From 26th May, the EU Cookie Law will come into force in the UK. Users will have to opt-in before any 'electronic communications network' can use cookies to store information about their browsing behaviour. And unless the cookie is deemed 'strictly necessary' for a website, app, mobile site or email to function, the user will need to give their consent. Non-compliant businesses run the risk of prosecution and could be fined up to £500K.
And all of this is just five days away. Yikes.
Given that only 13% of people claim to fully understand how cookies work, a quick explanation is probably in order. A cookie is a piece of code that downloads to your PC when you visit a website or click an email link. Cookies are used for loads of stuff, from remembering your log-in details to the contents of your shopping cart. They're pretty useful little things, enabling seamless navigation around the web and keeping track of your interests and preferences as you go.
They sound harmless, right? Apparently not.
According to the caring folk who issued the directive last year, legislation is necessary 'to protect the privacy of internet users', 'prompted by concerns about online tracking of individuals'.
But this 'online tracking' allows advertisers to deliver more targeted and relevant ads. Clearly this does throw up a few concerns and does need to be regulated, but the EU's approach does feel a little heavy handed. In case you hadn't noticed, lots of stuff on the internet is free, most of which is paid for by targeted advertising. 97% of Google's profits come from advertising. Thanks to our booming internet economy, a villager in Uganda with a smartphone can access the same search technology as a planner in a London office (and Google can make money at the same time). The same goes for Facebook or YouTube (it's pretty much their business model).
Imagine that the next time you go to Google something you're interrupted with:
Now imagine being faced with one of these pop-ups every time you go to check the news, share a link or click on something not considered 'strictly necessary' for website function. It's going to get annoying, not to mention confusing - and even dangerous. After all, the pop-up is asking 'Mind if I download some stuff onto your computer?' Will users be able to distinguish between the safe cookie pop-ups and malicious viruses? Ironically, in an attempt to make the internet a safer place, there's a chance the legislation will do the opposite.
There are alternative solutions. Check out the header from the ICO here. Yes, their opt-in mechanism is far less intrusive than a pop-up or splash page, but does it actually work? The ICO lost 90% of their recorded visits in Google Analytics after implementing this opt-in after only 10% ticked the consent box. Can you imagine the damage to business if Amazon or eBay lost 90% of their tracking data?
May 26th is just a few days away and yet surprise surprise - no-one's ready. In April, it was estimated that 95% of UK businesses are not yet compliant with the new Cookie Law. Does this mean the ICO will go in all guns blazing and hit the 95% with 500K fines? Probably not.
1. Conduct a cookie audit
Check every website, app and email - identify any cookies and decide how intrusive they are. Are they strictly necessary e.g. to remember what's in your basket? Are they performance related or used for targeting? This doc from the ICC categorises cookies pretty nicely.
2. Plan how to obtain consent
You could use pop-up boxes, splash pages, homepage headers, banners or the T&Cs. It's really up to you ho you reach your solution, but it's worth testing a few ways to ensure you get as many opt-ins as you can (and don't disrupt the user experience too much).
3. Communicate with your clients
It's essential to work out who is held responsible for compliance with the new legislation. Remember that this law applies to any websites, emails, apps or mobile sites - so bite the bullet and negotiate an agreement.
4. And finally...look like you're doing something
There's no denying it - the Cookie Law still all feels a bit woolly. The advice from the ICO (those responsible for enforcing the law) is that the most important thing is to 'take steps in the right direction'. Your best bet is to leave a paper trail of emails, meeting agendas and drafted cookie policies to demonstrate your willingness should the ICO come-a-knocking.
Lauren Took
Junior Planner 
No comments:
Post a Comment