What the New EU Directive on Cookies means for Webmasters
Computers & Technology → Internet
- Author Stuart Mitchellmw
- Published February 1, 2012
- Word count 782
This article aims to give an overview of what is required by the new 2011 EU Directive on the use of internet cookies and how webmasters and businesses may look to satisfy the new rules.
Overview
The general remit of the original EU Directive, the Directive on Privacy and Electronic Communications which dates from 2003 is to tackle data protection in digital/electronic media. The 2011 update particularly concerns the appropriate use of cookies. In the UK the Directive is enforced by the Information Commissioners Office (ICO)
The broad requirements of the Directive for businesses and webmasters are to:
-Provide clear and comprehensive information to users of their website(s) detailing what cookies will be used and how they will be used.
-Obtain consent to the use of cookies from each user before deploying them, having provided the above information.
Scope of the Directive
The Directive applies to all cookies except:
-Cookies that are absolutely essential to the working of a service which the user has explicitly requested.
--e.g., a checkout process which requires the site to remember items in a shopping cart from one screen to another.
-3rd party cookies or cookies relating to 3rd party content which must be clearly identified and explained and will require a solution to be found between all parties involved to obtain consent from the user.
Who will have the ultimate responsibility for 3rd party cookies as a rule is a little bit ambiguous and each case will need to be assessed on its merits. That is not to say that it is an opportunity to avoid the requirements of the Directive. In fact the use of these cookies may require more communication from each party involved to explain and obtain consent from the end user.
The Rules
-The information describing what cookies a site will use and how they will be used must be provided before the user is asked to consent to theme being deployed.
-The amount and detail of the information that is provided by a website should reflect the degree to which personal information is gathered and the user’s privacy is affected.
-Once the user has consented to cookies being used for a site, the information and consent request don't need to be presented again unless new cookies are introduced.
-An opt-out or similar ‘failure to object’ does not equate to consent. The only exception here is if consent is sought/included as part of a broader process which itself explicitly requests consent. For example, a user signs up to a service and it is explained to the user that by doing so they are consenting to the use of cookies
Potential Solutions
There are a number of possible ways in which the sites can satisfy the requirements of the new Directive:
-Pop up windows which users see when landing on site (on each visit until they respond)
--this may cause usability and accessibility issues
-A Terms & Conditions checkbox which is included when a user agrees to the T&Cs whilst, for example, signing up for a new account.
-An additional setting which needs to be turned on, for example, within account portals or against particular pieces of functionality.
-A scrolling information banner which appears on landing pages to inform the user that cookies are not turned on and that they should visit another page (e.g., Privacy Policy) for more information and to turn them on.
-A prompt that the user sees before using a particular feature or piece of functionality on a site.
In any case, webmasters should look to streamline and monitor the use of cookies on their site to the reduce the risk of a breach and/or the layers of consent and information that are required across the site.
Enforcement
The regulations are enforceable in the UK by the ICO who have the following powers (as per the 2003 Directive):
-To perform an audit of action that a webmaster has taken to comply with the Directive
-£1,000 fixed fine for not resolving any breaches that are identified
-(In the worst case scenario) A fine of up to £500k.
--These fines will only apply where serious breaches of data protection covered by the Directive result in extensive or serious damage or distress.
--but relevant if we are dealing with personal data.
-Request information regarding 3rd party breaches
Timeline
The EU Directive and ICO regulation has been in place since 26 May 2011 however the ICO has allowed a lead time of 12 months for webmasters to work on and implement their solutions.
The key dates are as follows:
-26 May 2011 - 26 May 2012: Demonstrable planning and work should be ongoing to provide a solution.
-26 May 2012: Solutions must be in place.
© Stuart Mitchell 2011
I'm a small business owner. If you want to find out more about building successful websites then visit web design london.
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- What is DuckDuckGo?
- What is CCTLD?
- Gulf Website Hub Reveals Fresh Digital Solutions to Enhance Dubai's Expanding Market.
- Embrace Multi Graphics Inc. Expands Services to Meet Growing Demand in Digital Marketing, Design, and Printing
- Website Development Trends in 2025
- Viewing Instagram Stories Without an Account: Imginn Viewer Insights
- How to Find, Use, and Manage BitLocker Recovery Keys on Windows 10/11
- Building a Professional Website on a Budget: Using Free Tools like WordPress and AI
- Ava Labs CEO On Why You Shouldn't Ignore Red Flags In The Industry
- Cyberbullying: Empowering Families to Safeguard Their Kids
- 10 Common Online Scams to Avoid: Protecting Your Identity and Finances
- Spring Break and Staying Secure Online: An Internet Safety Guide for College Students
- Unveiling the Future: The 10 Revolutionary Trends Shaping Small E-Commerce Businesses in 2024
- Unlocking Online Content with YouTube Video Downloaders
- Unleashing the Potential of Online Earning: A Comprehensive Guide
- Navigating Success in the Digital Realm: Unveiling the Power of Digital Marketing
- How AI Will Affect the Future of Search
- Maximizing Business Efficiency: The Strategic Role of Business Intelligence with DataInseyets
- Cyber Resilience in the Age of AI
- Harnessing the Power of AI & Blockchain for Data Security and Transparency
- AI Ignites 6G Advancements in Wireless Technology
- How AI is Revolutionizing Content Writing
- What You Need to Know About Writing Prompts
- The Remarkable Ways to Use the AI-Powered Chatbot
- Where Will AI Take Us in 2024?
- AI Written Content Creation Trends for 2024
- Will AI-Linked Cryptocurrency Sector Thrive in 2024?
- Is AI Regulation vs AI Deregulation a Real Concern?
- Prompt Engineering: A Beginner's Guide to Prompt Engineering
- Balancing Innovation and Regulation of AI in the Future