Businesses risk crumbling without better EU Cookie law guidance

The Government introduced a controversial new law regarding use of Internet cookies under the EU’s Privacy and Communications Directive back in May. It states that users will have to give permission for websites to install cookies on their...


The Government introduced a controversial new law regarding use of Internet cookies under the EU’s Privacy and Communications Directive back in May. It states that users will have to give permission for websites to install cookies on their Internet browsers.

While this offers consumers greater privacy on what sort of information is stored on various websites via cookies, at the same time it unfortunately has the potential to make the online experience less user friendly. Despite what some may think, cookies are not bad for consumers, in fact they are integral to how websites perform today.

Aside from this, it was the way that the law was introduced which really sparked controversy. Many would say it was disorganised and lacked clarity - to the detriment of both website owners and their visitors. Businesses have been given a year to comply with the law, before the ICO can hand out fines, but a few months in and there seems to be little progress on the situation.

Recent research from Socitm found that only six out of 603 public sector websites in the UK met the requirements of the law, which shows there is still a long way to go for the majority of organisations . But it’s the lack of awareness and education from the Government and ICO that has really made businesses question the law.

Legislators have also failed to address consumers’ needs to be educated on what cookies are, what information they store and how they facilitate the web user’s experience. Soon, they will need to make decisions about opting in and out of cookies, so they really need to understand the consequences first.

Trouble in the mix
Unfortunately, gestures of help from the ICO haven’t gone down well. The guidelines they produced to clarify the law actually posed more questions than answers. It is still unclear how the law applies to the average small business or what changes users need to make in order to comply with the legislation. It has good intentions in aiming to help protect peoples’ online privacy but it has opened up a minefield of compliance issues.

The Government would have done well to take a more proactive approach towards its implementation. Despite the fact that it has formed a working group with browser manufacturers to see if a browser-based solution to the issue can be found, this won’t do much to help the situation any time soon.

In fact, a clear process or guide to help with cookie compliance should have been identified well in advance of the deadline. The consequences of this legislation could potentially hinder growth for businesses that have complex or advanced websites that need to employ cookies, along with those looking to set up new sites. The ICO has said that websites can obtain consent through a number of methods, including asking users to consent through screen prompts. This is something which now appears on its own website (, with a banner and tick box at the top of the screen asking for consent to cookies.

There is a fear though that such measures will mean websites could become more static, less personal and ultimately less user-friendly if they go down a similar route. If users are presented with permission pop-ups for every site they visit, the user experience could become frustrating. However, less obstructive methods, such as obtaining consent from websites' terms and conditions or users' preference settings within the browser were also deemed appropriate.

E-commerce feels the crunch
The potential effects of the law on e-commerce sites could be particularly stark. If potential purchasers choose to opt out of cookies on such sites, the shopping basket personalisation that they’re used to could crumble, as these depend on cookie or session technology.

With more people shopping online, this could seriously affect profits for many online businesses. As such, online retailers will have to be extra cautious when it comes to deciding the technicalities of complying to the law to make sure they end up with user-friendly sites.

Digesting compliance
To meet the deadline next year, businesses will need to review their current websites now and identify how and where cookies are employed. They should evaluate how the new legislation might affect them and take appropriate action, whether it be going to the ICO directly with questions or speaking to web designers to get their thoughts. At the same time, many will be reluctant to do this due to the lack of guidance offered.

After all, businesses won’t want to invest lots of money in re-designing their website or consulting experts, only to find that shortly afterwards web browser companies come up with a less obtrusive way to seek compliance.

The final bite
Let’s hope businesses are soon given more of a helping hand when it comes to compliance. If the Government and ICO fail to better educate both consumers and organisations on the EU law, the web as we know it could become restricted and ultimately less useful, as online businesses struggle to find solutions to the cookie conundrum.

Consumers themselves may end up just opting out of cookies all together, and find that they are bombarded by constant pop-ups and certain areas of the web are simply inaccessible. What is clear is a solution is needed quickly or the Government risks stifling web innovation.

Posted by Andreas Edler, MD Hostway

"Recommended For You"

Socitm issues advice for councils on cookie law ICO says firms must 'try harder' with cookie law