Cookies, as you probably know, are small text files that web sites can send to your computer. They are used in many different ways, from analysing the way a site is used to remembering payment details during online shopping. At their best, they make the interaction between you and a website faster and easier. In fact, without cookies, it would be very difficult for a website to allow a visitor to buy anything, remember any of their details or even keep them signed in.
So what does it all mean?
The ‘new’ law is actually an Amendment to the EU’s Directive on Privacy and Electronic Communications which came into force in July 2002. At that time the Directive recognised cookies as a "legitimate and useful tool" for many activities and made it compulsory for web sites to:
- inform users if and how cookies were being used on the site;
- make users aware that they could set their computers to reject cookies.
From 25 May 2011 all businesses and organisations with websites in the EU will have to get a user’s consent if they want to store or access usage information from users’ computers.Reading the wording of the Amendment, it seems as though users should be notified every time a cookie is to be placed on their computer unless the cookie "is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested".
Take a look at this (tongue-in-cheek) interpretation of what this could look like...
People are rightly seeing that an immediate problem will be the interpretation of the phrase “strictly necessary” and worrying about the effect that such ambiguity could have on businesses. Others sensibly point out that the directive is currently just that: it will take time for national governments to incorporate the directive into their own laws – and for regulatory bodies (like the UK’s Information Commissioner’s Office - ICO) to clarify how it will actually be applied.
Here’s what’s been said so far by the ICO and the government.
- The UK’s Information Commissioner, Christopher Graham has announced:
- A pragmatic approach appears to be being recommended by the Minister for Culture, Communications and the Creative Industries, Ed Vaizey:
- Be aware of the issue
- Include this awareness in our website planning
- Watch the ICO closely to see what they recommend
- Don’t panic!
Press release from the ICO:
More cookie chatter: