The dilemma of the EU’s website Cookie Law

Liam PattonThere is an EU Cookie Law that came into effect on May 26, 2011. This relates to the use of Cookies on websites and, according to a recent study, 95 per cent of UK businesses are not prepared for it, reports Liam Patton, Mayfly Internet Marketing.

What’s it all about?
As much as this new law frustrates me, I will try to explain it in very simple terms.

Cookies are a type of file that is stored on internet devices (PC, tablet, phone) and used by almost every site. Ever wonder how a site remembers your login details, or how fields in a form are already completed when you started typing?

This is through Cookies. They are also used to track website visitors (Google Analytics), and remember which products you have added to your shopping basket. They are also used if you have social sharing tools on your site such as Twitter and Facebook. Many sites won’t work properly without them.

More advanced Cookies will remember which sites and products you have viewed, thus building your user profile. This information can then be used in re-targeting. Re-targeting works by remembering which products you have been looking to buy, and displays them on other non-related sites.

Why has this EU Cookie Law been introduced?
A very good question. There are some who feel that the web is very intrusive and by collecting all this data, sites hold too much information about a particular user, without them giving their consent. The new law aims to increase online security and data privacy by giving users more control over what data can be held about them.

This law actually came into effect in May last year, but everyone was given a 12-month grace period to get their house in order. By doing nothing, the Information Commissioner’s Office (ICO), who has been tasked with policing it, has warned of heavy fines. So, do not ignore the new law. This applies to everyone who runs a website.

What’s next?
Firstly, I advise you to find out what Cookies are being used on your site. Then decide whether they are necessary for the site to run and if you need to ask permission to use them.

Next you should update your privacy policy. You might also need to have users consent to the Cookies. Getting their consent is the difficult part, as the methods to achieve this could really harm your site’s traffic and conversions.

I have seen sites with pop-ups asking users to tick to agree the site’s new Cookie regulations and I have seen banner links, footer links, and intro banners to name a few. Another concern is what if the users share an internet device, who is to say that both of them have agreed or disagreed with a site’s Cookie policy?

From a design point of view, I have not seen a suitable, yet subtle solution. The policy implies that just displaying your Cookie policy will not be enough. You will need the user’s permission.

Let’s be honest, most internet users have no idea what a Cookie is, and if they are asked to agree to a site’s cookie regulations by ticking an “I agree” pop-up box, they are going to leave the site pretty quickly.

Some high profile sites have already introduced their policies with being one of the more prominent. The ICO ( is due to offer more guidance.

I think that this is a very tough law to comply with, especially to get it right and avoid driving away your site’s traffic. I believe a browser solution would work best, so let us hope that Internet Explorer, Firefox, and the rest release something very soon.

The advice in this article is my own. Visit the ICO site above for a definitive guide, and if necessary seek legal advice.