You've probably all heard of the 'EU Cookie Law' by now, but you might not know what it actually specifies and what's going to happen when it comes into place on 26th May 2012.
Named the 'EU e-Privacy Directive Compliance' (it doesn't solely apply to cookies); the law actually came into play last May, but the Information Commissioner's Office has given web masters 12 months to prepare for the enforcement of the law this year.
The law states that cookies or similar devices must not be used unless the user of the technology is provided with "clear and comprehensive information about the purpose of storage".
To summarise, websites must get permission from a user on their site before using any local storage or device (primarily cookies) to track and identify the user.
Putting into consideration that Google Analytics which is used by the majority of websites uses first-party cookies to gain measurement and analysis; this is a huge deal for the SEO industry, as they'll have to find new methods of gauging the success of a website.
"Websites must get permission from a user on their site before using any local storage or device (primarily cookies) to track and identify the user"
If we were all to follow the law for complete compliance, this would mean websites would have to ask every person to opt in; and with Econsultancy's findings that only 23% of web users would agree to cookies; Google Analytics data would be rendered inaccurate and unusable.
There are a few exceptions to the law, for example, a cookie which is used to remember the products a user wants to buy when they proceed to the checkout is acceptable However, the ICO's guidance on the directive states that "Cookies used for analytical purposes to count the number of unique visits to a website" will be unlikely to fall within the exception of the law.
Up until recently, many companies and agencies have been unsure about what to advise and what steps to take to ensure their clients' sites are complying with the law. In the last few weeks, Econsultancy and a few other industry news sites have begun to outline their plans to comply.
There are still a few unknowns about the law and what the risks entail, and it seems it will remain this way until after the 26th May when it will become clear which websites incur fines and which don't, only then will we know how strict the ICO's guidelines are.
For this reason, we're not in a place to instruct recommendation just yet, but there are a few things we'd suggest doing in the next month to prepare for the law implementation, and ensure you're not abusing your users' privacy.
- Understand it: Review the law documentation and make sure you fully understand what's required of your website. Take a look at the advice given and make every effort to comply.
- Audit it: Conduct a cookie and privacy audit of every single page of your website. You should then remove any scripts or tracking which you don't really need or use. Don't just specify this audit for cookies, cover email tracking and social buttons too.
- Write it: Take a look over the content of your website's privacy policy and make sure it's as comprehensive and transparent as it can be, referencing the EU Privacy law where relevant.
As mentioned above, there are still some areas of the law which are a little cloudy even to us, so we wouldn't want to make any further recommendations. But by taking the three steps above, you can ensure you're heading in the right direction and preparing yourself for the enforcement, as well as making your intentions a little clearer for your users.
Please get in touch if you want to talk about this further with our SEO or Digital teams, and let us know what steps you'll be taking to prepare for the 26th.
No hay comentarios:
Publicar un comentario