Got a website? READ THIS - EU Cookie Directive

| 22nd May 2012

What’s special about the 25th May 2012?

Birthday? No

Anniversary? No

Summer officially starts? No

For those of you running websites you’d be forgiven for not thinking that this date was anything special but you’d be wrong.

The 25th sees the official date by when website owners in the UK should comply with the EU Cookie Directive aimed at making site owners be upfront with website visitors about what Cookies are, what they do and which Cookies are running on their website.

A Cookie is a small piece of software that gathers information and is designed to make your web browsing easier and more of a pleasure. For example, you’ll have noticed that when you go back to an online store you’ll notice more often than not that the site knows an awful lot about you.

Most websites use some form of analytics software such as Google Analytics which in theory could be made redundant by this directive.

Most Cookies are harmless, but the chances are that unscrupulous website owners could be using more powerful Cookies to gather lots of information that they could use for sinister means.

With this in mind, the EU directive is designed to let the website visitor know what Cookie a site’s using and for what.

However, if anyone has seen the directive, you’ll see it’s not totally clear what they want and what ‘compliance’ means.

Econsultancy provide an excellent guide that you can read here.

Generally speaking, there seems to be 3 levels of compliance.

Level 1 A prominent link to a Privacy Policy which talks about the website’s use of Cookies (as used by John Lewis)

Level 2 An option out option (as used by BT)

Level 3 An opt in option (as used by the ICO)

Given that even the Government has admitted it won’t be ready in time, what should the humble website owner do?

In some ways it’s very frustrating because not all countries have agreed to be compliant, in fact in addition to the UK only Denmark and Estonia have provided compliance dates.

I think the essence of the directive is that it protects privacy and the least you need to do demonstrate some compliance is to have a prominent Privacy Policy that talks about Cookies and what you use on your website.

If you’re in any doubt, consult your lawyer!