A few words about cookies and your responsibility for them

From Sunday 27th May 2012, website owners are expected to offer visitors to their site the opportunity to manage the use of cookies. Specifically, “From Sunday, sites must obtain ‘informed consent’ from visitors before saving cookies on a machine.”

This is the UK enactment of some EC rulings made a little over a year ago.

On the basis that you need to be ‘informed’, let me give a brief explanation about what cookies are. This is how the BBC describe them:

“Cookies are small files that allow a website to recognise and track users. The ICO groups them into three overlapping groups:

Session cookies

Files that allow a site to link the actions of a visitor during a single browser session. These might be used by an internet bank or webmail service. They are not stored long term and are considered “less privacy intrusive” than persistent cookies.

Persistent cookies

These remain on the user’s device between sessions and allow one or several sites to remember details about the visitor. They may be used by marketers to target advertising or to avoid the user having to provide a password each visit.

First and third-party cookies

A cookie is classed as being first-party if it is set by the site being visited. It might be used to study how people navigate a site.

It is classed as third-party if it is issued by a different server to that of the domain being visited. It could be used to trigger a banner advert based on the visitor’s viewing habits.”

Cookies have been in use on the web since 1994.

For very large organisations, mainly in the commercial sector (such as ebay, Amazon and Tesco) these cookies will have been developed in-house and are crucial to you getting the best from their sites. The most common use is to make sure that a user browsing pages on a site is logged in. Imagine having to re-login every time you hit the back button by mistake.

For most non-commercial sites and for almost every small and medium enterprise, the program that places the cookies is developed by a third-party. By far the most common of these is Google. They have provided a tool that allows the owners of sites, like myself, to discover where their visitors are coming from, which web-browser they are using, and other information that helps us to design our sites to suit the users. Thus, I know that 50% of my visitors are now accessing my site using a mobile device (eg a phone) rather than a PC, and less than 10% use a Mac. I can make sure that my site is easily visible to them. I am only ever going to work in English, but I could tell if a significant proportion of visitors were from, say Germany or France, and prioritise producing a site in their language if I wanted to do so.

I use a website that manages subscriptions to my email newsletter. When people sign up their information is sent to that site (known as Mailchimp), which stores their name, email address, the date on which they signed up, and deduces from their IP address roughly where in the world they are accessing my site from. They have two opportunities to cancel this process (known as double opt-in) and can remove their details at any time they wish. A cookie is placed on their machine, in the folder defined by Microsoft in designing Windows, which should make sure that they are not prompted for this information again and, because it is accessible to WordPress too, the presence of which allows them to access a few special pages on the site intended only for registered users.

I don’t use Google Adwords on my sites, but if I did, then the Google tool I mentioned earlier would use cookies to remember what kinds of things users had recently searched for using the Google search page and then would put adverts on the site that matched these. I find this a little silly. If I search for ‘self-build conservatories’, find one and order it, then the last thing I want is to have ads for more such conservatories appearing for the next week or so, however, I understand how it works and just ignore them.

So, I hope you can see that in the vast majority of cases, sites are only using cookie placing software provided by well known and reputable companies, to improve the experience of the visitors to their site. There is nothing sinister about this.

What’s more, for the vast majority of sites that only use such things as the scripts provided by Google and Mailchimp or similar subscription providers, we have no control over these tools. They are innocuous, serve a purpose, and we simply sign up, add the code, and forget it. In order to provide informed consent BEFORE placing them on your machine, we would need to have far more control over the cookie placement code than we would ever want or could justify in terms of effort and cost. So the legislation, taken literally, is almost impossible for the vast majority of people using cookies, to implement.

However, all is not lost. You now know what they are about, why they are used, who writes the software that makes them work, and lot more. If you still feel that you don’t have enough information to decide whether to allow my site to potentially place a cookie on your machine, then try reading the Wikipedia entry for them.

As I have said, it is virtually impossible for ME to give YOU the option not to place a cookie on YOUR machine. However, it is possible for YOU to prevent ME from doing so. How do you do this?

You are using a browser – probably Microsoft Internet Explorer or Mozilla Firefox – to view this site. This may be in the PC version or a mobile implementation. Within each of these programs there is an option (on Mozilla it is “Tools > Options > Privacy”) which allows you to prevent sites (individually or all) from placing cookies on your machine.

For more information, from a very reliable source, check out the BBC’s own site advice on how to manage cookies – http://www.bbc.co.uk/privacy/cookies/managing/

I hope that you now feel that you are sufficiently ‘informed’, and by deciding NOT to block cookies from this site, you are assumed to have given your ‘consent’ to my placing a cookie on your machine.

And this has all been done at a time when the Government pledges to reduce the red-tape and bureaucracy confronting small businesses and says that it needs to draw more heavily on the support of charities and not-for-profits!

Don’t you just love them?!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.