On 26 May 2011 a new law came into force which affects all businesses involved in e-commerce and, in particular, owners of websites using “cookies”.
Forget the biscuits, a cookie in this context is a text file which stores user information and allows your website to recognise a user’s device, for example, the contents of a customer’s shopping basket, counting the number of visitors to your site and viewing how they navigate around it. In practice this means most websites used for any kind of e-commerce.
Kelvin Balmont, partner at Clarke Willmott explains, “Previously websites had to tell customers about any cookie used and give them information allowing such customers to opt out. Now businesses must get specific consent.”
How businesses go about obtaining this consent is not, at present, at all clear. There is on-going work which means in the near future browser settings may be developed to address this. In the meantime specific “pop ups” or flagging the point in both the header and footer of your web page, may be appropriate.
What do you need to do to make sure your website is legal? The Information Commissioner’s Office (ICO) has produced guidance on the ways in which your business might meet the requirement for consent. There is time… although the new rules came into force on 26 May, the ICO has confirmed it will give businesses one year’s grace to “get their house in order”. However failure to act before May 2012 could mean a fine of up to £500,000.
In view of this we recommend an audit of your existing website; check what cookies you use, whether they are still necessary and consider how consent will be obtained. The better you understand the way your website currently works, the easier it will be to provide clear information about cookies and give your customers choices about their use.
To find out more about what the new Privacy and Electronic Communications Regulations mean for your business, please contact Kelvin Balmont.