Cookies and UK law

Cookies, identified and explained in a what are cookies post, can be used by UK (and European) websites so long as the website notifies a user that cookies are being used. In a nutshell, cookies are text files which contain information on a specific computer and should be explained to the user of your website via a cookie policy, for example.

Cookies: what is it all about?

If you use cookies you will need to let your website users know what they are and why you use them. You can do this by developing a pop-up window, or using a header bar. You will also need to consider creating a cookie policy, or have a cookie section within your privacy policy. The law was created in Europe, which must be implemented in the UK, to allow each website user to have an awareness about what information is stored about them and for what purpose. Most users will not object to using cookies, so do ask them to give their consent.

In order to understand this topic I thought it would be best to try to summerise the other cookie information to help you, the creator, developer and user of technology.

Important things for the user

User’s have the right to know what cookies are being used and for what purpose. User’s also have the right to accept or deny cookies. A free and basic cookie widget can be found on OpenGlobal’s website.

It is important to know the rights of the user because your website, through the unauthorised use of cookies, may be breaking the law.

Information on cookies

The best way to display information to users is by splitting it into two categories:

  • Snapshot information (quick, short, everyday definitions and brief use)
  • Detailed information (detailed, technical definitions and exact use)

Snapshot information allows the user to quickly understand the concept of cookies, so iconography, for example, is very suitable to briefly explain what cookies are in plain English. Detailed information, on the other hand, can have a webpage of its own. This page can include a list of what cookies you are using (e.g. performance cookies), what category they fall under (e.g. category 3).

What does the ICO recommend?

The ICO, an organisation in the UK which focuses on information rights, gives excellent advise on how to gain a users’ consent. For the purposes of this short post, I will focus on three forms of consent:

  1. Accepting terms and conditions
  2. Obtaining consent as users select website settings
  3. Notices via pop-up windows, or choice technology, such as a header bar, for instance

Browsers and consent

In short, do not rely on browser options as giving user consent. Strictly speaking the e-Privacy Regulations will allow browsers to give consent, but this is not recommended by the ICO. I suspect that web browsers will be improved for cookie use within the coming year, or so.

Good cookie practise

This law can be seen on every large organisations’ website. E.g. Flybe, Out-law’s notification bar and Tesco all offer cookie information. By looking at these websites you may get ideas about what option works best for you.

Think of a cookie page like any other page: have excellent content, easy to read, well researched….

If you would like me to answer a specific question, please feel free to send me an e-mail / comment below.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s