The official deadline has now come and gone for companies to ensure their own websites comply with the Cookie Law. Yet, many companies are still in the dark as to what to do.
This is simply because the legislation is vague in a number of key areas and, verging on unworkable in others. Moreover, it hasn’t helped that the regulations have also changed at the 11th hour to include Google Analytics and AdSense leading to many more companies being affected.
So, let us try and simplify this for you:
The guidance on third-party cookies – for example, Google Analytics and AdSense – suggests that site owners and third parties are jointly-responsible for obtaining consent, but in practice this is very difficult to pin down. Strictly speaking, Google are the owner of the cookies and the associated service, so the site owner is arguably not responsible for seeking this consent.
That said, Design Inc would suggest this argument may not wash. Any websites built by Design Inc are ONLY affected by the Cookie Law IF that website has Google Analytics. And, in our opinion, you are responsible to comply with these regulations.
So, if your website does use cookies, then you will need to obtain consent from anyone visiting your website. And, the simplest solution is to add a pop up block on the website page (perhaps running along the top of the page) with a simple tick box consent facility. If the visitor is happy that the website uses cookies, then a simple tick in the ‘I am happy’ box will remove this pop up block for good, never to be seen again by anyone visiting that website from that computer.
There are, however, differing theories as to the definition of ‘obtaining consent;. The ICO recently updated its policy to allow organisations to use “implied consent” to comply. This means users do not have to make an explicit choice. Instead, their continued use of a site could be taken to mean they are happy for information to be gathered.
It should be noted that where websites expressly disclaim responsibility for the setting of third-party cookies that this is also added into their Privacy/Cookie Law page (often linked from the footer of the website).
In terms of enforcement, we do not fully understand how the ICO will/can manage this (the UK has millions of live websites to check through), and in fact, they have recently announced they will not be looking at prosecution anyway but rather support, to help companies adhere to this legislation.
Design Inc would suggest that if you are a company with a website which does use cookies – that you at least demonstrate that you are working towards compliance. And, although the Government have hinted that Analytics cookies are well down their list when it comes to enforcement – we are still suggesting you look into this now – especially when the solution is simple
For our own clients, Design Inc can state that the only websites we build which are affected, are those which have also been set up with Google Analytics. If you are a client of ours and you do not have Analytics set up, the Cookie Law does not apply to you. So, stop worrying.
