I don’t usually write about government policy or legal changes, but some laws directly affect the web while still leaving webmasters scratching their heads. With that in mind, meet the EU Cookie Directive.
A few years back, the European Union decided to mandate that all websites operating from EU member states should have to obtain consent from users before deploying cookies. While compliance has been easy for some, others have found it to be a real headache.
In this post I will explain the directive and what you need to do with your site to comply. I will also cover a selection of quality WordPress plugins that provide a solution.
What is the Directive?
It’s actually not a new law – the European Union just changed an old law. In 2009, the EU amended its E-Privacy Directive to require cookie consent.
EU member states technically had until 25 May 2011 to make sure that their own laws were in line with the directive. Each member state has the freedom to craft their own specific legal statutes so long as their laws meet the overall criteria set by the EU.
There’s a lot of legal mumbo-jumbo associated with it. But I’m not going to go into great depth on all of the wonderful judicial theory and legal specifications surrounding the directive – I am not a legal expert and this article should not be taken as official legal advice.
That said, I have done a good bit of reading on the directive and I want to give you a WordPress user’s view on how to comply – without the hassle.
Why Should You Follow the Directive?
Penalties for disobeying the directive will vary by country. In the UK, you face the possibility of a fine, but that is unlikely as long as you make an effort to comply.
The UK Information Commissioner’s Office explains that the directive doesn’t even require that much from you:
What Initial Steps Should You Take?
Even if you ultimately want to find a WordPress plugin to efficiently ensure compliance, it is still a good idea to gain an understanding of the first few steps you should take.
The UK Information Commissioner’s Office recommends that you start with a cookie audit – you should find out what cookies your site is using, because that will enable you to make informed decisions regarding compliance. This is as much for your own education as it is for your visitors’ privacy.
What if you don’t know how to do a cookie audit of your own? No need to worry – CookieCert provides free cookie audits for your website.
Which one should you rely on, explicit or implied consent? That depends on what kind of data your cookies deal with.
For example, if they store someone’s personal health care information, you should probably get explicit consent. But if your cookies simply remember login details for a discussion forum then it is probably safe to use implied consent.
That’s a lot to deal with, and unless you are running a website for a large company that fears legal liability, you probably don’t want to spend days on end trying to comply with some EU laws. Luckily for you, WordPress is here to save the day.
As is often the case, the WordPress community has stepped up to the plate with some handy plugins that will help you follow the directive.
EU Cookie Law Compliance Plugin by CookieCert
CookieCert’s plugin is designed to quickly make your site compliant with the directive. It obtains explicit consent by asking users if they will allow your site to create cookies.
It also does another cool thing – once you get a cookie audit at CookieCert.com, the plugin will link to a unique page that details all of the cookies that your site uses.
With a rating of 3.6 out of 5 stars in the WordPress plugin directory, it has been downloaded almost 4,000 times.
EU Cookie Directive
It has been downloaded over 4,300 times and has a rating of 3.8 out of 5 stars.
EU Cookie Law Compliance
Zafrira created this handy plugin for compliance and it gives you substantial control. The plugin generates a pop-up message that welcomes visitors to your site and asks for approval or denial to store cookies on the computer. Then you get to set which scripts are run based on approval or denial.
An additional feature that it boasts is integration with Google Analytics. Normally, if you cannot run cookies then you are left hanging on this front. But with this plugin you can enable a cookie-free version of Google Analytics that will store the hits of the visitor session.
With over 10,000 downloads and a rating of four out of five stars, this is one of the more popular plugins for complying with the directive.
Where To Go From Here?
Surveys have shown that a majority of people do not know how cookies work – much like a car, users want their websites to function, to get them places – but they don’t always understand what is going on “under the hood.”
The directive’s goal is to educate those people. Whether you think it is a half-baked dud of a scheme or an innovative start to Internet openness, the EU Cookie Directive was passed with the aim of informing users what kinds of cookies and similar files were being used on the sites they browse.
Compliance will help avert the possibility of legal troubles down the road, and it will enable communication with your visitors.
While complying with the directive presents potential problems, I am happy to say that WordPress once again reveals its utility – coders have stepped to the plate to craft plugins that face the issue of compliance head on so that you can sleep safe at night. After all, who doesn’t want that?