What is a Cookie?

A cookie is a small file which is downloaded onto a computer and normally stored on the hard drive or web browser, when the user accesses certain websites.  The website uses these cookies to recognise a user’s device on each subsequent visit they make and create a profile for that user.  The website will then relate any advertisements or promotions on their website to the type of information they think is relevant to that user based on their profile.  There are two types of cookies.  The first are ‘session cookies’, which are held on the computer temporarily and are usually deleted when the user closes their browser.  The second are ‘persistent cookies’ which remain on the hard drive or web browser of the computer and are used during subsequent visits to the website.  The new regulations apply to both types of cookie.

Regulations on the use of cookies have been in force in the UK since 2003, however, there have recently been a number of amendments introduced in the EU and subsequently adopted by the UK, which have contained much more stringent rules on the usage of cookies by websites. 

The New Regulations

The new regulations, which came into affect in the UK on 26th May 2012, require all websites that use cookies to obtain freely given, informed consent from the user before being able to download any cookies onto their devices.  This will involve each website providing clear and specific information on what will happen on the website the user visits and adding some form of communication where the individual knowingly indicates their acceptance of the website’s use of cookies by, for example, clicking an ‘I accept’ icon, sending an email or subscribing to a service.

The Next Steps…

Affected websites, i.e those that use cookies or similar technologies, will need to carry out a number of steps to comply with the new regulations.  They will need to carry out an audit of their website in order to discover exactly how many and what type of cookies are being used.  They will then need to provide clear information, preferably on their homepage, about the use of cookies and how the user can ‘opt-in’ to using them.  Lastly, they will need to develop a system whereby the user can actively agree to the use of cookies on their device.  An example of this would be to provide a clearly highlighted paragraph on the homepage explaining what cookies are and how the user will be affected by them and then an ‘I accept’ or ‘I decline’ icon to enable to user to provide their freely given, informed consent.