Tel: 01206 808090 Email: firstname.lastname@example.org
It was widely agreed that the first thing to do would be to find out what cookies existed on a website, so in addition to offering our clients cookie audits, we audited our own website.
There are many tools available to do this online – some free, some with costs attached. No single tool seemed to us to be able to capture every cookie, 3rd party tracker and web beacon (we’ll refer to them all collectively as cookies from now on for ease of reading, however they are all technically different things covered by the same legislation). We used a combination of three tools, plus a manual code check for each page of the website. Every page needed to be browsed using the tools and a record made of every cookie encountered.
We are keeping a database of the cookies we find within the wiki we use internally. Some of the information we found while checking our own website was a surprise and we even found one sneaky cookie that put our website users at risk of targeted advertising within our blog. We removed this as it was of no use to us or our website users.
We had been closely following all news and developments regarding ‘cookie law’ during the year and as the 25th May 2012 drew nearer the International Chamber of Commerce launched a ‘UK Cookie Guide’ which finally gave clear, plain English guidance to help us – and you – to comply.
We liked their categorisation of cookies, from Category 1 cookies, which are strictly necessary for the website to function (i.e. shopping carts), to Category 4 cookies which are the cookies the law really hopes to target. These are targetted advertising cookies and are not anonymous in the sense that a unique user can be identified from the cookies stored on their browser by a website and, later, shown adverts relating to what they have looked at on that computer. Using such cookies, detailed information about a person using their computer can be built up over time.
Managing these Category 4 cookies and making website users aware that they are there and have an opportunity to say yes or no to them seemed to us to be a pragmatic and sensible approach.
After we removed the one Category 4 cookie we found on our website this was no longer an issue for us, so we concerned ourselves more with the remaining cookies – those which are strictly necessary, relate to the performance and analytics of the website (and not relating to advertising on the site or elsewhere) and finally the functionality cookies that allow users to submit comments, and customise a website in terms of font size and colours.
…at the 11th hour (some might even say after the 11th hour!) the ICO issued updated guidance about cookies and how to comply with the new law. This update clarified the use of implied consent as a valid form of consent within certain boundaries of operation.
Common sense prevailed, and we breathed a collective sigh of relief that all the research and work we had done to fully understand the law had paid off.
We’re happy to help you to comply with the new EU Cookie Law too – contact us to discuss how we can help or to get a Cookie Audit completed to get the ball rolling.