you’re asking for consent to drop the cookies once they’re already on your site you’re missing out on valuable data even if they choose to opt-in to your site’s cookies.

However, the EU Cookie Law doesn’t end there. Thankfully, at the last minute, the regulations were watered-down by the UK’s information commissioner. The changes to the guidelines, that you can download from the link above, highlighted that ‘implied consent’ is an acceptable form of obtaining consent and therefore achieving compliance.

Hopefully we’re not losing you, check out the video above, where we show some examples of EU Cookie Law compliance for both ‘Explicit’ and ‘Implied’ consent.

Advice on Compliance

So – In summary our recommendation, if you’re not doing so already, is to begin taking steps toward compliance without panicking.

If you watch this official 12-minute video from The ICO’s Dave Evans, he answers all of the commonly asked questions they’ve been receiving at the ICO about the EU Cookie Law. Hopefully you’ll see that there’s nothing to panic about and there’s still time for genuine UK websites to begin the path towards compliance.

A good place to start is ensuring that your site meets the requirements of the 2003 Law. This means having an accessible and detailed Privacy & Cookies page, listing what Cookies your site drops and what they do amongst other things.

The ICO are insisting that the law isn’t going away, so keep your ear to the ground, read the guidelines watch their video and make an informed decision.

Here at Creare, we’ve developed our own compliance solution that’s similar to the BBC’s. We’ve produced a leaflet that has been sent out to all of our clients with more information about the EU Cookie Law and the compliance options we’ve made available.

Thanks for watching this week’s video, please leave your comments on the EU Cookie law in the comments below.