EU Cookie Law

Your website willThe EU cookie law will be a challenge soon be illegal due to  legislation originating in the EU that will come into force in the UK at the end of May 2011.

The legislation is intended to give us all more protection on the internet by limiting the type of cookies that can be used without our consent.

Why is this legislation stupid?

OK this is going to sound like a bit of a rant, and it probably is, because it will impact us all and take away time and effort from more productive endeavours – all without achieving its aim.

It won’t achieve what it is intended to, it’s impossible to implement, there are no good example of how to be compliant without creating a bad user experience. Even the government body responsible for enforcing it isn’t compliant.

Almost a year ago the EU passed a directive that makes 98% of all websites illegal, including mine and almost certainly yours. The reason my site is illegal is that I use a cookie via Google analytics in order to count the visitors to my website and to see which articles are the most popular so that I can write more of what people want to read.
Unfortunately some websites use cookies to track individuals and market directly to them (I was working on a website recently about shoes and all of a sudden unrelated websites started to show me lots of advertisements for shoes. Someone has been tracking me and I must admit it was annoying)

The EU solution is to ask for permission from the visitor to your site before any cookies are used and to explain exactly what they and what they will be used for. Sadly this is a lot harder to do without giving the visitor a experience filled with pop ups or other annoyances.

In the UK the ICO is the body responsible for enforcing this legislation and at the time of writing this they have not been able to make their own site compliant. They also use google tracking and frighteningly they have suffered a drop in measured traffic of over 90% which indicates that the vast majority of people will click “no thanks” or not click anything rather than read and respond to an annoying and intrusive banner or pop up.

This great video called “Stupid EU cookie law in 2 1/2 minutes” sums it up beautifully. And simplifies you options (but can’t give a full answer as there are none)

  1. Ignore the law. It is expected that most websites will takes this approach initially as they try to work out what to do.
  2. Stop using cookies ( easier said than done and will have a significant impact on your website)
  3. Ask for permission. If you use cookies that are not exempt under the law then eventually we will need to ask permission of our visitors

While it is no excuse to say that you are non compliant because the BBC and the government websites are also non compliment. There may be some more lead time with the bigger websites implementing solutions that are compliant that we can use to make our own sites compliant. It important to start working towards compliance and to be able to demonstrate that the task is under way.

The only real winners are the websites springing up all over the internet offering to sell you a solution or to monitor your compliance ongoing. I have seen a few who will monitor your site and issue a certificate for £199 per year. I don’t know about you but I object to legislation that only serves to make all of our websites more expensive to maintain and run but won’t really add any value to my customers or my bottom line.

I will endeavour to comply if it is technically possible and keep watch on the big boys in the market. There are already at least 2 plugins for WordPress that claim to help make your site compliant and I expect there will be many more in the coming months. This should at least make it possible to show that we are attempting to meet the spirit of the law.

My big hope is that non obtrusive tracking like Google analytics will be clarified as having exempt status as the loss of this important resource for all of the EU will make it harder to remain competitive with companies in other countries

Informative, educational and infuriating links

  1. Video – informative
  2. The Information Commissioner’s Office – ICO – an example of what not to do (and the government body responsible for informing and enforcing the legislation)
  3.  – An interesting site that has compiled a list of of complying and non complying sites. This may help to restore a sense of perspective if you are in a panic – don’t panic, you are in the majority. The site offers to audit your site but I have not had any response when entering a s.

I will write more on this and keep you informed as the date for the legislation comes closer. Here’s hoping that the government come to their senses or at least give us some guidance on what to do next.

your ‘Peoples Geek’

The information provided is of a general nature and cannot substitute for the advice of a licensed professional, i.e., by a competent authority with specialist knowledge who can apply it to the particular circumstances of your case. You should engage your own appropriate legal advice as Peoples Geek disclaims all warranties, express or implied, as to the accuracy of the information or the suitability in your particular circumstances.

2 thoughts on “EU Cookie Law”

  1. Hi Brian,

    Not that my current idea would be of any benefit to you directly (assume you are running on linux), but if you have any readers running Windows IIS sites they may be interested in my low cost “Cookie Free Analytics” solution. Its Google Analytics but without client side javascript or any cookies (and works in real-time)

    Add a couple of DLLs to the website, register a http module and set up a new GA property. In a matter of 15minutes you could have real-time data feed being fed to GA giving you basic visitor movements.
    Its an ideal “Plan B” to show you are working on being compliant, with the option of not being totally blind on visitors if you suddenly had to remove the traditional ga.js.


    1. Thanks Dave,
      This will drive a number of innovative solutions and it’s nice to see a windows one there. I don’t use windows so will have to keep investigating (along with a lot of other people).
      I noticed on your website you said that Google are unlikely to help, I’m crossing my fingers that they will since it’s the entire EU impacted now (Germany has had this problem for some time on a different front). But I doubt anything will be in place from Google by the deadline.

Comments are closed.