Usually if someone asks me that, my hand is in the biscuit barrel before the lid is off – result – very sore knuckles. However, you may have noticed recently that every time you go to a website you are asked to click a button to accept that the site will store a cookie on your computer – result – less painful for the consumer but potentially a job of work for the website owner. This has happened following an EU directive coming into force that requires websites to advise users that this is happening, and to obtain the users specific consent for this. The reason for the legislation is primarily related to the protection of user privacy by ensuring that users of websites know that cookies are being stored, and, by clicking on the ‘accept’ button that the user is giving their consent to this happening.
So, what’s a cookie?
If you weren’t quite sure what a cookie is or what its purpose is, this might help. A cookie is a tiny file (usually letters and numbers) that a website places on a user’s computer which enables that website to identify certain things about the users who are browsing the site. The types of information that the website typically stores via cookies are (for example) the user’s location in the world and their device (i.e. phone, laptop, Mac). Some cookies only sit on a user’s computer for the length of the particular session that they are browsing the site, whereas others reside permanently on the user’s computer. There are first party cookies – which are placed by the specific website that the user is visiting and there are third party cookies – which are placed by another website that (for example) advertises on the primary site. The EU directive has been set up to ensure that users of websites actively consent to their data being captured – and stored – in a multitude of ways.
What’s this got to do with me?
In summary, as a website owner you need to:
- look at how your cookies are set up – what type they are and what they are used for
Clearly, we aren’t legal advisors and this is our interpretation of this new legislation but we hope it’s a useful post. For more in-depth explanations about the legislation you can see the full, detailed, (but still accessible) guidance on the Information Commissioner’s Office website here