Changes to the e-Privacy Directive are now imminent. And they affect anyone who provides web services to users in the EU region. Are you ready?
The new law, which comes into effect on 26 May 2011, will state that users must be provided with an opportunity to give their consent before having cookies downloaded onto their machines.
The challenge of gaining cookies consent
Unfortunately, there is no guidance in the amended e-Privacy regulations as to exactly how users should give their consent. The UK government, and other governments involved, have not yet provided clear guidance on how the legislation should be implemented by web managers.
What the e-Privacy Directive means for you
The UK Information Commissioner’s Office (ICO) recognises that the implementation of this new law will need to be phased. However, all web managers should consider their options for achieving compliance and start putting action plans in place now.
Magus cookies recommendations:
All web managers will need to check what type of cookies their sites are using. This might involve a comprehensive audit of your website, but could be as simple as checking what data files you are placing on user terminals and why.
We have listed our recommended actions below:
- Find out what type of cookies and similar technologies are used by your sites and establish how they are being used
- Establish which of your sites are using cookies which are affected by the Directive (remember that cookies “strictly necessary” to fulfil a core purpose of the site are exempt e.g. a shopping basket)
- Decide what methods of obtaining consent are most appropriate for your websites
- Check that all sites include a privacy statement that covers your cookie usage
- Document the process for future reference – you may need to demonstrate that you have been actively working towards compliance
A new set of ActiveStandards checkpoints and reports are now available. These are free to all our clients.
To help you get your action plan started, we can provide a full cookies audit of your website. This service is available to both clients and non-clients – for more information, visit our Cookies page.
Cookies compliance – what next?
In the future, it is likely that consent will be provided through users’ web browsers. The major browser manufacturers are currently working with governments to achieve this.
For UK-based web managers, the ICO will be drafting further advice on the new law in the near future. This will potentially include further suggested methods of compliance, and how and when it intends to begin enforcing the regulations.
Magus will be keeping you updated on any future developments in this legislation – check back with us regularly to find out what’s new, how it affects you, and what steps you need to take.