New cookie regulations - are your clients ready?

James Chapman

By James Chapman on

Did you know that by May 2012 your clients' website needs to comply with the new EC PECR directive? If you don't, then grab a cuppa and let's begin.

What is the PECR directive?

The Privacy and Electronic Communications Regulations (PECR) 2011 means that web users should be given the opportunity to opt out of cookie usage when they visit a website (an “opt out”). This applies to websites in the EC at the moment, although it could move further afield in the future.

In the meantime, websites should provide its users with a clear explanation of how cookies and any information held about them is used.

The PECR directive DOES NOT apply to services specifically requested by the user or functionality essential to the use of the site, for example signing up for an account or checking out of an online store. 

So, what is a cookie exactly?

For those who aren’t sure, a cookie is a small file created by a website to store information. Cookies are stored on the users’ computer and examples of their usage includes:

  • Remembering account login details
  • Storing shopping cart contents
  • Remembering a user's website preferences
  • User account sessions

What can happen if your clients are not compliant?

There can be serious implications for your clients if their websites do not comply with the PECR rules. These include:

  • Civil monetary fines of up to £500,000 for the website owner
  • Fixed fine of £1000 for the service provider (agency or hosting company)
  • Audits of the current measures taken (if any)
  • Provide information required by the Information Commissioner for auditing purposes

What action do your clients need to take?

  • Check how cookies and similar technologies are used by your clients website
  • Assess how intrusive any cookies used are
  • Decide what solution is best on a per site basis, this could be:
    • Pop up or similar
    • Specifically highlight new terms regarding cookies and require understanding via a checkbox and button
    • Making consent a specific part of register/signup process
    • Requesting consent each time a cookie needs to be stored with a link to explain why

Summary

As with most rules and regulations, it can seem quite overwhelming at first. However, with a few (hopefully) minor modifications to your client's website, you can ensure they are in tip top shape. 

If you do need any clarification on any of this, leave us a comment below or contact us directly. We'd be glad to help!

Tags: 
cookies
law
clients
website