• Availability

    I am currently available and taking on new projects.

EU Cookie Directive – Information, Compliance and Resistance

So What Is This EU Cookie Directive?

It’s a new law, issued by the EU in 2009 that bans the use of cookies on websites without explicit consent being given by the user. The law actually cam into being on the 26th May 2011, but because no-one was ready, it was decided that it wouldn’t be enforced until 26th May 2012.

Although the mischief which the law is attempting to stop is well-intentioned, the directive hasn’t been terribly well thought out.

What Is A Cookie?

A cookie is a small text file that a website stores on your computer. While many of these are harmless, and even required for some site features to function, some websites use them in ways which are considered far too intrusive.

Cookies are often used to remember that you’re signed into a website, at what point you’re at in a checkout process, any preferences you want to save and so on. Very useful things.

On the other hand, some companies use them in unreasonably intrusive ways – for example recording which sites you visit and delivering highly-targeted adverts which follow you around the web

Seems Reasonable Enough. What’s The Problem?

Getting explicit consent from users is going to be a huge headache for those who use cookies on their websites for perfectly legitimate reasons. It means that website users are going to be presented some sort of confirmation box, asking them if they are willing to accept these cookies, even perfectly innocent ones. The challenge of collecting this consent is posing a huge usability challenge to those who create and manage sites.

Also, the directive puts the onus on the website owners, not the advertisers. A good example is the Facebook ‘Like’ button. Seemingly innocent, but even without clicking it, Facebook knows what site you’re visiting, and harvests this data, which it then gives to advertisers so that they can bombard you with adverts. To me, this suggests that the EU has got it wrong, and needs to rethink some things.

So What Action Do I Need To Take?

That depends on the cookies which you use. Those which are deemed to be “essential” such as login cookies can be used without consent. The term “essential” applies to the users needs, and not your own. Also, this currently only applies to companies operating in the UK. Where your site is hosted is irrelevant.

If you’re using cookies that are included, you’ll have to start getting users consent. There’s a number of ways of doing this. All have a negative effect on your site. I’m in the process of putting systems in place for my clients currently, and doing my bit to get this law repealed. Please sign the petition.

You will also need to update your Privacy Policy to explain what cookies are, why you’re using them and what information they hold.

Fight The Good Fight


This Change.org petition is no longer available.

In A NutShell, Why Should This EU Cookie Directive Cease To Exist In It’s Current Form?

IT WILL POSE AN ANNOYANCE TO WEB USERS – They will be presented with an alert each time they visit a site which is covered by this directive, to the extent t that they may seek out non-EU alternatives.

ADDED COSTS TO EU BUSINESSES – Businesses have to go through the hassle of implemented systems to comply with this law. Non-compliance could cost you a hefty £500,000 for a serious breach.

IT MAINLY TARGETS THE WRONG PEOPLE – Even if the cookie is from a third-party, like the crafty Facebook ‘Like’ buttons, you’re responsible if it’s on your site. Companies such as Facebook and the ad-serving companies are the ones who should be affected by these regulations.

THE LAW DIFFERS FROM COUNTRY TO COUNTRY – Being compliant in one doesn’t mean that you’ll be compliant according to the local laws of the user.

IT AFFECTS MORE THAN JUST COOKIES – Any technology that needs to store something on your machine will need your explicit permission.

EU BUSINESSES WILL SUFFER – No matter what business you’re in, your market will be competitive. People like me, use cookies to gather non-identifiable information to improve the websites we create, making the sites easier to use, and more relevant to the visitor. If people decline to accept, we’re deprived of this data, giving non-EU businesses a huge advantage.

USER EDUCATION IS THE KEY – Web browsers already have systems in place to allow web-users to control what information they share and what information is stored on their machine. Greater emphasise should be placed on educating web users and safety / privacy.

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *