Under an added amendment to the EU privacy directive, organizations conducting online marketing campaigns in the member states must receive explicit permission, or opt-in consent, to track individuals’ actions online.

The EU cookie directive law requires website visitors are informed if cookies are being used, the purpose they are being used for and the information they hold. Moreover, the big change is that websites should first request and receive the consent of users before using cookies which are not ‘strictly necessary’ for the functioning of the site.

ICO’s Deadline

The Information Commissioner’s Office (ICO) is generously giving UK organizations until 26 May 2012 to comply before it starts to enforce the EU cookie directive regulations.

Suggestions

Undertake an initial audit of your site

Undertake an initial audit of your site against the EU cookie directive to analyze the way cookies are being used. The audit should classify the individual cookies based on the role they currently play. The audit should also aim to define how third party cookies and partners are approaching new regulations.

Review your site privacy and terms of use

Review your site privacy and terms of use to ensure details are provided about how cookies are being used. Your site cookie policy should accurately describe how you use your customers’ data as well as the data practices on your site, including your use of analytics software and your advertising practices. Furthermore, the policy should include links to cookie advisory sites such as www.allaboutcookies.org. The privacy and cookie usage policy adopted by the BBC is one of the most comprehensive – including a detailed description of all cookies used and for what purpose. http://www.bbc.co.uk/privacy/bbc-cookies-policy.shtml. British Airways has actually included a stand-alone “View our cookie policy” link on their global landing page instead of simply adding the cookie usage information within their legal information section.

Determine a method of obtaining consent for cookies

Determine a method of obtaining consent for cookies, which will provide the best experience for users of your website and which will fulfill your requirements. Then put together a plan to implement this. Possibly implement a solution similar to how the ICO does it. See the top potion of their website (look for the light-box with the check-box inside it): http://www.ico.gov.uk/

Lead Liaison’s Approach

Although it is not entirely clear what the ICO’s expectations are for cookies used for “functional uses” and “feature-led consent” against the EU cookie directive, Lead Liaison is exploring a “Privacy Mode” setting which will help marketers’ further address the EU cookie directive. Prior to the implementation of any new features and/or settings, Lead Liaison has documented how our technology uses cookies and what cookies we set.

With a Privacy Mode setting, Lead Liaison’s platform would help marketers further comply with new opt-in requirements by automating the process of requesting opt-in consent from online visitors and automatically updating customers’ databases with contacts’ opt-in status. Lead Liaison users would check a setting in the application to enable the automated process.

Contact Lead Liaison to understand what cookies we set and why we set them.

Resources:

• http://www.webliquidgroup.com/blog/measurement-and-accountability/uk-cookie-law-part-4/
• http://optimiseweb.co.uk/solution-for-google-analytics-cookies-new-uk-cookies-law/

How do you think this will affect UK websites or businesses operating in the UK? What impact does this have on Google Analytics technology in Europe?

To be alerted of future posts, please click on the RSS button.