New Cookie Regulations in the UK

The Information Commissioner's Office are to set a new law starting from the 26th May 2011 which adds a lot of restrictions on the use of cookies on your website. They have been very sketchy on the level of compliance or how it will be policed. (direct link to the pdf document at ico.org.uk)

At the moment, if your site uses cookies, you are required to have a privacy policy stating that you use them, what information you collect and how you use it, along with a notification that you can disable them within your browser. The new law is requesting that if you use cookies, you have to get the site visitor to physically agree to allow you to use them before setting the cookie. ICO have given one exception to the rule:

"The only exception to this rule is if what you are doing is ‘strictly necessary’ for a service requested by the user. This exception is a narrow one but might apply, for example, to a cookie you use to ensure that when a user of your site has chosen the goods they wish to buy and clicks the ‘add to basket’ or ‘proceed to checkout’ button, your site ‘remembers’ what they chose on a previous page. You would not need to get consent for this type of activity."

Again, this is very sketchy. Who is to say what is necessary and what isn't? A lot of websites that do have members privileges will start a session as soon as you visit the website to check if you are logged in or not. Now because that is setting a cookie to identify your computer and assign a session id throughout your browsing, it would mean that you would have to give consent before the session is started. I can't think of any possible way to present the visitor with a consent form before the session starts as the session has to be the very first thing to load, and to make a JQuery popup form appear, the whole page would have to load server side first.

Another problem that a lot over developers have pointed out since hearing of this is; if a form pops up and you choose not to accept the cookies, the website has no way of storing that choice since it would need to use a cookie to do so. This would mean you would get the popup form on every single page of the site you visit.

So, is this just a case of politicians with zero technical knowledge trying to win votes? Will this law be officially passed on the 26th? I have serious doubts about this actually being enforced the way it reads in their guideline documents. I will be watching the ico.org.uk website closely over the next few weeks to see how they handle their own cookie consent forms. I'll also keep an eye on the big players such as the bbc, hmrc etc... to see if they adhere to the new laws and how they go about it.

Leave a Comment

All comments are appreciated. Comments are moderated before appearing on the site, so please don't bother trying leaving spam! Only genuine comments will be shown.

Your Name

Email Address (optional)

What year is it? (Spam Prevention)

Comment

Your Comments

Comment by Burchard on 18th August 2011 @ 10:08 am (GMT)

Now I'm like, well duh! Truly tahnfukl for your help.

moo.com business card printing123-reg Domain names

What's All This About?

Deanblog is a collection of articles written by Dean Morgan from Deanzod Limited. The aim of the site is to provide helpful information for everyone from web designers & developers right through to website owners. I will try and keep a good balance of information such as php/mySQL tutorials, html/css tutorials along with marketing ideas and advice for website owners.

Recent Articles