The EU cookie law. (e-Privacy Directive)

Computers + Cookies = what are they talking about?

Let me explain that for you in real speak. A cookie is a text file that is saved onto your computer when you visit a website that will store certain information about your visit. Why they are actually called a cookie is beyond me, I can only think of crumbs being left behind, which seems to describe them quite well.

There are two types of cookies: (let me just head over to WikiPedia)

Session cookie

A session cookie only lasts for the duration of users using the website. A web browser normally deletes session cookies when it quits. A session cookie is created when no Expires directive is provided at cookie creation time.

Persistent cookie

A persistent cookie will outlast user sessions. If a persistent cookie has its Max-Age set to 1 year, then within the year, the initial value set in that cookie would be sent back to the server every time the user visited the server. This could be used to record a vital piece of information such as how the user initially came to this website. For this reason persistent cookies are also called tracking cookies.

Why should I care?

It’s the law. The law requires the following.

” a person shall not store or gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met.

(2) The requirements are that the subscriber or user of that terminal equipment-

(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and

(b) has given his or her consent.”

Which means you can comply by getting consent that the user understands what a cookie is and how the webmaster intends to use it. There are three methods of consent with a variety of confusion around them (still)

1) ‘Prior’ Consent

2) Implied Consent

3) Consent from the user or subscriber

I could only suggest you read the ICO cookies guidance PDF to ensure you comply with the the EU cookie law.

The easiest one to enforce is implied consent. First we describe the cookie type we are using and by using the site you understand this. This has a link to our full privacy policy and a link to Wikipedia so the user can read more. Once the ‘Ok, dismiss’ button is clicked the notification disappears for a full year.

The irony? The notification sets a cookie to remember they have accepted our cookie policy!

We are available to discuss the use of cookies on your website and happy to provide a suitable solution.

About markmaking*

mark-making* is an award-winning creative agency specialising in branding, campaigns and communications