|Pop-ups. We loved 'em.|
Pop ups. Remember them? Universally loved and then hated by everyone who 'surfed the net' what seems like years ago now. Tons of those windows popping all over the place offering you the latest deals on this and that, poker to porn and some 'legit' things as well.
Then our saviour came riding around the corner. Pop up blockers. Praise the lord. Then thankfully Microsoft, Mozilla and the gang built them in to our browsers and the problem went away.
The E-Privacy Directive has been a force in law since 25th May 2011 but businesses, the government and anyone who had a stake in digital cried "We're not ready". So we all had 12 month reprive.
I've spent a few months now working on how to comply with the policy without doing 2 things:
- completely disrupting the digital customer experience
- lose sight of how the digital channel is performing
The classification of cookies in to essential and non-essential for example is open to some big interprtation. If I classed all my cookies as 'non-essential' and therefore not needing active consent to drop a cookie on a visitors machine, who can disagree with me without doing a detailed technical audit of my digital infrastructure? I'm not sure exactly who is going to check anyway.
In theory I guess the ICO. There are 13.71 billion indexed webpages (not websites) on the internet according to Wolframalpha. Each of these has the potential to be an 'entry point' to a brand's website and drop cookies. Lets say 10% are owned by UK business so 1.4bn web pages.
That is a lot of checking. Lots. Of. Checking.
Ok, there'll be prioritisation to that list - banks will get priority I'm sure :) - and automated tools to help but that is still a huge task to check and confirm whether a business is compliant or not.
|Is your's clear?|
A picture is starting to emerge on what solutions people are adopting but there is a sense of people also playing their cards very close to their chest. The 'I don't want to be first to move' syndrome that does remind me of DDA compliance many years ago.
Also clearly stating what cookies you use and whether these are essential for providing a service, or not. If not essential then you'll need to get consent. Oh, and you'll need to use a cookie to remember that consent. The ultimate irony.
In case you are wondering, the ICO deems all analytics cookies as 'non-essential' so you need to get consent to drop them. Which means you are likely to see a big dip across all your analytics measures. This is where I'm looking to Google, Adobe and others for a cookieless solution but am hearing nothing on that front at the moment. Help please guys??