What is the new cookies regulation?
Last year, the European Union passed new online privacy regulations stating that all websites across the EU must obtain users permission before storing cookies. Three member states, including the United Kingdom, have now opted to put this into law.
The law concerns cookies, which are small data files which websites leave on your computer to identify you. Typically these cookies are used for innocuous purposes such as remembering choices you have made, keeping items in a shopping cart or providing website traffic data. They are also sometimes used to track you in ways that you may feel breach your privacy. It is for this reason that the new law states that all websites must:
- Clearly state what cookies they set and why
- Provide a mechanism for users to opt out of having cookies set, either by implied or explicit consent.
The law came into effect on May 26th 2011, and sites were given 12 months in which to comply. This means that as of Saturday May 26th 2012 all sites which have not yet enacted the changes detailed above are technically in breach of the law, and could be subject to a large fine.
You can read more about the new cookie law and find additional information on compliance on the official ICO (Information Commissioner's Office) website here:
What is implied consent?
Since the law was originally passed in 2011 the ICO have clarified that 'implied consent' will be considered acceptable. This is good news for site owners and developers, as a big complaint about the legislation has been about the fact that many sites rely on cookies for basic functionality, and that the financial and technological implications of rewriting this functionality would be unfairly prohibitive.
Will it affect my company and our website?