How Does the New EU “Cookie Directive” Affect Your Site?

Subscribe by RSS

Subscribe by Email

News at Alterian

Alterian leads the way in mobile with HTML5, powered by bemokoLive August 3, 2011
Alterian Content Manager Mobile solution has been enhanced with an HTML5 Optimiser. This advanced feature allows the development of mobile sites completely in HTML5. Smartphones that support HTML5 will benefit from all its advanced features. […]
Alterian appoints Heath Davies as Chief Executive and Phil Cartmell as Chairman July 13, 2011
Alterian is pleased to announce the appointment of Heath Davies as CEO and Phil Cartmell as Non-Executive Chairman. Heath replaces David Eldridge who stepped down in April and Phil Cartmell replaces Keith Hamill, who retires as Chairman on 5 Sept 2011. […]
Alterian Solidifies Partnership with Plusoft to Provide Holistic View of Customer July 5, 2011
Offering combines Plusoft’s expertise in customer relationship management (CRM) and Alterian’s industry-leading solution for marketing campaign management. […]

May

2011

comments (0)

Found in Web Content Management by Jose Santa Ana

This post is first in a two-part series.

Do you worry about your privacy when you do things online? Are you concerned information about your online activities can be obtained by third parties other than the website with whom you are interacting? You are not alone. Your online privacy has of late also been the concern of legislators around the globe.

In the U.S., a new bill aims to increase privacy protection from police and other law enforcement agencies. Congress took the first major step this week toward updating a 1986 law, crafted in the pre-Internet era, to protect the privacy of Americans who use mobile phones; web email; and services like Google Docs, Flickr, and Picasa. Sen. Patrick Leahy’s (D-Vt.) proposal, called the Electronic Communications Privacy Act Amendments Act of 2011, introduced sweeping legislation that would control how police and other government agencies can access online data, such as your private communications or the location of your mobile devices.

And in Europe, they are approaching online privacy from another angle: protecting your privacy from the website you visit itself, or from other interested third parties. Dubbed the “Cookie Directive,” this amendment to the European Privacy and Electronic Communications Directive dictates that from May 26, 2011, “explicit consent” must be gathered from web users who are being tracked via text files called “cookies”.

Enacted in the fall of last year, the EU-wide directive however, left it to the individual countries to draw up the guidelines for how this directive will be enforced – understandably creating confusion leading up to next week’s deadline.

What is a cookie?

A cookie is a little text file composed of alphanumeric characters, which is created on your computer when your browser accesses a website that uses cookies. The files are used to help your browser navigate the website and fully use all its features like logins, preferences, language settings and themes, among other common features. The cookie is used solely to help your browser process a website; it doesn’t collect any information from your computer or snoop on your files.
Majority of websites and web applications today need cookies to function. As such, these websites will need to figure out a way to comply with this new directive without negatively affecting the user experience.
More information about cookies can be found at www.allaboutcookies.org.

Finally, some guidelines! Or…

In the UK, the responsibility of drawing up guidelines falls to Information Commissioner’s Office (ICO) of the Department for Culture, Media and Sport. Last Monday, with just over two weeks to go, the ICO has finally given its advice on what websites must do to comply with the new EU regulations concerning the use of cookies. But the ICO advice is, as the Commissioner’s office admits “a work in progress.”

Unfortunately for website owners, work in progress leaves them uncertain as to how to move forward and what they need to do.

Can you rely on the browser to be in compliance?

Prior to last week’s advice, the ICO had talked about setting cookie approvals through browser settings, which would have saved businesses from having to make alterations to websites. However, the ICO has now said that browser settings are not sophisticated enough to make this work.

The guidance issued this week directly contradicts suggestions made by the government that anonymous browsing settings could be enough to satisfy the changed rules. It had said then that it will work with browser manufacturers to see if browser setting can be enhanced to meet the requirements of the revised directive.

However, as of now, consent through the browser does not constitute compliance with the new directive. From the ICO advice:

“In future many websites may well be able to rely on the user’s browser settings to demonstrate that they had the user’s agreement to set all sorts of cookies. We are aware that the government is working with the major browser manufacturers to establish which browser level solutions will be available and when. For now, though, you will need to consider other methods of getting user consent.”

So what now?

Tomorrow I will cover the impact of this decision and how it impacts your websites.