What is a Cookie?

When someone visits your website, they may provide some feedback, data and other forms of information. This can be collected and stored in a text format and placed in a file on the visitor’s browser. The reason for this is simple: the file can be used to judge the preferences of the visitor when they logged into the website – including the pages they opened and the clicks that they made.

This data is collected using a cookie, which is a small file which can be saved on the browser, as we indicated above. This data can prove to be relatively useful, depending on the number of visitors to the site. Some website owners have used this information in the past for a wide array of things, ranging from improving the user experience to targeting ads in the subsequent visits. However, these users may not have been made aware of the fact that the website may need the cookie consent to continue.

So, Why The Noise?

Since some cookies are thought to intrude on the privacy of the users of the website using cookies, there have been legal motions to bar their use without the consent of the visitor viewing the site. These concerns were raised despite the fact that cookies are not used for spreading malicious files like viruses and other malware programs.

The outcry comes from the fact that users information is not only harvested from unsuspecting users – but there is also a big concern of about a practice that is perpetrated by most websites on the internet: tracking of user activities. Every cookie is unique in its own right, meaning that their capabilities and applications vary.

What does UK law say about Cookies?

The government of the UK formed a body called the Information Commissioner’s Office (ICO). It serves as a representative of the people, ensuring that their privacy rights are safeguarded. It is tasked with promoting openness in the sharing of information, taking care of the rights of the authors (and owners) of the same and protecting the privacy of the individual users of the sites through the dynamics of the cookie consent.

In the same vein, a law that applies to all websites that are in the EU was put in place, barring the use of cookies and other user data collection methods for citizens within the Union. The ICO is an enforcer of this law and could take legal actions against websites who violate this law.

To Whom Does This Law Apply?

As a business, you may have a website – it is imperative to know where you stand in the eyes of the law.

There are three types of websites that fit within the scope of this law. For starters, there are those sites which are hosted in the UK and target audiences are citizens within the UK and the European Community at large. If your website falls within this class, you are required by law to obtain consent from the users who visit your website: specifically letting them know that your site needs to use cookies.

You may need to tell them about the purpose of the cookies. In most cases, this reason is “to enhance the user experience.”

Secondly, there is another class of sites – those which are hosted on foreign soil but whose users are mostly based in the UK or the EU at large. These sites are also required by law to be compliant with the cookie regulations in the Union. They should, therefore, ensure that they obtain consent from the users before tracking them.

The final class of websites are those which are based in the UK or the EU, whose target audiences are based outside Europe. They are not required to comply with these laws since the legislation has the jurisdiction scope that is restricted to the UK a few other countries in the region. However, different countries within the EU have different variants of this law – meaning that the requirements of the Cookie Regulations in the UK may not be the same as those in France.

What are the consequences of not being compliant to Cookie Consent?

When the European Union established the Cookie Laws in 2011, it gave directives to the constituent countries to bring their laws in line with these laws, using whatever means they chose. However, they also gave out strict timelines and guidelines that the members had to follow or face fines. For this reason, different countries have been working towards the amendment and enforcing of the necessary regulations within their areas of jurisdiction.

The UK, for example, was not wholly committed to the enforcing of the laws, yet it went ahead and put down the stipulations that their websites had to cover. Other states have been slow to act, but are also catching up as time goes. This means a lot to the websites which have their audiences, users, and visitors from the European countries.

Since the laws are being put in place, the sites now have to start acting fast and ensuring that they are compliant with the rules put in place. It has been predicted that in a few short years, people using the sites will have known about the compliance requirements. This implies that they will be aware of non-compliant sites, hence will eventually know that something’s wrong with the site.

In addition to this, there will be other consequences. First, ICO may take legal action against sites which violate the stipulated terms. Fines of up to £500,000 may be charged as punitive measures against them. Some people are claiming that the Cookie Law is ‘dead’, a fact that we strongly refute.

The legislative process has been slow in implementation – which does not mean that sites which break or ignore the law may continue to do so indefinitely.

How Does a Business go about the Process of Compliance?

Luckily, this is a very simple process. Adding a Cookie Consent plugin is all that it takes for the website to be compliant. This can be accomplished using tools such as Optanon e-privacy, effectively making it possible for the Do Not Track setting to be obeyed in the browser level, by the website.