EU Cookie Law Guidance 2012

Last May Simply-Docs provided some prospective guidance and commentary on the new EU Cookie Law. Formally known as the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011, the regulations address important privacy requirements imposed upon website owners operating websites within the EU.

From May 2011, the UK Government opted to allow a one-year grace period prior to enforcing the new law. Although it came into force on 26th May 2011, the Information Commissioner’s Office is not due to begin enforcing it until 26th May 2012.

Cookies: A Quick Review

Many websites use cookies. If a website provides e-commerce facilities or requires a user to login in order to use the site or certain parts of it, chances are, it will use cookies. A cookie, in its most basic form, is a small text file which a website places on a visitor’s computer when it needs to “remember” something. Other websites may use cookies for storing personalisation options such as content, colour scheme, layout and so forth.

Another popular use for cookies is web analytics. In this case, cookies are used to track users’ movements and activities around a website, thus enabling website owners to better understand their users, their wants and their needs.

What Does the Law Require?

Simply put, whereas prior to 2011 the law only required that website users be allowed to opt-out of receiving cookies, now the law requires that website owners obtain users’ express consent before placing cookies. Whilst in 2011, we speculated that only third party cookies would be significantly affected, it is now clear that both first and third party cookies are subject to the consent requirement. Only cookies deemed to be “strictly necessary” are excused.

What Are the Practical Implications?

This change in the law means that many website owners will need to make alterations to their websites and/or their use of cookies. All-new EU Cookie Law Guidance Notes are now available from Simply-Docs, addressing the important privacy requirements at hand and providing practical guidance for compliance.

In addition, our Privacy Policy template and many of our Website Terms and Conditions templates have been updated with new provisions geared towards compliance with the new rules. It is essential to note that merely using these updated documents will likely not ensure compliance. In many cases further measures must be taken as detailed in the guidance notes.

But my website is fine and my users are happy… This isn’t fair!

You are not alone. Many website owners are unhappy about the new EU Cookie Law and argue that nobody particularly complains about cookies. Indeed many fear that users will be annoyed by the new consent measures that may be required.

Nevertheless, the new rules have honourable roots in seeking to increase and protect the privacy of internet users and in seeking to improve the understanding of internet users with regard to cookies and online privacy in general.

By using our new EU Cookie Law Guidance Notes in combination (where appropriate) with our updated Privacy Policy and Website Terms and Conditions, you should have the tools required to ensure that your website complies with the requirements of the new law in a way that is minimally intrusive to the end-user experience and to your business.