Confused by Cookie Compliancy? Snap!

By Becky Reid, Marketing Manager

Recently I wrote a blog about the impending cookie law and what it means for UK businesses. With the jerk of a British knee (my own personal opinion), from 26th May all websites that use cookies are going to have to make visitors aware of the cookies and what they do in order to give them the chance to ‘Just say no!’ to them.

Now, I like my privacy as much as the next person – a year ago I was the victim of online identity theft and fraud – but I also believe that the majority of online activity and websites are genuine and looking to provide a great customer experience.

Website owners across the land are now trying to work out the best way to abide by the law without scaring off customers with pop up banners (no one likes those much, do they?), unfamiliar words and terms (do you know what a CFTOKEN is??) and other such annoying factors.

In the past month I have read the ICO’s latest guidance, then the ICC guidance document and finally the Digital Cabinet’s guidance for not-for-profit organisations. With all those documents suggesting slightly different approaches I turned to my web agency for their opinion as well as looking what other top companies like BT and the Beeb are doing.

Following on from a cookie audit, which included deleting and disabling some old and unnecessary cookies, we have opted against a pop up banner but instead have separated out and expanded our cookie policy from the corporate privacy policy and added that to the footer of the FIA website. We are also promoting the new policy via all our communication platforms in an effort to be upfront and open about our use of cookies.

But that’s doesn’t mean I have ticked the box and closed the project file… every time we improve our Google Analytics I will need to understand what cookie(s) are being added, amend the policy and promote that. The FIA cookie policy is a living document and so needs to be tended to just like any other company policies – reviewed at regular intervals, amended and communicated as required.

Longer term web browser providers (Google Chrome, IE, Firefox etc.) are looking at how to incorporate cookie acceptance into browsers as standard but for now all UK businesses must learn to live with the cookie law.

Oh, and if you were wondering what a CFTOKEN is it’s the name of one of the cookies we use to provide transaction support when using our online shopping facility.

Beware the Cookie Monster!

By Becky Reid, FIA Marketing Manager

Now, I’m not much of a biscuit person, preferring the delights of savoury foods to sweets, but lately I’ve been dreaming about cookies.

Chocolate chip? Hazlenut? Nope. I’ve been dreaming about those small text files that live on everyone’s computer and are the subject of much discussion in the marketing world at the moment. The bigwigs in Europe decided last year that some changes were needed to privacy laws and that the use of cookies needed to be addressed. The new law already exists but will be enforced from 26th May this year and I’m concerned about how many (if any) people know about this and how it going to affect them.

Now, I’m not a techno-geek (well, not completely) so hopefully I can explain it all in ‘normal person’ terms…

A cookie is a small text file that is placed on your computer when you’re browsing a website in order to improve your browsing experience. They are generally used to improve site functionality, like remembering what you’ve put in your shopping basket so that it’s still there when you go to the checkout or remembering what language you selected when first visiting a site. They are also used by marketers (like me) to see how many people click on an advert (so we know how appealing the advert is) or to track your journey through the FIA website (so we can see which pages work and which put you off!).

Cookies DON’T contain personal information about you or I and they are NOT viruses, but they can be used maliciously as spyware, providing a gateway for nasty people to see what keys you press when logging in to your online banking, for example.

Since 2003 it’s been the law that you need to tell visitors to your website about what cookies you use (do you already do that on your site?) but the law was then updated last year, making it a requirement to ask visitors to opt-in to having cookies downloaded onto their computer. Effectively we’ve just gone from opt-out to opt-in. And, yes, this law came in last May, although businesses are being given a 12 month grace period until 26th May 2012. After this date you could be prosecuted, which is what concerns me and which is why I’m on a one-woman mission to spread the word!

And if you think this law doesn’t affect you, I bet it does… Do you use Google Analytics or Google AdWords? Then you’re using cookies. Do any e-commerce from your site? Then you’re using cookies. Have a login area? Then you’re using cookies.

OK, so before you all go off and panic here are some simple steps you should take before the dawn rises on 26th May…
• Audit Your Cookies – what cookies do you use, what they do etc. Are they still relevant? Can you delete any of them?
• Gain Consent – you need to tell them they’re there, explain what they do and ask permission to use them. Maybe via banner, adding some words at point of subscription or clicking an icon.
• Update your Privacy Policy – to include what cookies are used and why and how to withdraw consent. This needs to be clearly promoted on your site, not hidden away.

As I’ve said I’m no expert and I’m busy sorting this out for the FIA just like you. But hopefully I’ve given you a bit of a steer.

For more information visit the Information Commissioner’s Office (the enforcers of this law!) website at www.ico.gov.uk.

Or view this ‘Stupid EU Cookie Law’ video by silktide:

Now where’s that biscuit barrel…I’ve got a strange craving for a HobNob.