The imminent “enforcement” of the now infamous “EU Cookie Laws” on Friday 26th May has caused quite a stir over the last few weeks.
Everybody has there own interpretation of the law – and their own opinion as to how it should be dealt with, however, I feel it’s often best to take a moderate view on these things. That way we can derive an approach that achieves the best possible (sensible) practice, without going over-board.
The situation has been further complicated by reports from various sources (including the Wall Street Journal) that ICO are not planning heavy handed enforcement. Coupled with the revelation in the media that the UK Government is going to miss the ‘deadline’, I know what you’re thinking:
Why should I bother to do anything?
Based on some of the conversations I’ve had with people recently, you might be using some more colourful language!
In short, although ICO are unlikely to walk around slapping people with fines – and as can be deduced, enforcement is going to be tricky due to the sheer amount of websites in existence – the most likely circumstances under which someone could find themselves in hot water will arise if a complain regarding the (mis)use of sensitive information is made against them.
In this case I believe it’s possible that ICO could include non-compliance with the ‘Cookie Law’ (aka The Privacy and Electronic Communication Regulations or PECR) as a factor when dealing with the complaint. The best practice – and only advisable route – remains to comply with the legislation as best as is possible.
However, at the same time, I – like you – am reluctant to advocate spending a significant amount of time or resources on doing so; compared to other elements of data protection and privacy, there are more important things to do – like making sure your email newsletter is fully above board!
It was this line of thought that lead my colleague Chris at 2nd floor to come up with CookieCuttr – his jQuery Cookie Law compliance plugin, which offers a nice easy solution to prompt visitors for their permission to store cookies (and to tie into your own code so that you can prevent cookies being set). We worked together to build a WordPress plugin for CookieCuttr to make it even easier to get up and running.
You can learn more about CookieCuttr here: http://cookiecuttr.com
Ultimately, the most important thing to remember is that as a business (or website) owner, you’re the one who is liable at the end of the day. If you’re worried, or unsure, take professional advice – don’t rely completely on other peoples opinions!