New Website Cookie Law

[Iain]

On 26th May 2011, The Information Commissioner's Office passed a law which requires websites to gain visitors' consent to use cookies. The ICO gave webmasters 12 months to become compliant before they would start taking action against any that were no longer compliant. Some websites are handling this differently to others. You may have seen on the BT and BBC websites that they have commissioned a pop up box which asks for your permission to use cookies. However, on the Sky website they've simply added a new section to their Privacy Policy. I have it on good authority that Sky actually AREN'T compliant as the policies need to be seperate from each other.

I've yet to hear of anyone being fined for lack of compliance but the going rate is £500,000 if found guilty. Realistically a window cleaning company is hardly going to be fined this sort of money but there's no excuse to at least try to become compliant.

What is a cookie?

A cookie is a small data file that's stored on your computer, smart phone or games console that tells websites whether you've been there before. It holds absolutely NO PERSONAL INFORMATION whatsoever. You can actually disable cookies from being installed on your device if you really want to.

Does my website use cookies?

Basically, if you track visitors using analytics such as Google Analytics (which you really should if you have a website) then your website uses cookies and this new law applies to you.

What should I do?

The ICO has very little information and guidance as every website should be treated differently and require a different system in order to be compliant. However, as long as you at least make an attempt at being compliant, then you won't be fined. You should start by creating a Privacy Policy. If you don't have a Privacy Policy, then you need one pronto!

You should then create a Cookie Policy. This must explain to your visitor what a cookie is, what you use them for and what they can do if they don't want to use cookies. You must also explain that by using the website, they agree to your use of cookies.

What about if my website is hosted outside of the UK?

Doesn't matter. If you're a UK business or dealing with people in the UK, then you need to be compliant.

**All IGM Computers customers are 100% compliant with this new law.**

 

[Gavin]

I could have sworn this was an American law. Ah well best get on it then I guess.

 

[laddergarder]

There was an estimated 108 million websites on the uk in 2007. I doubt I will every get a letter saying I need a disclaimer on my sites, cant really see them policing this very well. Plus they will have to actually check if you do use cookies in the first place. Good luck, to them.

 

[Iain]

Plus they will have to actually check if you do use cookies in the first place.

This wouldn't be a problem for them as they can easily check.

This new law isn't going to go away and websites can easily be reported to the ICO for not being compliant. I'll agree it's unlikely to end in a fine for 99% of websites but do you not think it would be better to at least TRY to become compliant?

Anyone that has a website needs to get a Privacy Policy and Cookie Policy in place.

 

[laddergarder]

Can they check if you use google analytics though. I agree what your saying if it was a simple as putting up a disclaimer then its not really that big a deal. But I dont use cookie sessions on my website, not from the code side of it anyway, I suppose some information is collected from the user for site stats.

But if you count that, then this would affect every site then. I did look further into this, but the water is way to murky on what counts and what doesn't. Do you just need a disclaimer, or do you need some kind of popup?

I personally cant see them asking for a popup on every single website, its just rules gone mad IMO.

I agree with what you saying, we should try to be compliant, but I will wait until I can see some clear guide lines on what counts and what doesn't. Personally I cant see google analytics counting, this would be insane IMO.

I think this is more for sites like facebook who may or may not be collecting info, to then sell for marketing purposes, without users permission. Not saying facebook would do a thing like that, but just that the ICO will be more concerned with that type of breach than, a small window cleaners website, collection stats through google analytics.

 

[Iain]

Agreed. It is absolutely insane! The ICO clearly have no idea how the internet is run and they're just making a job for themselves!

The water is VERY murky indeed. The "advice" the ICO gives is incredibly ***ue with no firm right and wrong. If you take a look at the Cookie Policy I've linked to above, it covers the most important points by explaining:

What exactly cookies are

What types of cookies are used on that particular website

What these cookies are used for

How to manage these cookies

How to opt out of using cookies

There's a few programmes that check for cookies whilst browsing but anyone looking could just as easily check the source code of the website in question.

It's highly unlikely that anyone operating a small to medium sized website would be prosecuted and the ICO would have a hard time justifying the fine but it's not worth the risk to be honest. Better safe than sorry.

 

[Dodger]

Read that earlier Iain, very concise I thought. as long as ya put up something like that I can't see anything wrong although I doubt many visitors would actually take the time to read it.

 

[Belfastcleaning]

Special offer: Free cookie with every window clean

 

[Gavin]

Lol

 

[Dodger]

Special offer: Free cookie with every window clean

shouldn't that be windows clean lol.

 

[Belfastcleaning]

Haha.. Typo

 

[Dodger]

Haha.. Typo

I see lol

 

[Belfastcleaning]

Through the window?

 

[nearlyclean]

i have a couple of cookies with my coffee please, this cookie business will be as mucky as the piratacy laws but worth tacking a cookies warning to be safe /emoticons/wink.png