The new EU Cookie law is now in effect and applies to websites hosted in the UK. The law requiring websites to gain explicit consent before storing cookies on users computers was passed in May 2011 but the ICO granted firms a year to comply before prosecuting any cases.
What the law means for webmasters
There are a few steps to go through in order to achieve compliance with the law:
- Depending on the kind of cookies you’re using on your site, you must decide on a model for managing user awareness and consent.
- You must make any technical changes to cookie-storing scripts in order to test for consent before a cookie is stored.
In practical terms it means you need to avoid using cookies or deploying third party software that uses them except where it is essential for the purpose making your website work. This is because as soon as explicit consent is required, users may refuse that consent. If you see a particular feature as important, you’ll want to know that it will work all the time, whether or not users have consented to cookies.
Bear in mind that in the UK, the ICO is taking a relaxed approach to analytics. Their guidance is that analytics cookies are fairly unintrusive and that therefore, as long as you inform users about their use, explicit consent is not required.