The EU cookie law is a piece of privacy legislation that was initially adopted by all the countries in the EU on May 26th 2011. The law sets out to protect internet user data by requiring websites to gain consent from visitors when storing or receiving any information. The UK was given a year to comply with the law and from May26th 2012, website owners will have a responsibility to ensure that their website complies.
What is a cookie?
A cookie is a text file that stores data through the web browser. Cookies are designed to store information about the user through their browser, recording preferences to adjust future targeted advertising.
What you should do?
- At the very minimum, you should adjust your privacy policy to inform users that cookies are tracking their use.
- You should rename your privacy police “Privacy and Cookie Policy” and have a prominent link to the policy on your website.
- You should include a full list of cookies explaining their purpose
- Install an “Opt in/Opt out” cookie button for your website that informs users that cookies are being used and allowing them to easily opt out.
John Lewis has made changes in line with the law, changing the Privacy Policy to a “Privacy & Cookies” policy and replacing the small link at the bottom of the page with a more prominent link at the top
How will the law be enforced?
The ICO, who are in charge of enforcing the law have said they will not launch into sudden enforcement action and that it would use formal warnings before fining websites for not complying. Read the interview with David Smith, director of data protection at the ICO, for more information.