63% of UK Websites Have Complied with the New Cookie Legislation, Have You?

After the EU Cookie Directive came into law last May, research by TRUSTe reports that 63% of UK websites have complied with the legislation. The EU Cookie Directive also called the e-Privacy Directive, requires UK sites by law to ask for users’ consent to record information, in the form of ‘cookies,’ about them and their Internet-browsing habits.

According to aboutcookies.org, a cookie is ‘a piece of information in the form of a very small text file that is placed on an internet user’s hard drive.’ A site’s server generates the cookie to identify a user and this information can be used when the user comes back to a site. Sites use cookies for a variety of purposes including to collect information about a demographic and to monitor Internet browsing and shopping habits to use for marketing purposes.

The cookie law was designed to protect Internet users’ privacy. The law requires sites based in the UK to tell their visitors that they are using cookies or other similar technology for tracking and how they are using them, before storing users’ personal data. When Internet users are browsing, UK sites must have informed consent from visitors to use and save cookies onto their compuile devices. Websites that do not comply with the law face fines of up to £500,000. Sites were given a deadline this May to have their site updated to follow the law.

The Information Commissioners Office (ICO), responsible for enforcing the cookie law, have allowed sites to comply with the law in different ways to best suit their site. Sites have complied by either having a pop-up window appear to ask for content from the user before installing cookies to track the users’ browsing behavior, or by prominently displaying their cookie policy on their website. Or by doing nothing at all, like this site, or here.

The ICO itself complies by displaying a box at the top of its website with text saying, ‘The ICO would like to place cookies on your computer to help us make this website better. To find out more about the cookies, see our privacy notice.’

Another example of the TRUSTe’s report of 63% of UK sites that have complied with the law by early September include the BBC, which even directs users to its Cookie Policy on its mobile site. In addition to having informed consent, sites must also tell visitors how they can delete or control cookies. To inform users on cookies, the ICO links to aboutcookies.org and encourages other websites to do the same by linking to the site in their privacy policy.

In the same report by TRUSTe, of the 37% of sites that did not appear to take any steps to follow the law, 49% of those had low-level of third-party cookie activity, 35% had a moderate amount and 16% had a high level.

Some cookies however, an opinion formed by European data protection authorities in June, do not apply to the new cookie regulations. Cookies that are not used for additional purposes such as online forms or language preference cookies will not be required to ask for a user’s consent. Cookies used for analytical data are considered not to breach privacy as users can opt out of data collection.

Rita Wells Author