Six Serving Men Blog

Six Serving Men Blog

This Blog provides views and articles associated with Business & Digital Strategy.

Waiting to see how the cookie crumbles is not enough?

Stef Elliott - Thursday, March 31, 2011

GingerBread Cookies  "Disable my cookies ? - Well I've bitten the legs off a gingerbread man !"

At the recent Information Commissioners Data protection officers conference and the UK DMA Data Protection event the Information commissioner Christopher Graham highlighted the impact that changes to the privacy and electronic communication regulations would make for organisations.

The changes come into effect on MAY 25th 2011 and result from the implementation of European Union Directive 29 that include focus upon how to gain website users consent for storing cookies. For more background see 

Overview on cookies -

Legal overview - or

The Department for Business Innovation and Skills - Implementing the revised EU Electronic Communications Framework - Approach and consultation information

It appears that opinion on what to do is still in consultation & observers have different perspectives on how and when the law will be implemented e.g. Financial Times overview or a recent BBC article that Government’s are not ready.

The rules will allow for the use of cookies on an opt-out basis (i.e. not having to inform web users) in certain circumstances. This will mean website owners will not need consent from the user to place cookies on their computers where the use of the cookies is strictly necessary for a service provided by the website owner at the request of the user - this will cover the use of cookies in shopping baskets on e-commerce websites  for example.

Whilst the legislators determine what sanctions will apply to companies that fail to adequately comply with the legislation it does throw up the question - So what should companies do?

Given web design and setting of cookie's has traditionally been the remit of web design and technical resources many businesses need to undertake a quick review i.e.

  1. Establish the web sites and microsites for which you have responsibility.
  2. Understand the cookies that are currently set - Try using browser development tools from Mozilla or Chrome.
  3. Establish what cookies you want / need to be set and why.

Simultaneously review the privacy policies you have published and see how they equate with actual practice.  Whilst most organisations have published policies, in reality they often have multiple versions, rarely maintained, that  do not reflect what they do in practice.

Whilst there is a large education process for consumers to understand cookies and the implications the best way to help your clients and web visitors unsure of what this means is to be transparent and ensure you do as you say you do !

Post has no comments.
Post a Comment

Captcha Image

Trackback Link
Post has no trackbacks.