Possible new law on 'cookies' threatens to create website havoc

A potential new EU law requiring businesses to get consent from visitors to their website before the site deposits 'cookies' on the visitor's computer could create confusion and cost for all businesses with a website.

A 'cookie' is the term for information that a website puts on the hard disk on your computer so that it knows something about you when you revisit the website. They are very commonly used, and one web page can deposit several cookies on a computer - especially if there are adverts on it.

However, new EU laws adopted by the European Parliament on 24 November 2009 on cookies will require computer users to give their consent before cookies can be deposited on their computers. The new law also says they must have been provided with 'clear and comprehensive information … about the purposes of the processing' before they do so.

A computer can be set to allow or to block cookies. There is currently a debate whether using a computer that is allows cookies is sufficient consent under the new law, or whether specific manual consent is required each time.

If specific consent is required each time, businesses would need to re-code their websites so that they ask for the visitor's consent every time they want to deposit a cookie on the visitor's computer. This would create costs for the business but, more importantly, severely disrupt the user's experience of their site. Another blow for UK businesses would be if the UK applied a more restrictive interpretation of the new law than other countries. The new law is due to be introduced in the UK within the next 18 months.

Recommendation
Monitor developments and, if specific consent is required, review your website to check where and when cookies are deposited on visitors' computers, so that the costs of coding for specific consent can be budgeted for.