Don’t Get Your Hand Caught in the Cookie Jar

Last year one of the more controversial pieces of legislation passed by the Information Commissioners office (ICO) when it comes to the internet and website development was the law that was brought in to deal with the use of cookies.

Cookies are the messages that are given to a web browser or server that is created from historical data of the user. The message contains data about the user picked up from memory and can influence the way we use the internet based on what we are interested in or have previously browsed. So it is effectively stored memory of the user.

Most websites use this information to improve functionality for the user and to track their own websites performance so they can continue to improve the user experience but it’s the minority that use this information dishonestly that have convinced the ICO to bring in this new law.

So what did the new law state when it was brought in? Well basically websites can no longer use cookies or similar processes unless they are considered absolutely necessary.

Necessary cookies are ones that remember login details or basket details when you’re shopping online. Anything that simply remembers your searching habits or the websites you have been looking at are now banned.

So what does this mean for websites? Is it a good thing or bad? Well for most websites within the EU it actually means that they are in fact breaking the law and could be classed as illegal.

Do not threat though, as you have until May 2012 to either get rid of the cookies associated to your site or create warnings for your users and the option to turn them off. But that, for a lot of website owners, is the problem and it also poses an annoying inconvenience for web users to, as in most cases it will mean the excessive use of pop ups.

The main problem with this method is, as I have previously mentioned most websites within the UK use cookies, so when you are browsing the internet as a user, you will soon become plagued by pop ups. This measure would effectively kill the internet experience for people and in turn cost a lot of companies business that they used to get without problems.

Of course the other way around the problems caused by the new cookie legislation is to simply remove them all. But this will also damage the user experience as website functionality is one thing that will particularly suffer.

What will happen you ignore the new law?

The ICO have not yet put any formal style of enforcement in place yet for those who do not become compliant to the new law but have hinted towards civil monetary penalties. These will not be enforced until after May 2012, largely down to the fact that even the ICO can see that making the necessary changes to meet the law, will have difficulties.

This is displayed in the action they have taken on their own website, where they have introduced a yellow pop up at the top of the page. This explains how the site uses cookies to track how people use the site and for some functionality and then offers them the opportunity to turn them off, with the warning of the effects this will have on the site.

The problem with the way they have done it is that it clearly contradicts the issue they are trying to counteract by introducing the law. It is written in a way that assumes that the person entering their site knows what a cookie is and what it does. The laws purpose is to help protect those who don’t know what a cookie is or does, so effectively by their own legislation their site is not compliant.

Overall Summary

Well ask any website developer what they think of the law and you may wish to cover you ears when they give their honest opinion. Yes, protecting people’s privacy is definitely an issue that needs addressing but bringing in this law is too sweeping for its purpose.

To put it into perspective, if one window cleaner was stealing from the properties he worked at. You wouldn’t then go out and ban all window cleaners or enforce that they get permission slips signed every time the come to clean your windows. It would slow their work down and annoy you as a home owner. You would instead sanction against the ones who are breaking the law.

The same can be said for website owners who use cookies. The majority use them for innocent purposes such as tracking how their own website performs so that they can improve the experience for future visitors of the site. It is the minority that are using them for dishonest means and it is them who should be punished.

Will this law ever be properly and fully enforced? Well the fact that when you set a pop up requesting  permission to use or not to use cookies, you will then need to use a cookie to record and remember the users answer, it is going to be extremely tough for the ICO to draw the line on this legislation.

For now most websites are carrying on as they go, but by May 2012, all website owners will have to of found some way to ask user consent for the use of cookies.