Come May 26th, and the much talked about European Union Directive on e-privacy will empower the people of UK to control what and how much data websites gather from in form of cookies. Few weeks ago, the European Union came out with a likely directive in line with existing e-privacy law which states that explicit consent must be sought from a site visitor in order to install cookies on the visitor’s computer, allowing for tracking of his behavior online. Following the acceptance of this ruling, websites will now be required to ensure that their cookies comply with the law and work on creating consent seeking options if they require setting up of cookies for tracking.
Much has been discussed and analyzed by webmasters across the world on the implementation of this new law. The Information Commissioner’s Office (ICO) has come up with starting guidelines that suggest on possible ways to seek consent from a visitor. Although many have suggested making tweaks to one’s browser settings as an easier solution to the directive, not all browsers settings are sophisticated enough to allow a website to assume whether the user has given the consent to it to set a cookie.
While Department for Culture, Media and Sport (DCMS) is working on technical solutions that online firms can follow, websites are being asked to prepare themselves by examining their cookies to see what purpose they fulfill and subsequently reach a decision about whether they require informed consent from visitors to keep using them. This review process is important, for post 26th May, the ICO will strictly look into any complaints it gets about non-compliant cookies and firms must be ready with answers.
For now, the point in concern is how to get the consent from visitors? Likely solutions being considered are pop-up window, terms and conditions of use during sign-up phase, settings-led consent where consent is gained as a part of the process the user has selected; feature-led consent where consent is gained when a user selects a particular feature or action, such as clicking on links or videos; a header or a footer note etc. If the information is being passed on to a third party, the details of that must also be stated in clear.
The only exception offered is for sites where cookies are ‘strictly necessary’ for a service requested by the user, for example a cookies used in shopping carts on e-commerce sites.
More definite guidelines from ICO are expected to be out in the next few days, but until then a starting point has been instituted to help cope with the change.