Cookie Law
From 25th May 2012 it will be illegal to place cookies onto a visitors computer without the informed consent of the user/visitor. This is the law in the UK and other EU Member States.
We can argue the various pros and cons of this law but it is the law and is enforceable by the Office of the Information Commissioner (ICO).
The purpose of the law is to safeguard individuals personal information and prevent situations where (for example) their movements are tracked as they move around the internet and advertising targeted based on sites that they have visited.
At mh-p internet Limited we have consulted with colleagues, studied the law carefully and identified four groups of cookie and these are detailed in the Privacy Policy.
The cookie which gives us most concern is the one which is used to gather psuedo-anonymous statistical information on visitor usage of the website where there are two issues.
1. The first concerns third party information gatherers. Google is the biggest player, the ICO guidance says: "If the information collected about website use is passed to a third party you should make this absolutely clear to the user. You should review what this third party does with the information about your website visitors." Therefore it is clear consent must be achieved for a website to pass information to Google.
2. The second concerns informed consent. Human nature says that if you arrive at a website and you find something between you and the information you seek you will take the route of least resistance. "Can I store a cookie on your computer", 'Yes'/'No', will invarably result in a 'No'. It only takes a few visitors to say 'No' to skew your visitor statistics.
Our Solution
1. We have migrated all our customers to our own hosted solution Piwik. By moving to a first party gatherer we are able to enter into a joint Privacy Policy with our clients.
2. To avoid the knee-jerk reaction we have used a modal window where the visitor can simply click OK but they can also visit the Privacy Policy and change their mind at any time; something the ICO wanted deployed.
3. The ICO was not prepared to accept browser settings as a solution due to a lack of education on the subject. Our Privacy Policy explains the different types of cookie, provides information about how to manage cookies using the browser, explains that some cookies are important for the website to function correctly and for visitors to gain the best possible experience. Finally, all the cookies that we use are detailed in the Privacy Policy.