Does your website comply with the cookie law?


In May last year, the Information Commissioner’s Office (ICO) released some updated guidance regarding the EU’s ePrivacy Directive on how consumer data is stored, otherwise known as the ‘cookie law’.
Around the same time, the BBC announced that thousands of websites were now breaching the cookie law.
What does the law say?
The law requires all websites to ask visitors for permission to store information about them in the form of cookies. The purpose of this law is to raise consumers’ awareness about the information that is held about them.
What are cookies?
Cookies are pieces of data stored on your machine when you browse a website. They’re used to track your browsing habits. Sometimes this is so that the website remembers your account details, or what you have placed in a shopping basket (essential), and sometimes it’s so that websites can display targeted advertising (non essential).
What do you need to do?
If you have your own private practice website, you need to show that you are complying with the law. The problem is that nobody is really sure what complying with the law involves! As we mentioned at the start, the ICO released some guidance, but its meaning has been the subject of debate ever since by experts and non-experts alike.
Here’s what we recommend…
1. Find out what cookies your website is storing, and whether these are considered ‘essential’ or ‘non essential’. It’s called a ‘website audit’, and carrying it out demonstrates that you are already taking steps to comply with the law. Your website designer will be able to help with this.
2. Make sure your website privacy policy is up-to-date. It should tell visitors to your website about the cookies that you use. You should have a link to your privacy policy in the footer of your website. Some companies are now extracting all the information about cookies from their privacy policies and creating a new ‘cookie policy’.
Do I need to install the cookie pop up?
Have you started to notice a small pop up box appear when you visit a website for the first time? Many websites have introduced this pop up box to proactively inform visitors about the cookies and give them a choice about whether they want to allow them or not.
However, there is continued debate about whether this is actually necessary. The ICO’s latest guidance seems to indicate that it is not 100% necessary, BUT some people believe that the EU will rule that they are not enforcing the law correctly.
Many companies, large organisations included, have decided not to include the pop up box. Others have done the opposite.
What would we recommend? Firstly, make sure you do the minimum by following our recommendations above. Then, when it comes to the pop up box, ask your website designer for advice. You can also download the ICO’s full guidance from their site here.
What do you think?
Let us know your feedback below. This is an ongoing situation, and we’ll keep this blog post updated with any future developments – if you hear of any before we do let us know!