UK Cookie Law

[anglian]

On the 26th May 2012 the UK Cookie law will come into effect.
It actually came into effect in 2011, but a 12 month grace period was allowed to give site owners time to make the required modifications.

The full law can be read here

As IT professionals we are bound to be asked questions on this subject by confused clients, and as IT professionals we also should make sure that our sites abide by the law.
Basically, essential cookies are OK and need no warning (eg, add to cart) but non essential and "important" cookies need to have the users permission.

I like many here use Wordpress & google analytics. After installing attacat cookie monitoring plugin in chrome, I found that the only cookies issued by my site were those from google analytics. (My site is a static site with no blog, comments etc)

So to abide by the law I need to either a) have a popup explaining that my site uses cookies, click here to accept blah blah blah, or remove google analytics. I have chosen to remove analytics

It also seems that most government websites will faile to comply in time read more here

Just wondering what, if anything, others here are doing about this now the deadline is drawing closer, and what interpretations of the law you have?

 

[ajm]

The Govt themselves will not be compliant according to http://www.bbc.co.uk/news/technology-18090118

There are various way, and the most common way is to have a good privacy page explaining about the way the site handles cookies, etc and what the end user can do if they do not want to have their visit tracked.

Another good site with a plugin for Wordpress is http://www.civicuk.com/cookie-law/index

Check what the big sites like Debenhams, John Lewis are doing and follow their examples

 

[PBComputer]

I've decided to disable analytics for now, and I'm waiting to see how everyone else is going to comply.

Paul
Cumbria Computer Repairs

 

[DCGPX]

Thing is whilst we want to be compliant, how many of us are that high profile to worry about it? It's nowhere near my top50 to do list!

Sorry but that's the way it is !

 

[gikstar]

And how does the UK Government plan on addressing the situation where you might wander off of a UK site to a website from the United States?

 

[Painless]

I'm waiting to see what the 'big boys' do.

I'm unclear if we just have to tell people there are cookies and how to disable them in their browser or do we need to give them the option of viewing the site without cookies. If the latter is the option then the question would have to be asked on every page - since we can't store a cookie with their initial answer.

This whole issue seems to be the usual EU nightmare. As I understand it of the 27 countries affected only 2 are making any attempt to comply and neither of them has achieve success 12 months after the legislation came into effect.

The Information Commissioner appears to have said that no action will be taken (initially) unless a complaint is received against a site.

And then is it an issue with the site owner or the site maintainer ie the client or us?

As I said the usual EU nightmare. What does everyone else think?

John.

 

[Xander]

Wow. The Nanny State's insanity has been bumped up a notch lately.

Next will be the Bobbies will need a signed consent form before they can open fire on you.

 

[anglian]

- since we can't store a cookie with their initial answer.

You are allowed to store a cookie saying the user does not want cookies from your site, this is classed as "essential"

I've decided to disable analytics for now, and I'm waiting to see how everyone else is going to comply.

Thats the way I am doing it, can't afford to be a "test case"

 

[Painless]

You are allowed to store a cookie saying the user does not want cookies from your site, this is classed as "essential"

But you could still have issues if people arrive at somewhere other than your 'home' page ie from a link or bookmark and what about the people who paranoid enough to disable all pop-ups and java script. To inform these viewers you would need a static paragraph which would need to be above the page break so that it is visible before they explore the sight.

It will become a bit like cigarette packets. You can't see what you are buying because of all the warnings and gory pictures.

John

 

[anglian]

It will become a bit like cigarette packets. You can't see what you are buying because of all the warnings and gory pictures.

Yup, it is all a bit of a mess, what it means is that a UK user visiting a legitimate UK site will get popup warnings about cookies and when the same user visits a scam site based half way round the world there will be no warnings.
Sure won't help the number of people getting ripped of. There really need to be a campaign on TV etc to make people aware of the law and explain what all these popup windows will mean.

 

[PBComputer]

I've just checked the ICO site http://www.ico.gov.uk/ and they use a cookie to remember you choice if you wish to accept cookies for not.

 

[anglian]

I've just checked the ICO site http://www.ico.gov.uk/ and they use a cookie to remember you choice if you wish to accept cookies for not.

That is allowed as it is classed as an "essential" cookie

 

[PBComputer]

Just noticed that - I'm blaming my lack of sleep (never slept last night) for miss-reading one of the posts.

 

[TLE]

I'm currently looking at implementing this plugin for wordpress.

Cookie Control

But as of yet, I cannot get it to work, in fact it results in a blank page being returned.

 

[4ycr]

I was on my first website with this on it today. Very strange due to not being used to it yet but I ignored it.

 

[anglian]

seems it will be really bad news for commerce sites, according to ICO only 10% of visitors to their site have accepted cookies.
This would also render analytics useless, so might as well disable them anyway

Not surprising that given the choice most people choose not to accept cookies from a site.

 

[PBComputer]

I did read somewhere that its possible to carry out analytics (tracking) without cookies - not managed to find it again. I will do some research today and post a link if I find it.

 

[anglian]

Seems the ICO released a late change to the law
http://www.guardian.co.uk/technology/2012/may/26/cookies-law-changed-implied-consent

The BBC is using this "Implied consent", they have a cookie warning at top of page, and by clicking any link on the page you accept the cookies.
Seems to be a better (although not great) way of doing things

 

[PBComputer]

I read the same article this morning, I have just finished my site (5 hours I will never get back) I think I'm compliment but who knows, since they keep changing the goal posts.

 

[PCSupportGlasgow]

i think everyone in a "what to do for the best" scenario just now.

then again UK business websites are legally obligated to display the company address on them which a very very low proportion have and I've never heard of a prosecution because of it.

To me cookies law will be another of those that ... those of us who are law abiding will end up penalized by pissing off visitors with popups and the cowboys will carry on not caring with no comeback.