This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
ICO Cookie Law is already on the move
The Information Commissioner’s Office (ICO) has updated its guidance on how to comply with the new UK Cookie Law (European Cookie Directive), which can into effect on Saturday 26th May. This update will increase the confusion of an already confusing law, by apparently supporting users’ implied consent to having their behaviour tracked by cookies.
The change to the guidance (updated PDF version here) gives more backing to implied consent, which means you do not need to get direct consent from users over installing cookies on machines. However, the wording of the guidance is still vague enough to leave many website owners and developers confused about how to comply with the law. Originally, the law required sites to get permissions from every user, allowing them to track user behaviour using “cookie” code on the user’s computer – the additional space given to “implied consent” suggests it may not be so clear cut any more.
Originally cookies were not to be set until the user said you could – ‘implied consent’ means you could now say “we use cookies… here is a link to our policy… if you click on anything on our site you consent to us using cookies”. The key point, however, is that when taking this action, the individual has to have a reasonable understanding that by doing so they are agreeing to cookies being set.” For example here is BT’s message which appears for a limited time in the bottom right corner of the browser window:
So… Explicit or Implied?
The ICO said in its guidance that “while explicit consent might allow for regulatory certainty and might be the most appropriate way to comply in some circumstances this does not mean that implied consent cannot be compliant.” The ICO claimed it has always said gaining explicit consent was not the only way that companies could comply. The data protection watchdog said implied consent should not be seen as an easy way out or treated as a euphemism for “doing nothing”.
So what should companies be doing to fulfill these new requirements? Here are your options:
- Use “implied consent”, meaning that, provided you are “satisfied that your users understand that their actions will result in cookies being set”, you can assume they consent to their use
- Do you collect sensitive information? Then you may feel that explicit consent is more appropriat
- Review the cookies your site uses and kick out any that are redundant. Then highlight to customers that your site uses cookies and provide a means for them to read more about that and to consent to their use with a Cookies and Privacy Policy link at the top/bottom of each page
- Remember, you can’t have a “Decline” button as having one would break the law – the system would need to install a non-essential cookie in order to remember the user’s choice so if they ‘decline’ then they will have to see the message on every page every time they visit your site – which may be enough to get consent.
CuCo are still looking into all the options for an elegant solution to this issue and will post what we find one.
Share this page
Filed under
Tags
Written by
Date
28.05.12
Tony Cook
Tony is co-founder, lead website designer and head of digital at CuCo Creative. Since graduation with a BA(Hons) in Advertising and Graphic Communications, he has developed his website designer and developer skills, with WordPress being his preferred choice of CMS. Tony boasts over 25 years hands-on experience in creative design and over 20 years in digital design. Tony is responsible for the website design team at CuCo and regularly builds great bespoke websites for CuCo's clients. Whilst the digital world has become a real strength, Tony does like to keep his foot in the creative design side of the agency, helping the design team deliver impactful branding solutions and impactful marketing campaigns.
Find me on
LinkedIn . Twitter . Instagram
Other posts by Tony Cook
Back to blog
CuCo Creative Ltd, Unit 3 Stratfield Saye, 20-22 Wellington Road, Bournemouth, Dorset BH8 8JN
© 2008-2023 CuCo Creative Ltd. Cookies & Privacy Policy | Environmental Policy | CuCo Creative are a member of the Design Business Association.