Clarification on Cookie Law

The Information Commissioner's Office (ICO) has recently clarified the idea of implied consent by posting an update to how they meet the Cookie Law on their own website. Find out more in the update from our Technical Director Simon Jones.

As previously reported the EU Cookie Law has been a confusing experience for most UK website owners, with mixed messages and conflicting advice on how to meet compliance. This has resulted in various ugly cookie acceptance banners which really don't do much to help the user experience.

However, the Information Commissioner's Office (ICO) has recently clarified the idea of implied consent by posting an update to how they meet the Cookie Law on their own website.

The ICO confirm that implied consent is indeed OK. Which is great, since the alternative where you had to get consent before setting cookies was rather insane - and would have rendered analytics systems such as Google Analytics redundant.

The ICO have taken the tactic of displaying a cookie banner on the bottom of their site informing the user of cookies, though they have not advised this is a necessary component of meeting the cookie law.

The key requirement is to make sure users can easily access information about cookies on the site. The official guidelines have various methods to meet this, but a simple link to a clearly labelled page (for example "Cookie policy") is acceptable. Cookie banners are not absolutely necessary at all. Your cookies page should inform the user that cookies are used on the site and what they are doing.

If your site collects more sensitive personal data then some form of actual consent may still be required. However, it's likely there is a registration system where terms and conditions can be agreed to. More information about cookies can be included in your terms. Just make sure that's not the only place you talk about them.

This update makes the whole Cookie Law a little clearer. If you need help auditing cookies on your site or writing that exciting Cookie Policy page, get in touch!

Update (July 2016)

We have written a simple tool to integrate the EU Cookie warning onto your site which we have released via open source. It simply displays a message the first time the user visits your site, then is hidden. This same, simple technique is used on the GOV.UK website so we think its by far the best solution out there.

Author: Simon R Jones

Leave a comment