Digital marketers are not impressed with the EU’s new ‘cookie law’ and the vast majority don’t see any positive aspects to this e-privacy directive that is set to come into play on 26th May 2012.
A recent survey carried out by Econsultancy asked over 700 digital marketers for their opinions on the new cookie law and, it has to be said, the response was not particularly favourable.
The aim of the directive is to cut out unregulated applications of behaviour tracking technology and increase regulation on particular aspects of privacy and e-communications. The law will require website owners to ask the site user’s permission before they drop or read cookies on their browsers.
So what are cookies? Cookies are small chunks of data which are stored, by a website, in a browser and then returned to that same site via the browser. Cookies were designed with the intention of enabling websites to remember certain actions performed by a browser on that site and, depending on the cookies used, can remember that information for the duration of the session, a week, a month or even several years.
There are a variety of cookies being used, including the secure, the Http Only, the session, the persistent and the third-party cookie and, whilst not all of them are bad, they can be used, in the wrong hands, to collate extensive records of a user’s browsing histories and even for hacking into user’s accounts and it is this privacy issue that is the cause for concern.
However, cookies play a huge part in the world of digital marketing; one example of a cookie would be the use of an online shopping cart or basket where the cookie enables the shopper to store the items they wish to buy while they continue to browse the site.
Another example would be when you go to log into a secure online account, you tap in your email address, and your password is remembered. It is perhaps here that we can see the potential for hackers who will only require an email address to gain access to an account.
The Information Commissioner’s Office (ICO) has published some guidance for website owners within the directive on what steps should be taken towards compliance with the new law and this includes:
Carrying out an audit of all cookie usage on their sites
Assessing the intrusiveness of each cookie used
And, depending on how intrusive the cookies are, choosing an appropriate consent mechanism
In the directive, the ICO give some examples of invasive cookie use and provide some options for consent mechanisms but even they admit they aren’t really sure what compliance with the new law is likely to look like in the light of day.
While some website owners have begun, with much reluctance, to put plans in place in an attempt to comply with this somewhat confusing new law only 18% of the 700 digital marketers who took part in the survey believe that the directive is a positive step for the internet.
67% of the participants admitted that they were aware of the date when the new directive will come into play, and 57% said they had read the instructions. However, 46% have yet to carry out a cookie audit on their websites, and many don’t intend to at all.
Other businesses intend to wait and watch to see what happens to other companies before following suit and complying. There is the risk of being prosecuted by non-compliance but many companies are of the opinion that ‘you are damned if you do and you’re damned if you don’t’.
A new fear for website owners is that at present their users probably know tor don’t care about cookies but, with the new ‘cookie law’ making headlines and issues of privacy and tracking being rammed down their throats, they may start running scared. Where does that leave the majority of online businesses?