The EU’s Privacy and Electronic Communications Directive, aka The Cookie Law has now come into force whereby all business websites based in European countries must now gain explicit permission from the user before dropping non-essential cookies onto internet enabled devises. The understanding of non-essential is a little ambiguous, but is generally taken to mean every cookie with exceptions of those used for online checkouts and shopping baskets, banking security services or those which ensure websites load quickly.
The legislation has actually been in force since early 2011 with a twelve month grave period which is rapidly counting down. This is part of a global trend to combat internet user’s privacy fears, both Mozilla and Twitter have taken steps to protect users by limiting tracking technology.
There has been a vocal campaign arguing the new law is unworkable and usability of the internet will be adversely affected, however instead of helping consumers opponents are rallying against something that is already law. Doing nothing is not an adoption, the Information Commissioners Office (ICO) is the body responsible for enforcing the UK law, and will be able to fine website owners up to £500,000 for serious breaches in the law. As yet it is difficult to predict how the law will be enforced but in making enforcement decisions the ICO has made it clear it will weigh up the interests of individual privacy with the needs of businesses to continue to profit from the web.
No brand wants to be singled out for non-compliance, both the fine and the adverse publicity could be quite damaging. Which is why is it surprising we haven’t seen more websites introducing ICO recommended changes, in fact brands could be missing out on some opportunities to creative positive PR and brand strength by being ahead of the game and taking measure to educate consumers in the run up to the 26th.
The low levels of consumer awareness around what cookies actually are and do remains problematic for business as consumers are likely to opt out as they are unaware of the benefits of cookies and how they will actually improve a user’s online experience. According to an Econsultancy survey around a third of consumers wrongly believe cookies could be used for viruses and Trojans while 40% believe cookies were bad for the web.
What happens after the 26th remains to be seen, the ICO in a last minute amendment clarified that websites can rely on “implied consent” for some aspects, so long as sites are satisfied that users understand the overall terms to which they have agreed. Only time will tell when it comes to examining just how the cookie crumbles.