Do You Want A Cookie?

Usually if someone asks me that, my hand is in the biscuit barrel before the lid is off – result – very sore knuckles.  However, you may have noticed recently that every time you go to a website you are asked to click a button to accept that the site will store a cookie on your computer – result – less painful for the consumer but potentially a job of work for the website owner.  This has happened following an EU directive coming into force that requires websites to advise users that this is happening, and to obtain the users specific consent for this.  The reason for the legislation is primarily related to the protection of user privacy by ensuring that users of websites know that cookies are being stored, and, by clicking on the ‘accept’ button that the user is giving their consent to this happening.

So, what’s a cookie?

If you weren’t quite sure what a cookie is or what its purpose is, this might help.  A cookie is a tiny file (usually letters and numbers) that a website places on a user’s computer which enables that website to identify certain things about the users who are browsing the site.  The types of information that the website typically stores via cookies are (for example) the user’s location in the world and their device (i.e. phone, laptop, Mac). Some cookies only sit on a user’s computer for the length of the particular session that they are browsing the site, whereas others reside permanently on the user’s computer.  There are first party cookies – which are placed by the specific website that the user is visiting and there are third party cookies – which are placed by another website that (for example) advertises on the primary site.  The EU directive has been set up to ensure that users of websites actively consent to their data being captured – and stored – in a multitude of ways.

What’s this got to do with me?

From the perspective of the website owner you have a responsibility to make sure that you inform users that your site will store a cookie on their computer and that you have their consent to do so.  This is being done by most sites via a somewhat annoying pop up window that asks the user to ‘accept’ (or in the case of The Daily Mash who ask you to click on their ‘whatever’ button…) that their cookies are being stored. To support this consent being obtained, you should have a clear and easily understandable privacy policy that the user can access which explains what you will use the cookies for.  The legislation applies to all new AND existing websites, so perhaps it is time for a check on your site to make sure that you are complying.

In summary, as a website owner you need to:

  • look at how your cookies are set up – what type they are and what they are used for
  • check how understandable your privacy policy is, making sure that you explain how you use cookies
  • decide how you are going to manage obtaining informed user consent to the use of cookies, and how you manage those users who don’t want to accept the cookies.

Clearly, we aren’t legal advisors and this is our interpretation of this new legislation but we hope it’s a useful post.  For more in-depth explanations about the legislation you can see the full, detailed, (but still accessible) guidance on the Information Commissioner’s Office website here

If you have any questions or concerns about your website’s compliance with this new directive, please don’t hesitate to contact us.  We can update your WordPress website to make it cookie compliant for the special price of only £50.  We can also advise on cookie audits, ensuring your privacy policy is accessible on your site and help with creating an informed consent pop up on non WordPress sites.  Contact us here to find out how we can help.