The Cookie crumbles in 30 Days - will you face a £500k fine?

By Mike Kneller, Technical Director at bss Digital

In approximately a month (25 May 2012), European legislation on web privacy will impact over three million British businesses. The "Cookie law" or the the Directive on Privacy and Electronic Communications, will require all websites that use Cookies to seek consent from visitors to the site. The Information Commissioner's Office (ICO) has been given powers to fine website owners up to £500,000 for serious breaches in the law and could approach any business running a website and ask them to demonstrate how they comply.

The only cookies that are exempt are those "strictly necessary for a service", such as the cookies used by Amazon or Expedia for their shopping functionality. Even these sites will need to take steps to comply if they use cookies to track users, or to gather management information.

Most businesses are either unaware of this directive or are taking a 'wait and see' approach hoping that the odds of being prosecuted first out of over three million businesses are slim. The fact is if your site uses Google Analytics to track visitors, then you are impacted by this law.

Rather than burying your head in the sand, it is time to start preparing. The guidelines from the ICO are good place to start. Speak to your web developers to find out what type of cookies your site uses and what solution they recommend to obtain consent.

There is certain to be a conflict between the desire to collect as much information as possible from visitors to a site and not deterring people away. In order to achieve true transparency, all websites should be designed with the user's privacy top of mind. In the current economic situation businesses can ill afford a £500k fine. So, don't be a test case, take action now.