Barely a day before the new EU Cookie law came into force in the UK the Information Commissioner’s Office (ICO) has backtracked on previous advice which stated UK website owners have to gain consent from users before cookies are set on their website.
ICO are now taking a more pragmatic approach stating that implied consent is OK, unless you are storing very sensitive data (such as health information) in which case you still may wish to gain explicit consent from users.
Over the past few months there has been a mass of oppostion to the new law, quite rightly claiming it will make EU websites far less competitive if the letter of the law is followed and services such as Google Analytics become impossible to use. It seems ICO have relented at the last minute and are saying exactly what all website owners are saying, that asking for consent up front is completely impractical.
This technically goes against the spirit of the EU law so it will be interesting to see how this pans out over the next six months or so. Internet law isn’t nececssarily a bad thing, but it has to be approached with a full understanding of how law should be implemented. A blunt approach to lawmaking on the internet generally ends up being bad for everyone, users and website owners alike.
So for now, keep calm and carry on. The main recommendation we’d give you is clearly inform your users of the cookies you use on your website and offer links to sites such as All About Cookies so users know how to remove cookies if they so wish.