It’s not long now until the EU cookie law, the EU Directive on Privacy and Electronic Communications, comes into effect.
On 26th May 2012, all UK websites will need to comply with the new directive. According to a report by consultancy KPMG, issued this week, 95% of UK companies have yet to comply.
That’s a pretty poor show really, seeing as the directive came into force in May 2011 (even if the Information Commissioner’s Office did give us all a year’s grace to sort things out!)
But it’s more worrying when you realise that these companies are therefore risking fines of up to £500,000.
What do you need to do?
So now, to ensure that you’re compliant, you need to:
- Undertake an audit of the cookies that your site places on your users’ computers – you can do this for free using Attacat’s free Chrome toolbar extension; and
- Find out what information is taken from users of your website and decide whether it falls within or without the directive.
If you’re using cookies that are affected by the directive, you will then need to:
- Tell people that the cookies are there;
- Obtain their consent to store a cookie on their device.
Some solutions for your website
If you’re using a CMS like WordPress, Drupal or Joomla, then your site will almost certainly be using a number of plugins or modules that will be storing cookies on your users’ computers.
Here are some solutions for you to consider:
- CookieCert Cookie Consent Tag: this comes as a WordPress plugin or as some code you can add to your site. It places a consent bar at the top of your site and also provides a link to your site’s unique page on CookieCert.com which details the cookies found during a cookie audit of your site, which in turn allows you to demonstrate your compliance. It looks good so I tried the plugin, but it wouldn’t work for me. Configuring the code-only option is simple, but I didn’t add it to my site because I couldn’t find any instructions about exactly where to put it. I wasn’t sure if it had to be on each page, or if it should go in header.php or footer.php, or somewhere else. And I couldn’t be bothered to faff around testing it or trying to figure it out. I also couldn’t find any contact details for this company, and they offer “certification” for $195, so all things considered, I decided to steer clear.
- EU Cookie Directive is a simple WordPress plugin that displays a banner at the top of your website. You can configure it with your own message (and colours too if you know some CSS and how to edit it). I tested it on a couple of sites and it works well, but I don’t like it as much as the nifty Cookie Control plugin.
- The EU Cookie Law WP Plugin is also a WordPress plugin, but it costs £10 – or £25 for a multisite license – and I really can’t see the point in paying for something you can get elsewhere for free!
Photo credit: Gary Tamin