The Cookie Law is a piece of privacy legislation that requires websites to obtain consent from visitors to store or retrieve any information on a computer or any other web connected device, like a smartphone or tablet, and is designed to protect online privacy. It aims to make users aware of how information about them is collected by websites and enables then to choose whether or not they want to allow it to take place.
There are other technologies, like Flash and HTML5 Local Storage that do similar things, and these are also covered by the legislation, but as cookies are the most common technology in use, it has become known as the Cookie Law.
Non-compliance with the cookie law can lead to a fine being imposed by the Information Commissioner’s Office. It can also result in users choosing not to engage with a site if they believe their privacy to be at risk.
Compliance with the cookie law comes down to three basic steps:
1) Work out what cookies your site sets, and what they are used for, with a cookie audit.
2) Inform visitors how cookies on your site are used
In June 2012, European data protection authorities adopted an opinion that “some cookies can be exempted from informed consent under certain conditions if they are not used for additional purposes. These cookies include cookies used to keep track of a user’s input when filling online forms or as a shopping cart, also known as session-id cookies, multimedia player session cookies and user interface customisation cookies, eg language preference cookies to remember the language selected by the user.”
Below is an example of an implied consent notice in the footer of a website: