As of the 26th May 2012 the EU cookie law requires a website to gain permission from its users before planting cookies on their local machine.
A cookie is a type of information that a website stores on the hard disk of your computer machine in order to remember certain details about you at a later time, such as when you click the “Remember Me” box on login pages. Cookies often record individual preferences for a given site making the future browsing of that site easier for you, but they can also be used to help advertisers show you banner advertisements specific to your online habits.
The EU cookie law is a piece of privacy legislation that was originally adopted by all EU countries, and the UK was given one year to comply with the directive after updating its Privacy and Electronic Communications Regulations, which brought the EU directive in to UK law.
Every EU member has their own approach to the law, but the basic requirement remains the same regardless.
The Information Commissioners Office (ICO) is responsible for upholding the legislation, ensuring that organisations are complying with the cookie law.
After the 26th May, if a business is not compliant, or is seen to be actively working towards compliance, it will then run the risk of enforcement action, with possible fines of up to £500,000.
Quick and simple action
Some larger scale organisations have implemented some ingenious solutions to ensure that they get the permission of each user to send cookies to their machines, including the introduction of “Privacy Sliders” that easily allow a user to adjust the level of information that a cookie collects about their usage.
However, for many small businesses there is a significant lack of budget to introduce fancy methods such as this.
The ICO have admitted that organisations will need some time to comply with the new EU cookie law, but still insists that they should be able to demonstrate they have a plan in place to reach compliance as quickly as possible.