Thursday 26 May 2011

What's in your Cookie Jar?

Having reviewed the documentation from the EU Information Commissioner's Office, MoneySpyder have concluded the following, with regard to their new Web Cookie Policy.

(This advice is subject to change dependant on what the UK legislator determines later in 2011 or 2012.)

In our view all cookies will have to be consensual. Such that if the cookies are used in relation to the basket or login, it could be considered that a customer clicking on the 'Checkout' button to be consent.

Similarly, yet to be tested, that clicking links in marketing emails or on affiliate sites could also be considered to be implying consent.

There are still a lot of questions surrounding how best to get consent for cookies that do not have any form of implied consent, these include analytics measurement, behavioural marketing and re-targeting use.

The report makes it clear, however, that the concern is with cookies that allow companies to follow users across different sites.

It also states that privacy neutral cookies, are fairly benign and will not require the same level of overt consent to be obtained.

MoneySpyder recommend that changes be made to your 'Terms & Conditions' pages, that explain which cookies are used as well as giving the user the option to opt-out of using cookies (which would disable the site that they are on!).

A further action that could be taken is to set up a dedicated 'Cookie Policy' page and link to it in your sites footer. This would make it clear to anyone official reviewing that steps have been taken to address the new legislation.

MoneySpyder have drafted a suggested Cookie Policy page, that explains to users how cookies are used on a web platform, please contact us if you would like to get a copy.